Andy Furniss wrote:
Bill Blum wrote:
Hi-
I'm working in the IT department of a small liberal arts university--
we're
getting *massacred* by P2P traffic.
Informal testing/probing indicates that about 60% of our traffic from the
dorms was P2P-- we've taken the initial step of hardlimiting the dorms
to no
more than 40% of outgoing university bandwidth. Also, we've blocked the
'standard' ports for KaZaa, Gnutella, etc. in our firewall/switch setup
(Cisco Catalyst 6500 between us and the net at large)....
One way of doing this is to use a Linux machine in between and use ipp2p
netfilter plugin to identify P2P traffic. Even if we shut out standard
ports, these apps work on commonly used ports like 80,110,25 etc. :-(
You can rate limit using ipp2p or mark packets using ipp2p and then
shape that traffic using tc.
Mohan
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
