Practical QoS Question - Limiting bandwidth for Flash...

So...we bought a nice, expenisve web caching appliance so that things like the NBA finals and such would not overrun our network...then it happened...certain websites decided it would be more fun to stream in flash or silverlight, both of which ride on HTTP, making it difficult to sort them out and limit them.

I'm thinking my best bet will be to design an ACL based on the http MIME type and try to match traffic based on that rather than domain name. Then, assign that to a class-map and create a policy-map that limits the amount of bandwidth this class can eat up, which I can add other traffic that the bosses still want the users to be able to get to, but don't want eating up all our bandwidth and harming business applications.

Has anyone tried to do this? I've never designed an ACL based on an HTTP Mime type, but it doesn't seem like it should be that difficult. Will I need to enable NBAR on my router in order to let it peek into the application layer data to classify this traffic? I'm sure others are feeling the pain as more streaming moves to flash and silverlight.

Thanks!

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

redwarrior

I just thought I'd put an update out there if anyone else is fighting this.

This project got pushed back, so at least I don't need a solution right away. From what I could find, basically, the best solution I could come up with would be to enable NBAR on my router and then create a QoS policy to limit the amount of bandwidth eaten up by certain URL's. My only other solution was to limit the amount of bandwidth used by HTTP traffic overall, however this would then allow flash/silverlight traffic to starve other HTTP traffic during peak times of streaming.

I'm hoping that in the meantime, a vendor such as BlueCoat will come up with a better solution.

astorrs

redwarrior wrote:

I just thought I'd put an update out there if anyone else is fighting this.

This project got pushed back, so at least I don't need a solution right away. From what I could find, basically, the best solution I could come up with would be to enable NBAR on my router and then create a QoS policy to limit the amount of bandwidth eaten up by certain URL's. My only other solution was to limit the amount of bandwidth used by HTTP traffic overall, however this would then allow flash/silverlight traffic to starve other HTTP traffic during peak times of streaming.

I'm hoping that in the meantime, a vendor such as BlueCoat will come up with a better solution.

Do you have a PacketShaper from BlueCoat (formerly Packeteer) or is it some other device? If so you can use the shaping module to limit Flash Video traffic, you're still out of luck for SilverLight (although I would imagine that update is around the corner).

redwarrior

I'll have to check to see what BlueCoat device we are using for caching since I'm not the admin on that, but I'll definitely check on it. I had to believe that there was something out there for this since it seems like more and more sites seem to be streaming in flash. Thanks for the heads-up!