Forum Discussion
How to use iRules do Bandwidth management with P2P traffic?
The Typical P2P program is Bitorrent , eMule and eDonky。Because this type of program use P2P protocol to transfer file from one user directly to another. And do not need Server to download. So it’s very popular for internet file sharing . The P2P program will generate very large number of session and will use full of bandwidth to download or share file. Because this type of program using dynamic port number to transfer, and even they can use port 80 to do file transfer. So How can we identify the traffic by the payload of datagram, find the signature and limit it’s bandwidth?
- From what I understand, BitTorrent clients generally listen on ports 6881–6889, so you could write a rule that looks for those ports in particular. The BitTorrent client to client handshake appears to be fairly easy to detect. The initial handshake has the following signature.
. handshake: opstrlen: string length of , as a single raw byte opstr: string identifier of the protocol oreserved: eight (8) reserved bytes. All current implementations use all zeroes. oinfo_hash: 20-byte SHA1 hash of the info key in the metainfo file. opeer_id: 20-byte string used as a unique ID for the client. In version 1.0 of the BitTorrent protocol, pstrlen=19, and pstr="BitTorrent protocol".
Once you determine that the signature matches this P2P protocol, you could apply a rate filter class that can be used to rate limit the exchange.
A harder way to do this would be to parse the ‘bencoded’ tracker .torrent metainfo file to determine the address and port in which the peers are listening on. This way, you won't have to care if the ports are dynamically generated. If you would like to take a shot at the rule, we would be more than happy to help improve it if necessary. 
hoolioCirrostratus
Better late than never? KKY pointed out this F5 solution which seems to fit the bill:
P2P rate shaping:
Click here
Aaron