How to block bit torrent on CISCO router with NBAR

Network Based Application Recognition (NBAR) is really a great idea, i know its not new one but worked for most of the purposes like blocking bit torrent traffic, mp3 and many more bandwidth wasting things. The resources provided here assist you in configuring your network to provide the appropriate level of service to these applications.You can use access control list to do these tasks but that’s a very old technique and there are many loop holes that you have to take care seriously. Like you can’t check and block what port a bit torrent client is using. This means you can’t depend on access-lists being able to block the traffic. Cisco’s NBAR users packet inspection to determine what traffic class a data stream belongs to. With NBAR, it’s no longer necessary to know what ports an application is using.

You need to take care three steps and you goes on air to detect if any of your user is using bit torrent to waste your valuable bandwidth and you even can block.

  1. Create a class-map to match the protocols to be blocked.
    ITOPERATIONZ(config)#class-map match-any torrentz
    ITOPERATIONZ(config-cmap)#match protocol bittorrent
  2. Create a policy-map to specify what should be done with the traffic.
    ITOPERATIONZ(config)#policy-map torrentz
    ITOPERATIONZ(config-pmap)#class torrentz
    ITOPERATIONZ(config-pmap-c)#drop
  3. Apply the policy to the user-facing (incoming) interface.
    ITOPERATIONZ(config)#interface fa0/1
    ITOPERATIONZ(config-if)#service-policy input torrentz
NBAR command will only work with 12.2 IOS.

3 thoughts on “How to block bit torrent on CISCO router with NBAR”

  1. Dear IT Operations,

    I tried your example on 1841 Router which has 12.4 IOS though the document clearly states 12.02. Is there any work around solution to make it happen on “12.4(13r)T” IOS..?? Please do advice.

    Regards,
    Naddy

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.