RE: Killing Napster and beyond...

["Delmer Harris" <dharris () kcp com>]

See www.packeteer.com for another method.  They claim to be able to
throttle Windows Media Player and RealPlayer traffic, even though WMP uses
http.  Supposedly they dig far enough into the packet to be able to tell
the difference between browsing and streaming traffic.  I am thinking
really hard about trying one the next time I see enough unallocated time to
work on it.







"Zarcone, Christopher" <Christopher.Zarcone () netigy com> on 10/19/2000
03:07:05 PM
                                                                           
                                                                           
                                                                           


                                                              
                                                              
                                                              
 To:      firewall-wizards () nfr net                            
                                                              
 cc:                                                          
                                                              
                                                              
                                                              
 Subject: RE: [fw-wiz] Killing Napster and beyond...          
                                                              







All,

Indeed, Napster and RealAudio are greedy applications in terms of
bandwidth,
but there are a lot of creative solutions that don't involve blocking
ports.
The simplest solution I can think of would be to enforce a
Quality-Of-Service policy on your network.

Cisco routers, for example, have a QOS feature called Custom Queueing,
where
you can assign percentages of bandwidth to specific protocols and ports.
For
example, you could restrict RealAudio to 20% of the total bandwidth. In the
presence of competing traffic, RealAudio traffic above the 20% threshhold
would get queued (and ultimately dropped).

Cisco also has another QOS feature called Priority Queueing, where "higher"
priority traffic ALWAYS takes precedence over "lower" priority traffic. You
can define multiple layers of prioirity, with your business application
protocols at the highest priority, and RealAudio and Napster at the bottom.
Your business applications will effectively preempt any RealAudio traffic.
This can lead to certain protocols being "starved" in the presence of high
utilization, but in the case of RealAudio, that's probably what you want
anyway.

There is, of course, the notorious problem of applications tunneling over
other protocols. (Let's see, can we think of any protocols that get
ruthlessly exploited as a generic tunnel? Wait, let me think... could it be
HTTP? Bingo!) From the router's perspective, all you see is traffic on TCP
port 80. From a standpoint of QOS, the router won't be able to help you
here. You might be better served by shunting all of your HTTP traffic
through a really good proxy for more fine-grained traffic control.

It's times like this where it makes sense to step back, take off your
Firewall Hat, and put on your Router Hat (or your Proxy Hat or General
Purpose Infrastructure Hat). There are a lot of ways to skin a cat.

Regards,

Christopher Zarcone, CISSP
Senior Consultant
christopher.zarcone () netigy com

Netigy Corporation
www.netigy.com

My opinions do not necessarily represent the opinions of my employer. In
fact, my opinions have no intelligent content whatsoever and should not be
considered by anyone.

Message: 10
From: "Harris, Tim" <tharris () ocair com>
To: "'Chris Cappuccio'" <chris () empnet com>,
Todd Schroeder <todd () stipples com>
Cc: firewall-wizards () nfr com
Subject: RE: [fw-wiz] Killing Napster and beyond...
Date: Wed, 18 Oct 2000 16:05:04 -0700
charset="iso-8859-1"

The problem with Napster and similar programs (such as Real Audio) is that
some companies have relatively small pipes (I have a T1) for a large number
of users.  I care less that they are going to sites than that they are
clogging up my precious bandwidth.  It takes very few people listening to
Real Audio feeds before performance dies.  We are buying the bandwidth to
facilitate business operations.  If they want to listen to music, they
should buy a radio or a CD player.


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards




_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards