Re: [c-nsp] Limiting bandwidth from specific source
thanks to all for the feedback. Jeremy, would you know since which release that NBAR 2 capability of matching youtube is available? or at least on which release you have implemented that. thanks On Tue, Oct 20, 2015 at 3:47 PM, Jeremy Bresley wrote: > Since you specificially mentioned an ASR1K, if you have the AVC license > ($10K list RTU license), you can enable NBAR2 which does identify Youtube > traffic. > > Router#sh ip nbar protocol-id youtube > > Protocol Name idtype > -- > youtube 82L7 STANDARD > > Router#sh ip nbar protocol-attribute youtube > >Protocol Name : youtube >encrypted : encrypted-yes > tunnel : tunnel-no > category : consumer-streaming > sub-category : consumer-video-streaming >application-group : flash-group > p2p-technology : p2p-tech-no >traffic-class : multimedia-streaming > business-relevance : business-irrelevant > > There are some overhead concerns with doing DPI on all your traffic, make > sure you're not turning this on a link or router that is overtaxed, etc, > but it can be done. We do this on our internal MPLS headends running on > ASR1004/RP2s and don't normally exceed 10-15% CPU usage at gig speeds. You > can also use the NBAR classifiers in a QoS policy if they want to > rate-limit/shape/police that traffic. > > Jeremy "TheBrez" Bresley > b...@brezworks.com > > > > On 10/20/2015 1:45 AM, Antoine Monnier wrote: > >> thanks Vijay. >> >> so just to clarify the problem is on some customer facing circuits. >> >> Is there a way to identify "youtube" specific traffic compared to "all of >> Google services" traffic? Does Youtube use specific IP ranges? >> >> >> >> On Tue, Oct 20, 2015 at 8:42 AM, Vijay S wrote: >> >> Well Google has ggc program which will give you free Google peering you >>> dont need to pay to Google or any service provider except connectivity >>> cost. >>> >>> And to limit traffic from specific source you can use class based qos. >>> >>> Regards >>> Vijay A. >>> On Oct 20, 2015 12:08 PM, "Antoine Monnier" >>> wrote: >>> >>> Hi All, We are running into capacity issues on some internet pipes and this is affecting "business" traffic. A quick analysis showed us that roughly 40% of traffic on that specific pipe comes from Google-owned IP ranges. We are guessing that most of it is Youtube and we are being asked to come up with a solution to throttle that traffic. (Apparently making users sign internet-use policy is not effective!) Is there a way to identify youtube specific traffic on an ASR1K purely based on L3 info? And going more broadly, how are others handling such issues generally? (sure, we can upgrade the bandwidth if they have the money, but congestion point is just going to move further down their internal WAN network) Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ >> cisco-nsp mailing list cisco-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/cisco-nsp >> archive at http://puck.nether.net/pipermail/cisco-nsp/ >> > > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Advanced use of mrtg
On Tue, Oct 20, 2015 at 1:52 PM, Victor Sudakov wrote: > Mike - st257 wrote: > > > > > > Does anybody have an --if-template for mrtg's cfgmaker to monitor > > > interface discards and errors instead of traffic counters? > > > > > > Could you please share it? Thanks a lot in advance. > > > > > > > Half of what you want (errors). > > http://mrtg.gvolk.com/template/interface-errors.template > > Mike, I bet you have googled it up :-) I have also stumbled upon it > while googling for an answer to my question. The problem is it's over > 12 years old and I did not want to be the first to try it out. > Yes, you got me. Couldn't be much harm could there be from using that config, could there? ;-) > > It would be nice to obtain such a template from someone who has used > it him/herself. > Understandable. > > But thank you anyway, you have confirmed that it's perhaps the only > available example and nobody cares to keep it up to date. > >From what I've seen you'll find a more active community surrounding Cacti. MRTG has its niche in interface statistic graphing, I'll give it that. -- ---~~.~~--- Mike // SilverTip257 // ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6VPE on 7600 RSP720 3CXL
