What are the models of managed 16 or 24 port switches (preferably not too expensive) that have the ability to block P2P traffic on ports?

R

repiv2014-01-09 09:54:37

bittorrent

repiv, 2014-01-09 09:54:37

Good day.
I ask you to suggest models of managed 16 or 24 port switches (preferably not too expensive) that have the ability to block P2P traffic on ports.
This feature is necessary to limit the use of torrents on the network.
Related question: What else can be affected by this type of blocking?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

D

Denis, 2014-01-09
@repiv

I highly doubt there are switches that can handle traffic higher than Layer3. On Cisco routers, this feature is available. It's done like this:

class-map match-any CM_P2P
 match protocol edonkey
 match protocol fasttrack
 match protocol gnutella
 match protocol kazaa2
!
policy-map PM_P2P
 class CM_P2P
   drop
!
interface fastEthernet 0/1
 service-policy input PM_P2P
!

It won't affect anything in particular. Traffic is inspected at the protocol level, and the protocols themselves are blocked, not individual ports.

I

Ilya Evseev, 2014-01-10
@IlyaEvseev

Typically, such filtering is done not on the switches, but in the network core.
In order for all inter-client traffic to go through the core, there are several solutions: -
vlan per client (vlan-per-customer)
- asymmetric vlans (www.dlink.ru/up/uploads_media/asymmetric_vlan.pdf)
Mikrotik, Linux via l7filter, FreeBSD via netgraph.

R

rdc, 2014-03-13
@rdc

The simplest solution available to implement on a switch is to whitelist protocols. Allowed http (s), dns, dhcp / arp, other necessary for work, the rest is killed.