Wherever L4 port/proto doesn't work, I assume it's some kind of vendor secret sauce L7 signature algorithm like Cisco NBAR or PAN App-ID.
Sure, marking VoIP is straightforward. But say I want to ensure that YouTube cannot consume more than 35% of a link in times of congestion, and stuff like Apple iOS updates get scavenger class.
In the past, I did a poor-man's equivalent by finding Apple's netblocks from ARIN and adding them to a rule assigning QoS values. Of course, this is very coarse and can't differentiate between iOS updates and any other traffic to Apple's servers, but it seemed to work well enough. But since a lot of stuff funnels through generic CDNs, I can see this approach failing miserably in most cases.
So for those who are deep in the QoS weeds: What is your approach to QoS classification when L4 characteristics aren't enough?
p.s.:
- Yes, I know: more bandwidth is always The Right Answer(r) to congestion
- This is mostly for my own understanding, I'm not solving a specific business problem this very moment. We are a Cisco/PAN shop if that matters.
- No, I don't expect you to do my job for me--I'm looking for high-level, low-resolution concepts, not an exact config for any device or vendor
thanks :)
No comments:
Post a Comment