> On 20 Oct 2015, at 10:55, James Bensley wrote: > > I will probably aim for 60k IPv6 routes, so it's enough to phase out > the boxes and that's it. Be careful that these boxes will start to CPU > switch packets before you run out of TACM. When you see these logs > you're in trouble; Well, not exactly. Last I remember, it was changed in 12.2(33)SXH - when the PFC hits exception on TCAM, it’ll switch “exception” packets (packets to destination that’s outside of known TCAM programmed entries) with a mls hardware-limiter set to 10kpps. In other words - you’re safe, the box won’t melt, but the situation will require fixing & reload. -- Łukasz Bromirski, luk...@bromirski.net CCIE R&S/SP #15929, CCDE #2012::17 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6VPE on 7600 RSP720 3CXL
We currently have 560163 routes in Internet VRF for IPv4, with 120K available for IPv6, My BGP process is taking ~456MB memory. Router is running fairly new IOS15.2(4)S4a. We only import default routes per VRF per PE for IPv4 and same plan for IPv6. any future scale limit? Krunal On Tue, Oct 20, 2015 at 11:42 AM, Pete Templin wrote: > Just a tiny tidbit related to TCAM reallocation, make sure the SP > bootvar's config register matches the RP bootvar's config register. In > tech-speak, 'sh bootv | i eg' should match 'rem com sw sh bootv | i eg'. If > it doesn't, "conf t; config-register 0x2142; end; conf t; config-register > 0x2102; end; copy run start" and recheck. A mismatch in how the SP > pre-configures itself is immaterial for the basics of IOS configuration > stuff, but fatal with respect to TCAM; the box will forcibly reload after 5 > minutes endlessly until fixed. > > > On 10/20/2015 1:55 AM, James Bensley wrote: > >> On 14 October 2015 at 13:32, krunal shah wrote: >> >>> hi NSPs, >>> >>> Is any one doing 6VPE and importing full IPv4 and IPv6 routes in same >>> VRF? >>> >>> I am planning to implement full IPv6 and IPv4 routes in same VRF that is >>> used for internet service and other PE routers would only get subset or >>> default routes. Suip has 4 GB of memory, My 1M TCAM space is carved with >>> >>> FIB TCAM maximum routes : >>> === >>> Current :- >>> --- >>> IPv4- 768k >>> MPLS- 16k (default) >>> IPv6 + IP Multicast - 120k (default) >>> >> >> We are not doing this on any 7600 's but will be shortly so we'll >> start testing soon. Our 7600's are being bumped up to 15.3(3)S6, all >> running with RSP720-3XCL-10GE's and the TCAMs will be repartitioned, >> this will then hopefully see them out until they are decomissioned. >> >> The TCAMs need reallocating as they are currently carrying a lot of >> VPNv4 routes as well as the full IPv4 table and 6VPE was not >> envisioned, however your partitioning of the TCAM seems a litte too >> favourable for IPv6 for our needs; >> >> FIB TCAM maximum routes : >> === >> Current :- >> --- >> IPv4 + MPLS - 960k (default) >> IPv6- 16k >> IP Multicast- 16k >> >> FIB TCAM usage: TotalUsed %Used >> 72 bits (IPv4, MPLS, EoM) 983040 658740 67% >> >> I will probably aim for 60k IPv6 routes, so it's enough to phase out >> the boxes and that's it. Be careful that these boxes will start to CPU >> switch packets before you run out of TACM. When you see these logs >> you're in trouble; >> >> %MLSCEF-SP-4-FIB_EXCEPTION_THRESHOLD: Hardware CEF entry >> usage is at 95% capacity for IPv4 unicast protocol >> >> %MLSCEF-DFC4-7-FIB_EXCEPTION: FIB TCAM exception, Some >> entries will be software switched >> >> %MLSCEF-SP-7-FIB_EXCEPTION: FIB TCAM exception, Some >> entries will be software switched >> >> >> Cheers, >> James. >> ___ >> cisco-nsp mailing list cisco-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/cisco-nsp >> archive at http://puck.nether.net/pipermail/cisco-nsp/ >> >> > ___ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Advanced use of mrtg
Mike - st257 wrote: > > > > Does anybody have an --if-template for mrtg's cfgmaker to monitor > > interface discards and errors instead of traffic counters? > > > > Could you please share it? Thanks a lot in advance. > > > > Half of what you want (errors). > http://mrtg.gvolk.com/template/interface-errors.template Mike, I bet you have googled it up :-) I have also stumbled upon it while googling for an answer to my question. The problem is it's over 12 years old and I did not want to be the first to try it out. It would be nice to obtain such a template from someone who has used it him/herself. But thank you anyway, you have confirmed that it's perhaps the only available example and nobody cares to keep it up to date. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Limiting bandwidth from specific source
The rule was confirmed by Google itself by email. Offcourse to determine all the prefixes there will be R n D time to time as some new prefixes may come or go. But 90% of traffic still can be identify by mention way , offcourse its Google serving content end of the day we can't be 100% sure by which ip traffic will be served but 90% approx. Regards Vijay A. On Oct 20, 2015 12:51 PM, "Mark Tinka" wrote: > > > On 20/Oct/15 09:15, Vijay S wrote: > > Google will deploy ggc node only if you have more than 1gig Google traffic > . > > > This is not a hard & fast rule. > > Also you your upstream provider has ggc node its not hard to identify them > as those nodes use only one pool of /26 ip addresses. > > > Again, not cast in stone. I've seen different prefix lengths in the wild. > > Also, note that in some markets, GGC traffic may be hitting a network from > a peer, and not an upstream. > > The best way for the OP to check where his Youtube traffic "could be" > coming from is: > > http://redirector.c.youtube.com/report_mapping > > But even this is not a sure thing, as Google will serve video from a GGC > node based on several factors such as latency, if the video is cached > there, how many times the video is being requested, the DNS resolver in use > by the client, e.t.c. > > Mark. > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Advanced use of mrtg
Date: Tue, 20 Oct 2015 16:01:45 +0600 > From: Victor Sudakov > To: cisco-nsp@puck.nether.net > Subject: [c-nsp] Advanced use of mrtg > Message-ID: <20151020100145.ga42...@admin.sibptus.tomsk.ru> > Content-Type: text/plain; charset=us-ascii > > Colleagues, > > Does anybody have an --if-template for mrtg's cfgmaker to monitor > interface discards and errors instead of traffic counters? > > Could you please share it? Thanks a lot in advance. > Half of what you want (errors). http://mrtg.gvolk.com/template/interface-errors.template >From that above config, it is easy enough to modify a few lines for discards (ifInDiscards / ifOutDiscards). As I don't use MRTG (but instead Cacti) I'm not certain whether you could just add two more "data sources" to the config at the above URL. # modify to be Target[$target_name]: ifInDiscards.$if_index&ifOutDiscards.$if_index:$router_connect Description: In/Out Discard counters Cacti has a template for errors/discards by default. (Not saying you should or need to use it instead.) Report back/post the working config end up with for the benefit of everyone! :-) -- ---~~.~~--- Mike // SilverTip257 // ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6VPE on 7600 RSP720 3CXL
Just a tiny tidbit related to TCAM reallocation, make sure the SP bootvar's config register matches the RP bootvar's config register. In tech-speak, 'sh bootv | i eg' should match 'rem com sw sh bootv | i eg'. If it doesn't, "conf t; config-register 0x2142; end; conf t; config-register 0x2102; end; copy run start" and recheck. A mismatch in how the SP pre-configures itself is immaterial for the basics of IOS configuration stuff, but fatal with respect to TCAM; the box will forcibly reload after 5 minutes endlessly until fixed. On 10/20/2015 1:55 AM, James Bensley wrote: On 14 October 2015 at 13:32, krunal shah wrote: hi NSPs, Is any one doing 6VPE and importing full IPv4 and IPv6 routes in same VRF? I am planning to implement full IPv6 and IPv4 routes in same VRF that is used for internet service and other PE routers would only get subset or default routes. Suip has 4 GB of memory, My 1M TCAM space is carved with FIB TCAM maximum routes : === Current :- --- IPv4- 768k MPLS- 16k (default) IPv6 + IP Multicast - 120k (default) We are not doing this on any 7600 's but will be shortly so we'll start testing soon. Our 7600's are being bumped up to 15.3(3)S6, all running with RSP720-3XCL-10GE's and the TCAMs will be repartitioned, this will then hopefully see them out until they are decomissioned. The TCAMs need reallocating as they are currently carrying a lot of VPNv4 routes as well as the full IPv4 table and 6VPE was not envisioned, however your partitioning of the TCAM seems a litte too favourable for IPv6 for our needs; FIB TCAM maximum routes : === Current :- --- IPv4 + MPLS - 960k (default) IPv6- 16k IP Multicast- 16k FIB TCAM usage: TotalUsed %Used 72 bits (IPv4, MPLS, EoM) 983040 658740 67% I will probably aim for 60k IPv6 routes, so it's enough to phase out the boxes and that's it. Be careful that these boxes will start to CPU switch packets before you run out of TACM. When you see these logs you're in trouble; %MLSCEF-SP-4-FIB_EXCEPTION_THRESHOLD: Hardware CEF entry usage is at 95% capacity for IPv4 unicast protocol %MLSCEF-DFC4-7-FIB_EXCEPTION: FIB TCAM exception, Some entries will be software switched %MLSCEF-SP-7-FIB_EXCEPTION: FIB TCAM exception, Some entries will be software switched Cheers, James. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Limiting bandwidth from specific source
