Cisco Cisco Packet Data Gateway (PDG) Guida Alla Risoluzione Dei Problemi
Peer-to-Peer Overview
▀ P2P Overview
▄ Cisco ASR 5000 Series Peer-to-Peer Detection Administration Guide
OL-22960-01
P2P Overview
P2P is a term used in two slightly different contexts. At a functional level, it means protocols that interact in a peering
manner, in contrast to client-server manner. There is no clear differentiation between the function of one node or
another. Any node can function as a client, a server, or both—a protocol may not clearly differentiate between the two.
For example, peering exchanges may simultaneously include client and server functionality, sending and receiving
information. P2P utilizes the Enhanced Charging Service (ECS) functionality. For information about ECS, refer to the
Enhanced Charging Services Administration Guide
manner, in contrast to client-server manner. There is no clear differentiation between the function of one node or
another. Any node can function as a client, a server, or both—a protocol may not clearly differentiate between the two.
For example, peering exchanges may simultaneously include client and server functionality, sending and receiving
information. P2P utilizes the Enhanced Charging Service (ECS) functionality. For information about ECS, refer to the
Enhanced Charging Services Administration Guide
Detecting P2P protocols requires recognizing, in real time, some uniquely identifying characteristic of the protocols.
Typical packet classification only requires information uniquely typed in the packet header of packets of the stream(s)
running the particular protocol to be identified. In fact, many P2P protocols can be detected by simple packet header
inspection. However, some P2P protocols are different, preventing detection in the traditional manner. This is designed
into some P2P protocols to purposely avoid detection. The creators of these protocols purposely do not publish
specifications. A small class of P2P protocols is stealthier and more challenging to detect. For some protocols, no set of
fixed markers can be identified with confidence as unique to the protocol.
Typical packet classification only requires information uniquely typed in the packet header of packets of the stream(s)
running the particular protocol to be identified. In fact, many P2P protocols can be detected by simple packet header
inspection. However, some P2P protocols are different, preventing detection in the traditional manner. This is designed
into some P2P protocols to purposely avoid detection. The creators of these protocols purposely do not publish
specifications. A small class of P2P protocols is stealthier and more challenging to detect. For some protocols, no set of
fixed markers can be identified with confidence as unique to the protocol.
Operators care about P2P traffic because of the behavior of some P2P applications (for example, Bittorrent, Skype, and
eDonkey). Most P2P applications can hog the network bandwidth such that 20% P2P users can generate as much traffic
as generated by the rest 80% non-P2P users. This can result into a situation where non-P2P users may not get enough
network bandwidth for their legitimate use because of excess usage of bandwidth by the P2P users. Network operators
need to have dynamic network bandwidth / traffic management functions in place to ensure fair distributions of the
network bandwidth among all the users. And this would include identifying P2P traffic in the network and applying
appropriate controlling functions to the same (for example, content-based premium billing, QoS modifications, and
other similar treatments).
eDonkey). Most P2P applications can hog the network bandwidth such that 20% P2P users can generate as much traffic
as generated by the rest 80% non-P2P users. This can result into a situation where non-P2P users may not get enough
network bandwidth for their legitimate use because of excess usage of bandwidth by the P2P users. Network operators
need to have dynamic network bandwidth / traffic management functions in place to ensure fair distributions of the
network bandwidth among all the users. And this would include identifying P2P traffic in the network and applying
appropriate controlling functions to the same (for example, content-based premium billing, QoS modifications, and
other similar treatments).
The P2P detection technology makes use of innovative and highly accurate protocol behavioral detection techniques.
This P2P solution can detect the following protocols and their capabilities in real time:
This P2P solution can detect the following protocols and their capabilities in real time:
ActiveSync
Aimini
AppleJuice
Ares
Battlefield
BitTorrent
File downloading and uploading (plain / encrypted BitTorrent)
Un-encrypted, plain-encrypted, and RC4-encrypted file transfer
Ddlink
DirectConnect
eDonkey
File uploading and downloading (plain / encrypted eDonkey)
FastTrack
Feidian
FileTopia