I would agree with you that the performance will be much better, and the price is not that much worse. Regardless, if your interested in nbar and dropping peer to peer, this seems to work for me:
! class-map match-all ICMP match protocol icmp class-map match-any PEER2PEER match protocol fasttrack match protocol edonkey match protocol gnutella match protocol kazaa2 match protocol bittorrent match protocol napster ! ! policy-map DROP class PEER2PEER drop class ICMP police 8000 1000 conform-action transmit exceed-action drop SIOGMC-IRTR01#sh policy-map int ser 0/0/0:0 Serial0/0/0:0 Service-policy input: DROP Class-map: PEER2PEER (match-any) 4286 packets, 1224059 bytes 30 second offered rate 0 bps, drop rate 0 bps Match: protocol fasttrack 675 packets, 36724 bytes 30 second rate 0 bps Match: protocol edonkey 604 packets, 679846 bytes 30 second rate 0 bps Match: protocol gnutella 816 packets, 335550 bytes 30 second rate 0 bps Match: protocol kazaa2 0 packets, 0 bytes 30 second rate 0 bps Match: protocol bittorrent 2191 packets, 171939 bytes 30 second rate 0 bps Match: protocol napster 0 packets, 0 bytes 30 second rate 0 bps drop Class-map: ICMP (match-all) 6117950 packets, 431232265 bytes 30 second offered rate 0 bps, drop rate 0 bps Match: protocol icmp police: cir 8000 bps, bc 1000 bytes conformed 6086423 packets, 426638532 bytes; actions: transmit exceeded 1807 packets, 2368194 bytes; actions: drop conformed 0 bps, exceed 0 bps Nick Griffin, CCIE #17381 On Jan 10, 2008 8:31 AM, Justin Shore <[EMAIL PROTECTED]> wrote: > Kristofer Sigurdsson wrote: > > Hi list, > > > > I'm looking for words of wisdom on NBAR on the 2800s. The main link is > 100 > > Mbit/s (at present maxing in 60 Mbit/s bursts, average 30 Mbit/s). We > will > > implement a 20 Mbit/s backup link in the next few weeks. Both links are > > delivered as fastethernet links on copper. We would like to be able to > > block P2P, or at least most of the P2P. We will use a 2821 (currently > in > > use for the main link without NBAR) for the backup link, which I believe > is > > more than enough, but I'm a bit puzzled about the main one It will be a > > separate router, the bean counters will push for a 2821, but I believe > that > > will not be enough. How about a 2851? > > I would caution you against using a 2800 (or any ISR) for this > application. The ISRs have very limited throughput. A couple years ago > 87Mbps might have seemed like a lot. It doesn't seem like a lot now and > will definitely leave you short in the near future. > > > http://www.cisco.com/warp/public/765/tools/quickreference/routerperformance.pdf > > Your existing router is already undersized for the 100Mbps link you have > on it. Through NBAR on it and you'll really be hitting a wall. > > I would recommend you push the bean counters towards a different router. > The 7201 would be a good sized router for what you want to do. How > much growth are you expecting? Fight off the bean counters with the > argument of the router being maxed out at capacity from day 1. A 7201 > with Advanced IP (you want the NBAR features) is $28.5k. A loaded 2821 > with 1GB of RAM and Advanced IP is $12,145. The 7201 has 4x the GigE > interfaces w/ builtin SFP slots to boot whereas the ISR only has 2 and > no built SFP slots. The 7201 has roughly 6x the capacity of the 2821 > for 2.5x the price plus all the other benefits. That's the direction > I'd push. > > > Another thing. How good is NBAR these days? I have zero experience > with > > it. Can it effectively block P2P? Can we mark and even prioritize > VoIP? > > In short: does it work? > > Someone else will have to answer this. > > Justin > > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/