[c-nsp] Limiting bandwidth from specific source
Antoine Monnier
mrantoinemonnier at gmail.com
Wed Oct 21 02:49:02 EDT 2015
thanks to all for the feedback.
Jeremy, would you know since which release that NBAR 2 capability of
matching youtube is available? or at least on which release you have
implemented that.
thanks
On Tue, Oct 20, 2015 at 3:47 PM, Jeremy Bresley <brez at brezworks.com> wrote:
> Since you specificially mentioned an ASR1K, if you have the AVC license
> ($10K list RTU license), you can enable NBAR2 which does identify Youtube
> traffic.
>
> Router#sh ip nbar protocol-id youtube
>
> Protocol Name id type
> ----------------------------------------------
> youtube 82 L7 STANDARD
>
> Router#sh ip nbar protocol-attribute youtube
>
> Protocol Name : youtube
> encrypted : encrypted-yes
> tunnel : tunnel-no
> category : consumer-streaming
> sub-category : consumer-video-streaming
> application-group : flash-group
> p2p-technology : p2p-tech-no
> traffic-class : multimedia-streaming
> business-relevance : business-irrelevant
>
> There are some overhead concerns with doing DPI on all your traffic, make
> sure you're not turning this on a link or router that is overtaxed, etc,
> but it can be done. We do this on our internal MPLS headends running on
> ASR1004/RP2s and don't normally exceed 10-15% CPU usage at gig speeds. You
> can also use the NBAR classifiers in a QoS policy if they want to
> rate-limit/shape/police that traffic.
>
> Jeremy "TheBrez" Bresley
> brez at brezworks.com
>
>
>
> On 10/20/2015 1:45 AM, Antoine Monnier wrote:
>
>> thanks Vijay.
>>
>> so just to clarify the problem is on some customer facing circuits.
>>
>> Is there a way to identify "youtube" specific traffic compared to "all of
>> Google services" traffic? Does Youtube use specific IP ranges?
>>
>>
>>
>> On Tue, Oct 20, 2015 at 8:42 AM, Vijay S <vijay.hcr at gmail.com> wrote:
>>
>> Well Google has ggc program which will give you free Google peering you
>>> dont need to pay to Google or any service provider except connectivity
>>> cost.
>>>
>>> And to limit traffic from specific source you can use class based qos.
>>>
>>> Regards
>>> Vijay A.
>>> On Oct 20, 2015 12:08 PM, "Antoine Monnier" <mrantoinemonnier at gmail.com>
>>> wrote:
>>>
>>> Hi All,
>>>>
>>>> We are running into capacity issues on some internet pipes and this is
>>>> affecting "business" traffic.
>>>> A quick analysis showed us that roughly 40% of traffic on that specific
>>>> pipe comes from Google-owned IP ranges.
>>>> We are guessing that most of it is Youtube and we are being asked to
>>>> come
>>>> up with a solution to throttle that traffic. (Apparently making users
>>>> sign
>>>> internet-use policy is not effective!)
>>>>
>>>> Is there a way to identify youtube specific traffic on an ASR1K purely
>>>> based on L3 info?
>>>>
>>>> And going more broadly, how are others handling such issues generally?
>>>>
>>>> (sure, we can upgrade the bandwidth if they have the money, but
>>>> congestion
>>>> point is just going to move further down their internal WAN network)
>>>>
>>>>
>>>> Thanks
>>>> _______________________________________________
>>>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>
>>>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list