nanog mailing list archives
RE: QoS for ADSL customers
From: "Church, Chuck" <cchurch () netcogov com>
Date: Thu, 1 Dec 2005 09:52:34 -0600
But be careful about the CPU usage and platform support for NBAR. I don't think the sup720 will do NBAR, at least that's what I heard. Chuck Church Lead Design Engineer CCIE #8776, MCNE, MCSE Netco Government Services - Design & Implementation Team 1210 N. Parker Rd. Greenville, SC 29609 Home office: 864-335-9473 Cell: 864-266-3978 cchurch () netcogov com PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D -----Original Message----- From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of Ray Burkholder Sent: Thursday, December 01, 2005 8:52 AM To: Ejay Hire Cc: 'Kim Onnel'; 'NANGO' Subject: RE: QoS for ADSL customers There are a bunch of p2p and torrent custom classifier pdlm's at http://www.cisco.com/cgi-bin/tablebuild.pl/pdlm Quoting Ejay Hire <ejay.hire () isdn net>:
I got an off-list reply about using Nbar, but I've never seen a class map that would match torrent. -e-----Original Message----- From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]OnBehalf Of Kim Onnel Sent: Thursday, December 01, 2005 7:12 AM To: Ejay Hire Cc: NANGO Subject: Re: QoS for ADSL customers Our ADSL customers traffic is 3 OC3 worth of traffic, Idontthink our management would buy the idea. thanks On 12/1/05, Ejay Hire <ejay.hire () isdn net> wrote: Hello. Going back to your original question, how to keepfromsaturating the network with residential users using bittorrent/edonkey et al, while suffocating business customers. Here goes. Netfilter/IpTables (and a slew of commercialproducts I'msure) has a Layer 7 traffic classifier, meaning itcanidentify specific file transfer applications and setaDiffServ bit. This means it can tell between a realhttprequest and a edonkey transfer, even if they areboth usinghttp. It also has rate-limiting capability. So...If youpass all of the traffic destined for your DSLcustomersthrough an iptables box (single point of failure)then youcan classify and rate-limit the downstream rate on aper-application basis. Fwiw, if you are using diffserv bits, you could pushtherate-limits down to the router with a qos policy initinstead of doing it all in the iptables box. References on this.. The netfilter website (for classification info) and the Linux advanced routertools(LART) (qos info/rate limiting) -e > -----Original Message----- > From: owner-nanog () merit edu[mailto:owner-nanog () merit edu]On > Behalf Of Kim Onnel > Sent: Thursday, December 01, 2005 3:26 AM > To: NANGO > Subject: Re: QoS for ADSL customers > > Can any one please suggest to me any commercial ornone> solution to cap the download stream traffic, ourupstream> will not recieve marked traffic from us, so whatcan bedone ? > > > On 11/29/05, Kim Onnel <karim.adel () gmail com>wrote:> > Hello everyone, > > We have Juniper ERX as BRAS for ADSL, itsGigE> interface is on an old Cisco 3508 switch with anold IOS,its > gateway to the internet is a 7609, our transitinternetlinks > terminate on GigaE, Flexwan on the 7600 > > The links are now almost always fullyutilized, wewant > to do some QoS to cap our ADSL downstream, to giveroomfor > the Corp. customers traffic to flow without pain. > > I'm here to collect ideas, comments, advisesand> experiences for such situations. > > Our humble approach was to collect some p2pportsand > police traffic to these ports, but the trafficwasnt much,> one other thing is rate-limiting per ADSLcustomers IPs,but > that wasnt supported by management, so we thoughtofmatching > ADSL www traffic and doing exceed action istransmit, and> police other IP traffic. > > Doing so on the ERX wasnt a nice experience,sowe're > trying to do it on the cisco. > > Thanks > > >-- Scanned for viruses and dangerous content at http://www.oneunified.net and is believed to be clean.
-- Ray Burkholder http://www.oneunified.net ray () oneunified net 441 505 7293 ------------------------------------------------- Sent from http://www.oneunified.net via IMP: http://horde.org/imp/ -- Scanned for viruses and dangerous content at http://www.oneunified.net and is believed to be clean.
Current thread:
- Re: QoS for ADSL customers, (continued)
- Re: QoS for ADSL customers Mikael Abrahamsson (Dec 01)
- RE: QoS for ADSL customers Sean Donelan (Dec 01)
- RE: QoS for ADSL customers Joe Shen (Dec 06)
- RE: QoS for ADSL customers william(at)elan.net (Dec 06)
- RE: QoS for ADSL customers Ejay Hire (Dec 06)
- RE: QoS for ADSL customers william(at)elan.net (Dec 06)
- RE: QoS for ADSL customers william(at)elan.net (Dec 06)
- Re: QoS for ADSL customers Greg Boehnlein (Dec 01)