. : Policing RapidShare - Cisco : . |
I have to say that RapidShare is a great invention, but sometimes it can be a problem that they are so well connected *G* Compared to torrent/edonkey/... RapidShare customers normally have full speed for their downloads from the very first second. RapidShare is connected by many HUGE carriers, like Global Crossing (Tier 1), Cogent (Tier 1), Level3 (Tier 1), ... which is just great for the person downloading, but on the other hand it's sometimes a pain in the admin's a**. The bandwidth you are giving your customers will be used for the download - completelly! A let's say 8mbit cable client will download with 8mbit. If you want the customers to browse the web lightning fast but don't want him to constantly consume his full bandwidth by downloading multiple gigs from RapidShare, you could do the following: Create an access-list with all RapidShare networks (2008-12-03) access-list 11 permit 62.140.31.0 0.0.0.255 access-list 11 permit 62.153.244.0 0.0.0.255 access-list 11 permit 62.67.46.0 0.0.0.255 access-list 11 permit 62.67.50.0 0.0.0.255 access-list 11 permit 62.67.57.0 0.0.0.255 access-list 11 permit 64.211.146.0 0.0.0.255 access-list 11 permit 64.214.225.0 0.0.0.255 access-list 11 permit 64.215.245.0 0.0.0.255 access-list 11 permit 80.152.62.0 0.0.0.255 access-list 11 permit 80.231.128.0 0.0.0.255 access-list 11 permit 80.231.24.0 0.0.0.255 access-list 11 permit 80.231.41.0 0.0.0.255 access-list 11 permit 80.231.56.0 0.0.0.255 access-list 11 permit 80.239.137.0 0.0.0.255 access-list 11 permit 80.239.151.0 0.0.0.255 access-list 11 permit 80.239.152.0 0.0.0.255 access-list 11 permit 80.239.159.0 0.0.0.255 access-list 11 permit 80.239.226.0 0.0.0.255 access-list 11 permit 80.239.236.0 0.0.0.255 access-list 11 permit 80.239.239.0 0.0.0.255 access-list 11 permit 82.129.33.0 0.0.0.255 access-list 11 permit 82.129.35.0 0.0.0.255 access-list 11 permit 82.129.36.0 0.0.0.255 access-list 11 permit 82.129.39.0 0.0.0.255 access-list 11 permit 195.122.131.0 0.0.0.255 access-list 11 permit 195.122.149.0 0.0.0.255 access-list 11 permit 195.122.151.0 0.0.0.255 access-list 11 permit 195.122.152.0 0.0.0.255 access-list 11 permit 195.122.153.0 0.0.0.255 access-list 11 permit 195.219.1.0 0.0.0.255 access-list 11 permit 206.57.14.0 0.0.0.255 access-list 11 permit 207.138.168.0 0.0.0.255 access-list 11 permit 208.48.186.0 0.0.0.255 access-list 11 permit 212.162.2.0 0.0.0.255 access-list 11 permit 212.162.63.0 0.0.0.255 access-list 11 permit 217.243.210.0 0.0.0.255 BTW: It was a quick and dirty awk hack with /24 only, but 195.122.152.0 could be added as /23 as well! Now let's create a class-map to match the access-list class-map match-any RapidShare match access-group 11 This is the interessting part: Police 'em *G* (in this case it's 1024000 bps) policy-map RapidShare class RapidShare police rate 1024000 burst 192000 conform-action transmit exceed-action drop violate-action drop Finally add the policy-map to the correct (WAN) interface interface FastEthernet0 service-policy input RapidShare Disclaimer: Use on your own risk, absolutely no warranty and.... please be nice to your clients!!!! I hate sadistic admins who want the clients to have no fun at all, but if you are sure that RapidShare is used for sharing of the latest movies and other warez, you might just have to police (or even block) it. All commands are entered in global configuration mode, of course. The access-list was a quick and dirty hack (as mentioned above), so maybe there is a network shown as /24 which might be /25 or less and you block something/somebody else by accident! http://en.wikipedia.org/wiki/Network_neutrality |