On Thursday 27 Mar 2003 16:38, Robert Kryczało wrote: > > The problem you start getting there is that monitoring and > > shaping traffic on > > a 100 Mb pipe will take a huge amount of CPU power, and even that > > will only > > work if the traffic is not encrypted. The only way of attacking > > the problem I > > can think of is by actually attempting to connect to the client > > machine on > > the suspiciously used well known ports, and seeing if it works. > > If it doesn't > > work as expected, you know it's likely to be a P2P application. > > > > I am not sure if you really want to do that, though, as it > > involves active > > port scanning rather than just monitoring, and some of your customers may > > complain... > > Well they will for sure in a scenario described by you. But I think you > have misunderstood me. Dyband don't do any scanning or content analyzing. > It works as a bridge modyfing data rate based on IP addresses.
Yes, but in order to detect what the traffic is, as the client software starts being more clever, you may have to do some pro-active scanning to see whether the traffic is legit or not. And even then the client software may fake legit server appearance. You would have to mimick the actual P2P connection handshake to be sure. And on some of them you have a real problem, e.g. FastTrack. They use encrypted connection, and the software is closed-source, so it's very difficult to get a handle on cracking the protocol. > You can set > up complicated scheme of bandwidth sharing. You can even automaticaly limit > some "aggresive users" based on their usage. It happens on the fly and is > very "smooth" from client point of view. If a client doesn't use his > bandwidth for a while the limit raises (recharges). It allows ISP or > enterprise to FULLY (i mean nearly 100%) utilize their uplink. You don't do > provisioning:). > > Maybe it is the only reasonable solution.... It sounds like a useful thing to do, but ultimately, you have to detect the traffic you want to throttle before you can throttle it. That is where the biggest problem is. Gordan _______________________________________________ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
