[c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2

Matthew Huff mhuff at ox.com
Sun Jun 21 16:47:11 EDT 2009


I'm afraid you are out of look. In order to get skype 3.0 into IOS, Cisco had to leave behind PDLM and hard code it. Even then it's pretty useless. Only solution is to get to 12.4(22)T+



----
Matthew Huff       | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com  | Phone: 914-460-4039
aim: matthewbhuff  | Fax:   914-460-4139

-----Original Message-----
From: Giorgos Manousakis [mailto:george at mang.gr] 
Sent: Sunday, June 21, 2009 6:52 AM
To: Matthew Huff; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2

Thanks for the reply,

Still there must be a way to prioritize (or block) skype traffic. In my
scenario just because of the small uplink bandwidth I need to give it
priority. 
I tried a packet capture on my pc and random ports were used. 
But maybe I can give priority to traffic destined to Level 3
communications... if I can define any prefixes on that... 

Can I download (from anywhere) skype nbar pdlm to give a shot? I cannot find
it.

BR

-----Original Message-----
From: Matthew Huff [mailto:mhuff at ox.com] 
Sent: Friday, June 19, 2009 10:58 PM
To: 'Giorgos Manousakis'; 'cisco-nsp at puck.nether.net'
Subject: RE: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2

Even with the newest Skype nbar pdlm or built-in nbar in 12.4T(x), it is
pretty useless. The majority of Skype traffic is sent now encrypted over
port 443. The only way I know to monitor/block it is with something like
bluecoat/websense, and then only at the point of origin (since you have to
proxy the ssl traffic at the source). I'd be happy to be proved wrong, but I
believe, at least for now, that Skype has won the war. 

----
Matthew Huff       | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com  | Phone: 914-460-4039
aim: matthewbhuff  | Fax:   914-460-4139



> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Giorgos Manousakis
> Sent: Friday, June 19, 2009 3:28 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2
> 
> Dear All,
> 
> i am trying to apply QoS on my aDsl interface (2048/256) and i need to
> give
> strict priority to voice traffic, including skype and g711.
> 
> I suppose that i can match the g711 by using nbar rtp audio protocol or
> by
> using source ports that are know on my asterisk server.
> 
> Because of randomness of skype protocol that kind of handling does not
> apply.
> I found that skype is included in nbar but only after 12.4 version.
> Unfortunately i cannot upgrade the ios of my 837 cause of lack of DRAM,
> which is not upgradable.
> So i tried to find a pdlm addon for skype, but it is not available for
> stand
> alone download (http://www.cisco.com/cgi-bin/tablebuild.pl/pdlm).
> 
> Can i found anywhere a skype.pdlm file? Is there any other way that i
> can
> match this traffic? Could i try rtp audio for that one too?
> 
> Thanks
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list