From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mohan Sundaram Date: Tue, 19 Sep 2006 02:21:51 +0000 Subject: Re: [LARTC] Suggestions/Pointers on where to begin my search for Message-Id: <450F516F.1030908@vsnl.com> List-Id: References: <6aa4d09a0608240632q47de4e83k89f6de0eb078bdd4@mail.gmail.com> In-Reply-To: <6aa4d09a0608240632q47de4e83k89f6de0eb078bdd4@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Andy Furniss wrote: > Bill Blum wrote: >> Hi- >> I'm working in the IT department of a small liberal arts university-- >> we're >> getting *massacred* by P2P traffic. >> >> Informal testing/probing indicates that about 60% of our traffic from the >> dorms was P2P-- we've taken the initial step of hardlimiting the dorms >> to no >> more than 40% of outgoing university bandwidth. Also, we've blocked the >> 'standard' ports for KaZaa, Gnutella, etc. in our firewall/switch setup >> (Cisco Catalyst 6500 between us and the net at large).... > One way of doing this is to use a Linux machine in between and use ipp2p netfilter plugin to identify P2P traffic. Even if we shut out standard ports, these apps work on commonly used ports like 80,110,25 etc. :-( You can rate limit using ipp2p or mark packets using ipp2p and then shape that traffic using tc. Mohan _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc