Re: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2
Thanks for the reply, Still there must be a way to prioritize (or block) skype traffic. In my scenario just because of the small uplink bandwidth I need to give it priority. I tried a packet capture on my pc and random ports were used. But maybe I can give priority to traffic destined to Level 3 communications... if I can define any prefixes on that... Can I download (from anywhere) skype nbar pdlm to give a shot? I cannot find it. BR -Original Message- From: Matthew Huff [mailto:mh...@ox.com] Sent: Friday, June 19, 2009 10:58 PM To: 'Giorgos Manousakis'; 'cisco-nsp@puck.nether.net' Subject: RE: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2 Even with the newest Skype nbar pdlm or built-in nbar in 12.4T(x), it is pretty useless. The majority of Skype traffic is sent now encrypted over port 443. The only way I know to monitor/block it is with something like bluecoat/websense, and then only at the point of origin (since you have to proxy the ssl traffic at the source). I'd be happy to be proved wrong, but I believe, at least for now, that Skype has won the war. Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Giorgos Manousakis Sent: Friday, June 19, 2009 3:28 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2 Dear All, i am trying to apply QoS on my aDsl interface (2048/256) and i need to give strict priority to voice traffic, including skype and g711. I suppose that i can match the g711 by using nbar rtp audio protocol or by using source ports that are know on my asterisk server. Because of randomness of skype protocol that kind of handling does not apply. I found that skype is included in nbar but only after 12.4 version. Unfortunately i cannot upgrade the ios of my 837 cause of lack of DRAM, which is not upgradable. So i tried to find a pdlm addon for skype, but it is not available for stand alone download (http://www.cisco.com/cgi-bin/tablebuild.pl/pdlm). Can i found anywhere a skype.pdlm file? Is there any other way that i can match this traffic? Could i try rtp audio for that one too? Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2
I'm afraid you are out of look. In order to get skype 3.0 into IOS, Cisco had to leave behind PDLM and hard code it. Even then it's pretty useless. Only solution is to get to 12.4(22)T+ Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 -Original Message- From: Giorgos Manousakis [mailto:geo...@mang.gr] Sent: Sunday, June 21, 2009 6:52 AM To: Matthew Huff; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2 Thanks for the reply, Still there must be a way to prioritize (or block) skype traffic. In my scenario just because of the small uplink bandwidth I need to give it priority. I tried a packet capture on my pc and random ports were used. But maybe I can give priority to traffic destined to Level 3 communications... if I can define any prefixes on that... Can I download (from anywhere) skype nbar pdlm to give a shot? I cannot find it. BR -Original Message- From: Matthew Huff [mailto:mh...@ox.com] Sent: Friday, June 19, 2009 10:58 PM To: 'Giorgos Manousakis'; 'cisco-nsp@puck.nether.net' Subject: RE: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2 Even with the newest Skype nbar pdlm or built-in nbar in 12.4T(x), it is pretty useless. The majority of Skype traffic is sent now encrypted over port 443. The only way I know to monitor/block it is with something like bluecoat/websense, and then only at the point of origin (since you have to proxy the ssl traffic at the source). I'd be happy to be proved wrong, but I believe, at least for now, that Skype has won the war. Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Giorgos Manousakis Sent: Friday, June 19, 2009 3:28 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2 Dear All, i am trying to apply QoS on my aDsl interface (2048/256) and i need to give strict priority to voice traffic, including skype and g711. I suppose that i can match the g711 by using nbar rtp audio protocol or by using source ports that are know on my asterisk server. Because of randomness of skype protocol that kind of handling does not apply. I found that skype is included in nbar but only after 12.4 version. Unfortunately i cannot upgrade the ios of my 837 cause of lack of DRAM, which is not upgradable. So i tried to find a pdlm addon for skype, but it is not available for stand alone download (http://www.cisco.com/cgi-bin/tablebuild.pl/pdlm). Can i found anywhere a skype.pdlm file? Is there any other way that i can match this traffic? Could i try rtp audio for that one too? Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2
Dear All, i am trying to apply QoS on my aDsl interface (2048/256) and i need to give strict priority to voice traffic, including skype and g711. I suppose that i can match the g711 by using nbar rtp audio protocol or by using source ports that are know on my asterisk server. Because of randomness of skype protocol that kind of handling does not apply. I found that skype is included in nbar but only after 12.4 version. Unfortunately i cannot upgrade the ios of my 837 cause of lack of DRAM, which is not upgradable. So i tried to find a pdlm addon for skype, but it is not available for stand alone download (http://www.cisco.com/cgi-bin/tablebuild.pl/pdlm). Can i found anywhere a skype.pdlm file? Is there any other way that i can match this traffic? Could i try rtp audio for that one too? Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2
Even with the newest Skype nbar pdlm or built-in nbar in 12.4T(x), it is pretty useless. The majority of Skype traffic is sent now encrypted over port 443. The only way I know to monitor/block it is with something like bluecoat/websense, and then only at the point of origin (since you have to proxy the ssl traffic at the source). I'd be happy to be proved wrong, but I believe, at least for now, that Skype has won the war. Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- boun...@puck.nether.net] On Behalf Of Giorgos Manousakis Sent: Friday, June 19, 2009 3:28 PM To: cisco-nsp@puck.nether.net Subject: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2 Dear All, i am trying to apply QoS on my aDsl interface (2048/256) and i need to give strict priority to voice traffic, including skype and g711. I suppose that i can match the g711 by using nbar rtp audio protocol or by using source ports that are know on my asterisk server. Because of randomness of skype protocol that kind of handling does not apply. I found that skype is included in nbar but only after 12.4 version. Unfortunately i cannot upgrade the ios of my 837 cause of lack of DRAM, which is not upgradable. So i tried to find a pdlm addon for skype, but it is not available for stand alone download (http://www.cisco.com/cgi-bin/tablebuild.pl/pdlm). Can i found anywhere a skype.pdlm file? Is there any other way that i can match this traffic? Could i try rtp audio for that one too? Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ smime.p7s Description: S/MIME cryptographic signature ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
