Hi friends, I want to mark youtube connection or IPs to make a separate youtube queue and assign bandwidth for the youtube connections for my clients, can any body help? Here in my area few ISP have done it with mikrotik but I don’t know how, just saw a DSCP marking for that. Any idea?
Ask that ISP 
dynek Man, I think it’ll work I’ll let you know if it’s work or not. Yes L7 is the key. Thanks
Can Any one give the youtube marking code for layer 7?
http://linksysinfo.org/index.php?threads/qos-development-thread.31886/#post-204861 says:
GET (/videoplayback?|/crossdomain.xml)
Now if people use HTTPS you’re screwed.
Thanks dynek, I’m gonna try and let you know.
Man, people using https. what to do?!!
If they stream through https you can’t do anything!
meaning this days pretty much everyone with a google account will open youtube page on https!
as dynek said: you’re screwed 
It seems impossible to mark youtube connections, but how an ISP of our area have mark youtube connections and assign extra bandwidth for youtube uses! And I can’t even ask them because they’ll never tell. I have seen a mangle rule for youtube using DSCP 60 that’s it but I’m sure there are more. Ya as dynek said: I’m screwed 
You should be able to identify CDN type hosts with mangle/firewall rules and connection-byte. If you add those hosts to an address-list you can shape traffic to that dst-address-list however you like. The devil is in the details.
Dear lambert, can you give an example? need that thing badly. Thanks
I cannot afford the time to build it for you. There are consultants who would be happy to do so.
the whole reason of https is its name… secure… it uses a ssl. the packets are encripted, you won’t be able to see what the packet is even with layer 7, that’s the whole point.
many have tried but i haven’t seen a model working.
i haven’t seen yet a layer 7 regex for https of any kind!
but… i might be wrong. if i am… i would like to see it
cheers
check this out http://l7-filter.sourceforge.net/protocols
there’s no streaming over https regex
this layer7 identify intial https handshake…
yes, but that doesn’t identify if the connection has any streaming video packet…
really is a reply for
i haven’t seen yet a > layer 7 regex for https of any kind> !
but… i might be wrong. if i am… i would like to see it >
My bad, we were talking about streaming over https, I should have mentioned it!
That’s why I say just identify IPs from which a lot of data is downloaded in individual connections. Add those IPs to an address-list. Shape traffic to those IPs.
The method I have seen shapes the traffic for the first x bytes then lets it run at full speed to allow things like windows updates to come in quickly. It is claimed that Netflix figures out the available data rate in the first thirty seconds or so, then locks that stream to a rate which is less than the available link size. By limiting the first X connection-bytes to say, 1Mbps you get a 512 to 768kbps quality stream. The problem seems to be that Apple TV and anything using silverlight keeps trying to “improve” the quality of the video throughout the playing of the stream so it will go back to using 12Mbps after the first x connection-bytes rule expires.