Since you specificially mentioned an ASR1K, if you have the AVC license ($10K list RTU license), you can enable NBAR2 which does identify Youtube traffic. Router#sh ip nbar protocol-id youtube Protocol Name idtype -- youtube 82L7 STANDARD Router#sh ip nbar protocol-attribute youtube Protocol Name : youtube encrypted : encrypted-yes tunnel : tunnel-no category : consumer-streaming sub-category : consumer-video-streaming application-group : flash-group p2p-technology : p2p-tech-no traffic-class : multimedia-streaming business-relevance : business-irrelevant There are some overhead concerns with doing DPI on all your traffic, make sure you're not turning this on a link or router that is overtaxed, etc, but it can be done. We do this on our internal MPLS headends running on ASR1004/RP2s and don't normally exceed 10-15% CPU usage at gig speeds. You can also use the NBAR classifiers in a QoS policy if they want to rate-limit/shape/police that traffic. Jeremy "TheBrez" Bresley b...@brezworks.com On 10/20/2015 1:45 AM, Antoine Monnier wrote: thanks Vijay. so just to clarify the problem is on some customer facing circuits. Is there a way to identify "youtube" specific traffic compared to "all of Google services" traffic? Does Youtube use specific IP ranges? On Tue, Oct 20, 2015 at 8:42 AM, Vijay S wrote: Well Google has ggc program which will give you free Google peering you dont need to pay to Google or any service provider except connectivity cost. And to limit traffic from specific source you can use class based qos. Regards Vijay A. On Oct 20, 2015 12:08 PM, "Antoine Monnier" wrote: Hi All, We are running into capacity issues on some internet pipes and this is affecting "business" traffic. A quick analysis showed us that roughly 40% of traffic on that specific pipe comes from Google-owned IP ranges. We are guessing that most of it is Youtube and we are being asked to come up with a solution to throttle that traffic. (Apparently making users sign internet-use policy is not effective!) Is there a way to identify youtube specific traffic on an ASR1K purely based on L3 info? And going more broadly, how are others handling such issues generally? (sure, we can upgrade the bandwidth if they have the money, but congestion point is just going to move further down their internal WAN network) Thanks ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Limiting bandwidth from specific source
On 20/Oct/15 13:22, Pierre Emeriaud wrote: > I used to tell my customers that there is no QoS on the internet, and > if business traffic was that important, mpls vpn (+QoS) was the way to > go. Easy to say when you also provide such services :) > > (some of my customers at $job-1 were moving from our mpls vpn to > internet pipes + ipsec vpn and then complaining about poor performance > on critical business applications. They had been warned...) "Premium Internet" is a farce. I've been reasonably successful in dampening that idea at $day_job. Can't really guarantee performance if you don't control the entire end-to-end. Mark. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Limiting bandwidth from specific source
2015-10-20 8:37 GMT+02:00 Antoine Monnier : > > We are running into capacity issues on some internet pipes and this is > affecting "business" traffic. > And going more broadly, how are others handling such issues generally? I used to tell my customers that there is no QoS on the internet, and if business traffic was that important, mpls vpn (+QoS) was the way to go. Easy to say when you also provide such services :) (some of my customers at $job-1 were moving from our mpls vpn to internet pipes + ipsec vpn and then complaining about poor performance on critical business applications. They had been warned...) ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Advanced use of mrtg
