Peer-to-Peer Networking

The next step, shown in Figure 110: Peer-to-Peer Networking, sets controls for many Peer-to-Peer (P2P) networking proto- cols. By design, P2P protocols will utilize all available bandwidth unless limits are put in place. If P2P traffic will be present on a network, the best practice is to ensure it will not degrade other traffic.

Note: P2P protocols deliberately attempt to avoid detection. Bittorrent is especially guilty of this behavior. It often utilizes non-standard or random ports, or ports associated with other protocols. Identifying all P2P traffic can be difficult or impossible.

Enable A checkbox to enable the P2P traffic settings on this step. When unchecked, the options are disabled and these queues and rules will not be added by the wizard.

Peer-to-Peer Catch All Causes any unrecognized traffic to be assumed as P2P traffic, and such traffic will have its priority lowered accordingly.

Bandwidth The amount of bandwidth that unclassified traffic can consume, at most, when P2P Catch All is active.

Warning: This option effectively takes over the Default traffic shaping queue and lowers its priority. When this option is active, it is critical for all legitimate traffic to be matched by rules that set a priority higher than the priority of the P2P catch all queue. The Raise / Lower Other Applications step of the wizard can help here, but ultimately accom- plishing this task frequently requires additional manual rules.

Enable/Disable specific P2P protocols These options identify various known P2P protocols. The fire- wall will assign ports and protocols associated with each enabled option as P2P traffic.

To use the options in this step:

•    Check Lower priority of Peer-to-Peer traffic

• Optionally enable the p2p Catch All feature
  • Enter the Bandwidth limit for p2p Catch all, if enabled
    • Choose the correct units for the Bandwidth limit
• Select protocols for the firewall to classify as P2P traffic

• Click Next to proceed with the next step