Control of BT traffic by Cisco Router Security

This article describes how to control the BT traffic of a Cisco router through specific operations, and describes the specific operation methods in detail. I hope this article will help you.

Network-Based Application Recognition (NBAR) indicates Network Application Recognition. NBAR is a technology that can dynamically search for protocols in Layer 4 to Layer 7. It can not only control static and simple network application protocol TCP/UDP port numbers in general ACLs. For example, the TCP 80 used by well-known WEB applications can also control the protocols that generally cannot achieve dynamic ports in ACLs, such as H.323 and SIP used by VoIP.

BitTorrent (BT) is a P2P software that supports multi-point download. It is very convenient to use, just like a browser plug-in, it is suitable for download of new hot doors. In simple terms, the more people download, the faster the download speed. The BitTorrent download tool is the latest P2P download tool. It adopts the Multi-Point-to-multi-point principle. You can access http://www.ppcn.net/for more information. Due to the large use of BT, the network bandwidth will be exhausted, leading to the failure of some key businesses of enterprises and units to operate normally. Therefore, it is necessary to control the BT traffic.

To control BT traffic, you must support PDLM on the Cisco router. PDLM is written by the Packet Description Language Module, which means the data Packet Description Language Module. It is a description of the protocol layer of high-level network applications, such as the protocol type and service port number. Its advantage is to adapt NBAR to many existing network applications, such as http url, DNS, FTP, and VoIP. At the same time, it can also be defined, to enable NBAR to support many emerging network applications. For example, peer2peer tool. PDLM can be downloaded from Cisco websites, and PDLM can be used to limit malicious traffic on some networks.

To get PDLM, go to the http://www.cisco.com/pcgi-bin/tablebuild.pl/pdlm to download bittorrent. pdlm. You must have a CCO account. Can you also directly use this link http://www.cisco.com/cgi-bin/Software/Tablebuild/doftp.pl? Ftpfile = cisco/ios/pdlm/bittorrent. pdlm & app = Tablebuild & status =
ShowC2A & swtype = FCS & software_products_url = % 2Fcgi-bin % 2Ftablebuild. pl % 2 Fpdlm & isChild =
& Amp; appName = & tbtype = pdlm get the PDLM that supports BT.
 
Then, copy bittorrent. pdlm to the route through the TFTP server. Exploitation

Ip nbar pdlm bittorrent. pdlm

Command to start the BT function in NBAR.

Create a class-map and policy map and apply it to the corresponding router interface. Generally, the interface connecting to the Internet (Chinanet) is FastEthernet or 10 M Ethernet interface. On the vro, you can see the following Configuration:

Class-map match-all bittorrent
Match protocol bittorrent
!
!
Policy-map bittorrent-policy
Class bittorrent
Drop
!
Interface FastEthernet0/
Description neibujiekou
Ip address 192.168.0.1 255.255.255.0
Ip nat inside
Service-policy input bittorrent-policy
Service-policy output bittorrent-policy

!

In this way, you can implement some traffic control on the Internet Access Router of your company or organization. At the same time, NBAR and PDLM can also be applied to the Intranet Wide Area Network of your company and organization to ensure the reasonable use of wide area network bandwidth.