Colleagues, Does anybody have an --if-template for mrtg's cfgmaker to monitor interface discards and errors instead of traffic counters? Could you please share it? Thanks a lot in advance. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6VPE on 7600 RSP720 3CXL
On 20 October 2015 at 09:55, James Bensley wrote: > I will probably aim for 60k IPv6 routes 2 byte boundary, should have said 64k routes, doh! James. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6VPE on 7600 RSP720 3CXL
On 14 October 2015 at 13:32, krunal shah wrote: > hi NSPs, > > Is any one doing 6VPE and importing full IPv4 and IPv6 routes in same VRF? > > I am planning to implement full IPv6 and IPv4 routes in same VRF that is > used for internet service and other PE routers would only get subset or > default routes. Suip has 4 GB of memory, My 1M TCAM space is carved with > > FIB TCAM maximum routes : > === > Current :- > --- > IPv4- 768k > MPLS- 16k (default) > IPv6 + IP Multicast - 120k (default) We are not doing this on any 7600 's but will be shortly so we'll start testing soon. Our 7600's are being bumped up to 15.3(3)S6, all running with RSP720-3XCL-10GE's and the TCAMs will be repartitioned, this will then hopefully see them out until they are decomissioned. The TCAMs need reallocating as they are currently carrying a lot of VPNv4 routes as well as the full IPv4 table and 6VPE was not envisioned, however your partitioning of the TCAM seems a litte too favourable for IPv6 for our needs; FIB TCAM maximum routes : === Current :- --- IPv4 + MPLS - 960k (default) IPv6- 16k IP Multicast- 16k FIB TCAM usage: TotalUsed %Used 72 bits (IPv4, MPLS, EoM) 983040 658740 67% I will probably aim for 60k IPv6 routes, so it's enough to phase out the boxes and that's it. Be careful that these boxes will start to CPU switch packets before you run out of TACM. When you see these logs you're in trouble; %MLSCEF-SP-4-FIB_EXCEPTION_THRESHOLD: Hardware CEF entry usage is at 95% capacity for IPv4 unicast protocol %MLSCEF-DFC4-7-FIB_EXCEPTION: FIB TCAM exception, Some entries will be software switched %MLSCEF-SP-7-FIB_EXCEPTION: FIB TCAM exception, Some entries will be software switched Cheers, James. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Limiting bandwidth from specific source
On 20/Oct/15 09:15, Vijay S wrote: > Google will deploy ggc node only if you have more than 1gig Google > traffic . > This is not a hard & fast rule. > Also you your upstream provider has ggc node its not hard to identify > them as those nodes use only one pool of /26 ip addresses. Again, not cast in stone. I've seen different prefix lengths in the wild. Also, note that in some markets, GGC traffic may be hitting a network from a peer, and not an upstream. The best way for the OP to check where his Youtube traffic "could be" coming from is: http://redirector.c.youtube.com/report_mapping But even this is not a sure thing, as Google will serve video from a GGC node based on several factors such as latency, if the video is cached there, how many times the video is being requested, the DNS resolver in use by the client, e.t.c. Mark. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Limiting bandwidth from specific source
Google will deploy ggc node only if you have more than 1gig Google traffic . Peering can be done in nearest available peering center/data center. Also you your upstream provider has ggc node its not hard to identify them as those nodes use only one pool of /26 ip addresses. In case to identify peering ip they can be obtained from bgp peering database. I guess as of now there are pretty standard 348 prefixes in ggc bgp peering database. Out of these 3-4 major ip prefixes used for serving google traffic. Regards Vijay A. On Oct 20, 2015 12:27 PM, "Mark Tinka" wrote: > > > On 20/Oct/15 08:45, Antoine Monnier wrote: > > > thanks Vijay. > > > > so just to clarify the problem is on some customer facing circuits. > > > > Is there a way to identify "youtube" specific traffic compared to "all of > > Google services" traffic? Does Youtube use specific IP ranges? > > Youtube traffic could come from the Google network, or from an ISP > participating in the GGC program. So it will be hard to do this based on > IP address. > > As someone else suggested, considering deploying a GGC node to improve > your Youtube performance. You may see a reduction in Youtube traffic > passing across your upstream links. > > Mark. > ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/