On Mon, 15 Jul 2002, Peter John Hill wrote:
--On Sunday, July 14, 2002 9:26 PM -0400 Art Houle <houle@zeppo.acns.fsu.edu> wrote:
On Sun, 14 Jul 2002, Marshall Eubanks wrote:
On Sun, 14 Jul 2002 21:13:13 -0400 (EDT) Art Houle <houle@zeppo.acns.fsu.edu> wrote: Or, to put it another way, how are the packets marked ? And why not just drop them then and there, instead of later ?
If we are not using our WAN connections to capacity, then p2p traffic can expand and fill the pipe, but if business packets are filling the pipes, then the p2p stuff is throttled back. This makes 100% use of an expensive resource.
So, you are doing straight tcp port filtering. Are there any clients that use dynamic ports? Things will get trickier for you. Other than Packetteer, are there any other products that can look into the data of a packet at any usable rate to do filtering/marking?
We look at ports mostly to mark the packets, but we are also using cisco 'pdlm' to discover the p2p stuff. We are not doing port filtering to drop packets, WFQ is doing the drop function. policy-map cbwfq2ISPonPVC class class-default random-detect dscp-based random-detect dscp 0 5 10 8 random-detect dscp 8 15 22 16 random-detect dscp 16 20 30 32 random-detect dscp 24 30 45 64 random-detect dscp 48 40 60 128 random-detect dscp 56 50 75 256 fair-queue fair-queue queue-limit 24 queue-limit 72 vc-class atm Sprint-ISP ubr 45000 encapsulation aal5snap interface ATM0/0/0.1 point-to-point pvc 0/106 class-vc Sprint-ISP service-policy out cbwfq2ISPonPVC
sho policy-map interface
Class Random Tail Minimum Maximum Mark Output drop drop threshold threshold probability packets 0 6960177 19227320 5 10 1/8 962935241 8 245 16 15 22 1/16 47165439 16 0 0 20 30 1/32 2754705 24 0 0 30 45 1/64 18453509 48 0 0 40 60 1/128 62112 56 0 0 50 75 1/256 119861 fair-queue: per-flow queue limit 24 queue-limit 72 Art Houle e-mail: houle@acns.fsu.edu. Academic Computing & Network Services Voice: 850-644-2591 Florida State University FAX: 850-644-8722