Which version is best to use on new installation?



  • I've read that 2.0RC3 is stable to use in a production environment, but also there are problems blocking BitTorrent and such.  Is the BT issue present in 2.0RC3?  Is that still the best direction to go with a new installation?  Thanks.


  • Netgate Administrator

    I've not experienced or read about such problems. You mean problems allowing bit torrent or problems blocking it?

    Steve



  • Blocking BT is hard, because the protocol uses evasive maneuverer to bypass blocking systems. Even having a L7 rules won't block the BT completely.

    Let say that your users are not able to uPnP and can't setup a port forward, so they can't receive inbound connections, this will only slow them down in the beginning, because they will initiate themselves the connections. Even if they setup their clients to use a specific port let say 443, in the majority of the clients this is the listening port, uTorrent (not naming any there) will use a high port to initiate a connection, so you can't control this port, this will be a new port for each connection… Adding that they will probably enforce encryption so L7 can't do nothing about this traffic either. Then they will connect to other peers that have their listening ports in common ports like 1723 (pptp) 443 (https), not only this will bypass your router, but your QoS rules will prioritize this traffic... I control my own network at home and wanted to put BT in the P2P queue, I had to create a virtual ip address on my Windows and bind uTorrent to that IP address and shape this ip address completely instean of using ports.


Log in to reply