I’m sure there have been numerous posts on this topic but none of the solutions seem to work. I have several Bit-Torrent users on my network and the bandwidth really isnt the problem. I have frame-relay T1 lines and the number of connections that these p2p programs use are what is killing my network. I’ve tried setting up firewall rules to limit the number of connections per client to 10 but this doesnt seem to work. It’s like I can’t control the number of connections per user. Is there something that I’m missing?
Bit-Torrent seems to be the biggest problem on my network however, other p2p applications seems to cause similar problems just on a smaller scale. The only thing I can think of is maybe I’m entering the firewall rules incorrectly.. Does anyone out thre have a working configuration? Right now I’m running MT 2.8.27.
haha actually yes it is I used to play it all the time. Great game.
Aright, i looked at the router settings and it seems that I am catching several packets, but nowhere near all of them. I set the connection time limit to 1 hour to filter out all the older, non-active connections.. Hopefully that will clear things up.
Are you throttling both directions? Keep in mind that there are going to be hundreds of incoming connections attempts from people trying to get file segments from your customer and connection tracking is going to have to deal with them as well.
Still having issues with bittorrent here. Would it be possible for someone to post a fix for this. I want to limit/block ALL torrent traffic through my network, udp/tcp, everything. It causes too much of a problem and I’ve tried everything I know. Any help would be nice
I don’t think that is truely possible yet. p2p is a mother to manage fully!
The problem with p2p matching engine is that it does detect established connections after a while but alot of the p2p traffic escapes it too. I have thought of many ways like using the known ports to connection limit the traffic as with the p2p matching module and that does work but can also makes the p2p behave funny and some other apps can be affected if incoming ports conflict and I find incoming ports for apps vary so much you cant mess with that. I find it a balance of making it work enough to keep the users happy but throttle it so it dosent cause much problem to your network but it is very difficult.
Are your connection limits showing up dropped packets? If so then you can assume they are working and that it’s not possible to control by TCP.
What do you think is slowing down as a result of these connections?
Is it the MT router slowing down? Is the winbox or command prompt slow to respond? It could be some other device down the line with not enough proccessor to take that many connections.
If the MT is slow an upgrade of memory and processor would help. I would think the T1 lines should take almost unlimited ammount of tcp connections bandwidth overhead allowing of course, so long as the hardware providing connectivity can take the load?
Do some more tests and see? I had a similar problem and it was teh hardware used for MT was not up to the job.
PS - playing Gradius arcade game in my youth too, brings back happy memories
It would be really useful if you could give some examples of your rules to limit port connections per IP. I remember in an earlier post you suggested 4. Examples would be a start for some of us who have limited MT experience. In my case I want to block P2P on school LAN with MT configured as transparent bridge but MT cannot drop latest version of Ares. So I want to try port limiting.
