Benutzer-Werkzeuge

Webseiten-Werkzeuge


english:application-fingerprinting-iperf

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

english:application-fingerprinting-iperf [2014/06/19 15:18] (aktuell)
benny angelegt
Zeile 1: Zeile 1:
 +====== Leverage Application-Fingerprinting to detect iPerf TCP/UDP traffic ======
 +
 +This TechTip describes how to leverage "Application-Fingerprinting" (AppFP) to detect iPerf traffic (UDP/TCP) in your network and e.g. apply a bandwidth shaping policy.
 +
 +To detect "iPerf" you first need to create an REGEX (Regular Expression) and apply it. 
 +
 +AOS R7 comes with pre-defined signatures, which are stored in "/flash/app-signature/app-regex.txt".
 +
 +**Modify or add the following to your file:**
 +
 +<file txt app-regex.txt>
 +App-name: iperf-udp
 +Description: iPerf UDP-based transfer
 +\.?.?\xff\xff\xfc\x18\x36\x37\x38\x39\x30
 +
 +App-name: iperf-tcp
 +Description: iPerf TCP-based transfer
 +\x32\x33\x34\x35\x36\x37\x38\x39\x30\x31
 +
 +App-group: iperf = iperf-udp iperf-tcp
 +
 +</file>
 +
 +**Once you saved the file, you need to instruct the OmniSwitch to reload it:**
 +<code>
 +OmniSwitch-> app-fingerprint reload-signature-file 
 +</code>
 +
 +**Now that you can detect the application (in this case iPerf) you need to define a policy set:**
 +<code>
 +! QOS:
 +policy condition c4 appfp-group iperf 
 +policy action a4 maximum bandwidth 10.0M 
 +policy rule r4 condition c4 action a4 no default-list  
 +policy list iperf type appfp
 +policy list iperf rules r4  
 +qos apply
 +</code>
 +
 +**In this step you'll tell the OmniSwitch on which port it should apply the Application-Fingerprinting (+ instruct to send an SNMP trap if done):**
 +<code>
 +! APP-FINGERPRINT:
 +app-fingerprint trap enable
 +app-fingerprint port 1/11 policy-list-name iperf
 +</code>
 +
 +<WRAP center round tip 60%>
 +This REGEX is far from being optimal (especially for TCP), it was created for a simple POC.
 +</WRAP>
 +
  
english/application-fingerprinting-iperf.txt · Zuletzt geändert: 2014/06/19 15:18 von benny