Control Peer-to-Peer Downloads

Instructions for controlling the performance impact of P2P file sharing

The whole genre of peer-to-peer (P2P) applications that facilitate file sharing have taken a heavy toll on network performance. Many schools, businesses, and other organizations have no desire to issue oppressive and controversial mandates regarding unsanctioned use of the network. However, they do want to maintain control over their networks, uphold acceptable performance for mission-critical applications, and avoid liability issues from the entertainment industry.

Steps:

The following steps help you to identify, cap or block, analyze, and generally manage this potentially disruptive traffic.

1. Identify and differentiate P2P traffic.
   
   Enable traffic discovery. PacketWise automatically identifies Aimster, AudioGalaxy, eDonkey, more than a dozen Gnutella variations, Groove, Hotline, Imesh, KaZaA, lots of Napster descendants, Scour, Tripnosis, and, more. The collection of popular P2P varieties is an ever-changing phenomenon. Many new types fall under PacketWise's classification umbrellas, such as Gnutella, despite the fact that they look like a new type.
   
   Once P2P traffic has traversed your network, select the manage tab and examine your traffic tree on the left. Do you see the application listed? For Napster, multiple sessions must pass before PacketWise inserts a Napster traffic class.
   
   What if your traffic isn't one of those automatically discovered by PacketWise? Or what if you only want to control a subset of the traffic? For example, you might want to control P2P traffic emanating from the dormitories, but let P2P traffic to or from the university president's office alone.
   
   In these cases, create your own traffic class using your own criteria (for example, port number or application name with a specific source or destination). Make sure you have traffic classes for your P2P traffic in both the Inbound and Outbound branches of the traffic tree.
   
   For background information, see Traffic Tree Overview and/or Traffic Classification Overview.
   
   
2. If you have several types of P2P applications that you'd like to view and control together, create a folder class called P2P and move all P2P classes into it. Make sure you have folders in both the Inbound and Outbound branches.
   
   
3. If you turn off traffic discovery at this point, keep an eye on your In/Outbound Default traffic classes. If usage starts to grow, a new P2P application may have appeared.
   
   
4. Analyze the impact of P2P traffic on your network and application performance.
   
   Look at the Top Ten classes. See if P2P applications are there. What percentage of the traffic is P2P? Is more than 10 percent of your bandwidth being used by the various types of P2P? If so, some control is probably in order.
   
   
5. Decide if you want to block or limit your P2P traffic. If you'd like to entirely block it, use the procedure Block Unwanted Traffic with your P2P traffic classes and stop here. Otherwise, continue with the next steps.
   
   Many organizations have decided on a strategy where they severely restrict Outbound/P2P traffic but are more lenient with Inbound/P2P traffic. The reasoning behind this strategy is that a large amount of Outbound/P2P usually signifies that someone hosts a file-swapping server and is distributing files to others. But Inbound/P2P traffic is primarily for retrieving files rather than distributing them. To some, legal culpability looms more significantly with distribution.
   
   

6. Create partitions to limit the total amount of bandwidth for each P2P traffic class (if you did not make a folder) or all P2P traffic (if you did). Remember to create partitions for both the Inbound and Outbound branches.
   
   The size of your partitions depend on how restrictive you want to be and the relative importance of other traffic. See Sizing a Static Partition for assistance.
   
   For background information, see Partition Overview.

7. Set a rate policy on each of your P2P traffic classes to accomplish several goals: to indicate the relative importance of your P2P traffic so that PacketWise knows how to distribute excess bandwidth; to insulate P2P users from each other so that one high-capacity user doesn't take the whole P2P partition; to gain the benefits of TCP Rate Control and in particular, to reduce transmissions that waste bandwidth.
   
   In the rate policy, use a guaranteed rate of 0 and a priority of 0 or 1. Use a per-user maximum of anywhere from 2 Kbps to 100 Kbps, making sure that it allows a reasonable number of concurrent users within the partitions you created in the previous step.
   
   For background information, see Policy Overview.
   

The procedure described here will catch and control most P2P, file-sharing traffic. It might not catch obscure hybrids or mutations of these protocols. But it is usually sufficient to contain 90 percent of the traffic to maintain a useable network. If this is true for you, stop here. If not, follow the procedure described in Prepare for the Next Napster.

Continue to evaluate the effectiveness of your solution by checking the top ten tab regularly.