User equipment USG5500, version is V200R002C00SPC200, configured P2P current-limiting function. But when the user use thunder test, it can’t reach the perfect limiting effect, the downloading flow largely exceeded the threshold value which is configured by P2P current limiting.
The configuration is as follows:
dns server 126.96.36.199
whole-packet-search enable all
update rule-base server domain sec.huaweisymantec.com
rule 0 if-match category P2P apply qos-car 2048000
rule 6 if-match category Streaming apply qos-car 2048000
rule 7 if-match category PeerCasting apply qos-car 2048000
policy template liuliangxianzhi
1, check the configuration, found it hasn’t limited the “HTTP_Download”, the protocols which involved by thunder besides P2P and Streaming and PeerCasting, it still has HTTP_Download and HTTP_Proxy and HTTP_Streaming. In http flow, the thunder mainly uses HTTP_Download. Limit the flow of HTTP_Download, the added configuration is as follows:
rule 8 if-match category Web_Browsing application HTTP_Download apply qos-car 2048000
The thunder downloading speed is limited effectively, but the internal network accesses external network slowly.
2, User internal network is out through NAT changeover and then through USG do the twice NAT changeover, but the P2P current limiting is aim at the global current limiting but not the single IP.
3, based on the user networking and the protocol used by thunder for downloading, can only cancel the limiting of HTTP_Download, just limit the flow of P2P.
1, configuration is not correct.
2, DPI character library doesn’t update.
3, other reasons.
Usually in order to limit the thunder downloading, it needs to limit HTTP_Download flow, but HTTP_Download will seriously influence the online speed of the internal network users, so you’d better no use it.