[87074] in North American Network Operators' Group
RE: QoS for ADSL customers
daemon@ATHENA.MIT.EDU (Church, Chuck)
Thu Dec 1 10:53:06 2005
Date: Thu, 1 Dec 2005 09:52:34 -0600
From: "Church, Chuck" <cchurch@netcogov.com>
To: "Ray Burkholder" <ray@oneunified.net>,
"Ejay Hire" <ejay.hire@isdn.net>
Cc: "Kim Onnel" <karim.adel@gmail.com>, "NANGO" <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
But be careful about the CPU usage and platform support for NBAR. I
don't think the sup720 will do NBAR, at least that's what I heard.=20
Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation Team
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 864-266-3978
cchurch@netcogov.com
PGP key: =
http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0x4371A48D=20
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
Ray Burkholder
Sent: Thursday, December 01, 2005 8:52 AM
To: Ejay Hire
Cc: 'Kim Onnel'; 'NANGO'
Subject: RE: QoS for ADSL customers
There are a bunch of p2p and torrent custom classifier pdlm's at
http://www.cisco.com/cgi-bin/tablebuild.pl/pdlm
Quoting Ejay Hire <ejay.hire@isdn.net>:
>=20
> I got an off-list reply about using Nbar, but I've never
> seen a class map that would match torrent.
>=20
> -e=20
>=20
> > -----Original Message-----
> > From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]
> On=20
> > Behalf Of Kim Onnel
> > Sent: Thursday, December 01, 2005 7:12 AM
> > To: Ejay Hire
> > Cc: NANGO
> > Subject: Re: QoS for ADSL customers
> >=20
> > Our ADSL customers traffic is 3 OC3 worth of traffic, I
> dont=20
> > think our management would buy the idea.
> >=20
> > thanks
> >=20
> >=20
> > On 12/1/05, Ejay Hire <ejay.hire@isdn.net> wrote:
> >=20
> > Hello.
> > =09
> > Going back to your original question, how to keep
> from
> > saturating the network with residential users using
> > bittorrent/edonkey et al, while suffocating business
> > customers. Here goes.
> > =09
> > Netfilter/IpTables (and a slew of commercial
> products I'm=20
> > sure) has a Layer 7 traffic classifier, meaning it
> can
> > identify specific file transfer applications and set
> a
> > DiffServ bit. This means it can tell between a real
> http
> > request and a edonkey transfer, even if they are
> both using=20
> > http. It also has rate-limiting capability. So...
> If you
> > pass all of the traffic destined for your DSL
> customers
> > through an iptables box (single point of failure)
> then you
> > can classify and rate-limit the downstream rate on a
>=20
> > per-application basis.
> > =09
> > Fwiw, if you are using diffserv bits, you could push
> the
> > rate-limits down to the router with a qos policy in
> it
> > instead of doing it all in the iptables box.
> > =09
> > References on this.. The netfilter website (for=20
> > classification info) and the Linux advanced router
> tools
> > (LART) (qos info/rate limiting)
> > =09
> > -e
> > =09
> > =09
> > > -----Original Message-----
> > > From: owner-nanog@merit.edu
> [mailto:owner-nanog@merit.edu]
> > On
> > > Behalf Of Kim Onnel
> > > Sent: Thursday, December 01, 2005 3:26 AM
> > > To: NANGO
> > > Subject: Re: QoS for ADSL customers=20
> > >
> > > Can any one please suggest to me any commercial or
> none
> > > solution to cap the download stream traffic, our
> upstream
> > > will not recieve marked traffic from us, so what
> can be
> > done ?
> > >
> > >
> > > On 11/29/05, Kim Onnel <karim.adel@gmail.com>
> wrote:
> > >
> > > Hello everyone,
> > >
> > > We have Juniper ERX as BRAS for ADSL, its
> GigE
> > > interface is on an old Cisco 3508 switch with an
> old IOS,
> > its
> > > gateway to the internet is a 7609, our transit
> internet
> > links
> > > terminate on GigaE, Flexwan on the 7600
> > >
> > > The links are now almost always fully
> utilized, we=20
> > want
> > > to do some QoS to cap our ADSL downstream, to give
> room
> > for
> > > the Corp. customers traffic to flow without pain.
> > >
> > > I'm here to collect ideas, comments, advises
> and
> > > experiences for such situations.=20
> > >
> > > Our humble approach was to collect some p2p
> ports
> > and
> > > police traffic to these ports, but the traffic
> wasnt much,
> > =09
> > > one other thing is rate-limiting per ADSL
> customers IPs,
> > but=20
> > > that wasnt supported by management, so we thought
> of
> > matching
> > > ADSL www traffic and doing exceed action is
> transmit, and
> > > police other IP traffic.
> > >
> > > Doing so on the ERX wasnt a nice experience,
> so=20
> > we're
> > > trying to do it on the cisco.
> > >
> > > Thanks
> > >
> > >
> > >
> > =09
> > =09
> >=20
> >=20
> >=20
>=20
>=20
> --=20
> Scanned for viruses and dangerous content at=20
> http://www.oneunified.net and is believed to be clean.
>=20
>=20
--=20
Ray Burkholder
http://www.oneunified.net
ray@oneunified.net
441 505 7293
-------------------------------------------------
Sent from http://www.oneunified.net via IMP: http://horde.org/imp/
--=20
Scanned for viruses and dangerous content at=20
http://www.oneunified.net and is believed to be clean.
