Educause Security Discussion mailing list archives

Re: classifying P2P traffic

From: Shumon Huque <shuque () ISC UPENN EDU>
Date: Mon, 11 Feb 2008 19:47:51 -0500

On Tue, Jan 29, 2008 at 07:04:41PM -0600, John Kristoff wrote:

On Tue, 29 Jan 2008 09:18:55 -0600
"Julian Y. Koh" <kohster () NORTHWESTERN EDU> wrote:

dynamic subpartitions for our dorm/wireless/VPN IP ranges to limit
unclassifiable traffic to 512Kbps per host based on IP address.  But
overall it seems to be working quite well with that arrangement.


Does anyone just do that, per /32 (or something slightly larger),
limiters or dropping knobs and not bother trying to classify the app?


We've been doing exactly this for about 6 years now - per /32,
application agnostic, only for the dorm networks, and the rate
limits are applied at the campus border(s).

--Shumon.

Current thread:

Re: classifying P2P traffic, (continued)
- Re: classifying P2P traffic Lutzen, Karl F. (Jan 29)
- Re: classifying P2P traffic jkaftan (Jan 29)
- Re: classifying P2P traffic Alex (Jan 29)
- Re: classifying P2P traffic Samuel Young (Jan 29)
- Re: classifying P2P traffic Cal Frye (Jan 29)
- Re: classifying P2P traffic John Kristoff (Jan 29)
- Re: classifying P2P traffic Dan Oachs (Jan 29)
- Re: classifying P2P traffic Cal Frye (Jan 29)
- Re: classifying P2P traffic John Kristoff (Jan 30)
- Re: classifying P2P traffic Valdis Kletnieks (Jan 30)
- Re: classifying P2P traffic Shumon Huque (Feb 11)