Even with the newest Skype nbar pdlm or built-in nbar in 12.4T(x), it is pretty useless. The majority of Skype traffic is sent now encrypted over port 443. The only way I know to monitor/block it is with something like bluecoat/websense, and then only at the point of origin (since you have to proxy the ssl traffic at the source). I'd be happy to be proved wrong, but I believe, at least for now, that Skype has won the war.
---- Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 > -----Original Message----- > From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp- > boun...@puck.nether.net] On Behalf Of Giorgos Manousakis > Sent: Friday, June 19, 2009 3:28 PM > To: cisco-nsp@puck.nether.net > Subject: [c-nsp] QoS for skype with nbar on 837 with 12.3(11)YZ2 > > Dear All, > > i am trying to apply QoS on my aDsl interface (2048/256) and i need to > give > strict priority to voice traffic, including skype and g711. > > I suppose that i can match the g711 by using nbar rtp audio protocol or > by > using source ports that are know on my asterisk server. > > Because of randomness of skype protocol that kind of handling does not > apply. > I found that skype is included in nbar but only after 12.4 version. > Unfortunately i cannot upgrade the ios of my 837 cause of lack of DRAM, > which is not upgradable. > So i tried to find a pdlm addon for skype, but it is not available for > stand > alone download (http://www.cisco.com/cgi-bin/tablebuild.pl/pdlm). > > Can i found anywhere a skype.pdlm file? Is there any other way that i > can > match this traffic? Could i try rtp audio for that one too? > > Thanks > > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/