No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.

Knowledge Base

Bandwidth Control over P2P Traffic by USG5500 on an Enterprise Network

Publication Date:  2012-07-17  |   Views:  101  |   Downloads:  0  |   Author:  cwx00003497  |   Document ID:  EKB1000001532


Issue Description

P2P applications are bandwidth-intensive. Controlling the bandwidth of P2P applications is important on an enterprise network.

Alarm Information


Handling Process

Configure the USG5500 as follows:
                                Step 1     Set the IP addresses of the interfaces, define routing polices, and add routes to the routing table.
interface GigabitEthernet0/0/0
ip address
interface GigabitEthernet0/0/1
ip address
firewall zone trust
set priority 85
add interface GigabitEthernet0/0/0
firewall zone untrust
set priority 5
add interface GigabitEthernet0/0/2 
nat-policy interzone trust untrust outbound
policy 1
policy source mask 24
                                Step 2      Configure a P2P policy.
ip address-set p2padd type object
address 0 range
acl number 3004
rule 0 permit ip source address-set p2padd
rule 5 permit ip destination address-set p2padd
p2p-class 1
cir 10000 index 1 time-range
cir 20000 index 2 time-range
                                Step 3     Apply the P2P policy on the trust zone.
firewall interzone trust untrust
p2p-car 3004 class 1 inbound
p2p-car 3004 class 1 outbound
p2p-detect enable

Root Cause

Networking in lab environment:
As shown in the following figure, the private network is, and the public network is represented by network The bandwidth for the P2P traffic between the two networks must be limited to 10 Mbit/s.


                 On an enterprise network, P2P traffic can also be controlled by using time-range ACL as follows:
Step 1     Set a time range as follows:
                 time-range day 12:00 to 18:00 daily
Step 2     Assign class 1 to P2P traffic.
                 p2p-class 1
                 cir 10000 index 1 time-range day