Hi,
I received this from the spanish Mikrotik phorum and consider ti to be of interest to everybody, so I decided to post it here:
http://www.tippingpoint.com/pdf/resources/whitepapers/503157-001_ManagingP2PTraffic.pdf
Best Regards
Jorge Boardman
sorry, couldn find anything interesting and new in this document.
all they where talking about was - how bad that p2p exists and users share music, movies etc etc.
and usage is so intensive, that it brings your netowrk ifrasturcture to its knees.
yeah, that is bad, that is wrong.
but all this can be done using MT ROS - i dont think they can manage encrypted traffic of torrent or any other encrypted traffic at all - only posible solution is to DROP ALL traffic, or you will face encrypted traffic rampaging on your network OR allow users to use p2p mark for known ptp and all other traffic beeing dropped (unmanaged traffic)
and ISP has allways remember that NOT ALL users share illegal contents. maybe some hadnycam freek choses to share his 20GB 1 hour camera dump to its friend to process it using same BAD un VERY BAD p2p network.
also, some comanies redistribute program updates using p2p network (like Blizzard)
so, do not forget - there is allways other side of a coin.
this all depends on what kind of service you are providing. if a user is paying for his internet connection and certain amount of bandwidth - it does not matter what this user is doing over this connection. he has his rights to talk over skype, download his legitimate linux distributions over torrent networks, listen to internet radio and chat over msn and install a wifi router to use a wifi laptop in his house. you have no right to deny these services to your users or he will just choose another ISP. it’s just my personal thoughts, it does depend on a lot of things. depends on what kind of agreement the user has signed, but if it were me - i would not sign an agreement where everything is blocked except www on port 80
modern bittorent progs use strange algos to baypass marking
I try to limit p2p but MT catch only 10% of real p2p traffic
but and clients have choise “your concurrence” so think before do some
routeros can drop any kind of torrent traffic. encrypted traffic cannot be slowed down with queues, but it can be effectively dropped with firewall.
I try to limit p2p but MT catch only 10% of real p2p traffic
What tool to you use to measure that Mt only catches 10%?
Can RouterOS drop P2P for certain periods of time like during business hours then allow for nights then back drop during next day?
Or does it works only for new connections? This is something have been not completely clear for me…
Best
Jorge Boardman
yes, there is time setting in firewall.
I just add “drop all p2p” then run µTorrent and in winbox run torch
with disabled rule 10Mb speed no problem
with enabled 7~9Mb speed after some time
Do you have connection tracking enabled?
yes
This “time” function has problem when the “clock” of the router is in another GMT location…
How may be fixed this problem in 2.9.x?
Do you want to tell that my user shaped to 256 kbps can actually achieve more speed over encrypted torrent traffic 
?! And only thing that I can do is to block whole bit torrent (crypted and regular) traffic?
How to test, btw, is there any of the encrypted traffic on my router?
no, what i said only applies if you try to mark p2p and make a queue out of it. queuing all traffic works as usual.
fixed in v3
Hi Normis, i know is fixed in RouterOS3, but is very beta to work in production box, exist a workaround in 2.9.x to this feature?
Thanks and best regards!
Alessio
it can’t be fixed in 2.9 because of some specific mechanics of how it works. v3 has new components, there it was possible to fix it.
Question for Normis??
Will be Final V3 finished before Training and Mum in Poland ???
Sorry for wrong thread 
If I would have to bet, I’d say “no” 
Best regards,
Christian Meis