[429] in resnet
Re: Blocking ports using Cisco IOS 12.1
daemon@ATHENA.MIT.EDU (Scott Genung)
Tue Nov 20 14:36:57 2001
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Message-ID: <4.3.1.2.20011120104535.03d617a8@mail.ilstu.edu>
Date: Tue, 20 Nov 2001 13:21:02 -0600
Reply-To: Resnet Forum <RESNET-L@listserv.nd.edu>
From: Scott Genung <sagenung@ILSTU.EDU>
To: RESNET-L@listserv.nd.edu
In-Reply-To: <200111201606.LAA11230@listserv.nd.edu>
Jack,
At 11:06 AM 11/20/2001 -0500, you wrote:
>We are having a hard time blocking Kazza and Morpheus by just denying
>their IP address. We would like to block port 1214 but we can't figure
>out how to do this. We have a Cisco 7200 series router with Cisco IOS
>12.1 running on it. Does any one have any experience with port blocking
>on a Cisco router?
Blocking these applications will likely just force your users to find
alternate applications. Then, you'll just end up playing a cat and mouse
game over what applications are blocked and what aren't.
As an alternative, you may want to consider using CAR (Committed Access
Rate). It's a poor mans QoS technique under IOS that allows you to define
the maximum aggregate volume consumed by sockets or combinations or
sockets. This is something that you can do quickly and easily to reduce
your fan mail.
I wouldn't recommend CAR as a complete QoS strategy because it assumes that
you can identify your applications based upon static sockets - a bad
assumption for many applications. However, CAR is what we started with a
couple of years back and it was helpful in keep the flood waters at bay
until we could develop a more functional QoS model.
Scott Genung
Manager of Networking Systems
Telecommunications and Network Support Services
Illinois State University
(309)438-8731 http://www.tnss.ilstu.edu
___________________________________________________
You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
