anyone block bit torrent? i have a site that has relatively low usage on it however there are a few clients doing bittorrent which is slowing it way down. im not even sure what the source port would be to block? any suggestions?
Vince
its a standardised protocol… CISCO policy maps should be able to pick it up… or we use packet shaper
Doesnt’ torrent use ports 6881 > 6889?
normally it would connect to a central connector on standard ports defined by the client files… once connected it will move across to any port at random…
Friggin Torrent. It’s so good, yet it’s so VERY bad!!
Hey!
Yeah, friggen file sharing in general … .
so good, and yet . …
the deal is you can’t really stop it, or even halfwits will raise a fuss.
Sooo . …
Limit the hell out of it.
We once ran traffic through an Allot box. God how i luved the thing … .
the many nights we spent together, staring at traffic client vs. protocol … .
Nowadays, you can do that on the cheap if you want to build a Linux box, and pay some stooge (my cat is avialable, but he sub-contracts … .
i wouldn’t recommend it) … .
to install freeware.
(try and keep up)
the short story is that you need to compartment your filesharing traffic away from the rest of your customers.
and limit the hell out of it.
by number of connections is the easy way to limit bandwidth, as pertains to filesharing.
by protocol is the cleanest (i.e. bearshare gets 100 up/down, no matter how many connections it opens).
Don’t throw too much money at re-inventing the wheel.
I am on the same page as newcastle - you need to try and keep the filesharing traffic seperate from the rest. This way you can throttle back P2P and let the rest flow nicely through your router.
I use the NetEnforcer from Allot (probably the same one necastle used), but at the cost its not for everyone. There a number of open source packages out there that will help in this.
Aaron
Yeah pretty much same problem I’m having. I’m going to have to look for some of that open source stuff because other than that something needs to be done.
we use packetshaper from packeteer… it can be done on a Mikrotik and also Linux can do shaping… its part of the kernel look at the command “tc”
Hey Guys,
Can you be a little more specific on what open souces packages can help limit P2P traffic?
:shock:
Look here:
http://www.ipp2p.org/
http://l7-filter.sourceforge.net/
I have used these in combination on a college campus of 1000+ students sharing 2 T1s with great success.
http://www.google.ca/search?hl=en&q=open%2Bsource%2Btraffic%2Bshaper&meta=
Failing some reading, both m0n0wall and pfSense have Traffic Shaping capabilities you could try - both open source and both free (all you need is hardware).
Aaron
mmm… I wonder if they can handle 20MB pipe to traffic shape… I guess would need a powerful machine…
I am fairly active on the m0n0wall mailing lists and there have been discussions about large bandwidth requirements - not sure of exact numbers right now. It would all depend on the hardware used - processor NICs, and RAM (m0n0wall is loaded into the memory at boot-up and runs there, only accessing storage devices for config changes).
At one point I had it loaded onto a Dell Poweregde 1850 - it ran quite nicely with 2 GB of ram. 
Major overkill though.
Aaron
well I am considering spending $15k on a packetshaper…