Inbound Layer 7

Discussion in 'Tomato Firmware' started by lancethepants, May 4, 2011.

  1. lancethepants

    lancethepants Network Guru Member

    Under Advanced --> Conntrack/Netfilter

    What is Inbound Layer 7, and would it having any bearing on my Pap2t having connectivity issues?
     
  2. GhaladReam

    GhaladReam Network Guru Member

    I believe Inound Layer 7 refers to prioritizing bandwidth to speicific applications. I also think that "Layer 7" refers to the 7th layer of the OSI Model, the application layer, hence it being for specific applications. As for Pap2t having connectivity issues, that I am not sure.
     
  3. rs232

    rs232 Network Guru Member

    Layer 7 means OSI layer 7. It's a system to identify traffic not based on src/dst port or layer 4 protocol but using instead information within the data part of the packet. What it does is to run a regular expression against the data part of the packet. It's a very clever thing.In the Cisco world this system is known as NBAR.

    Remember in QoS things are split in 2: detection (identification) and action. Layer 7 strictly refer to identification, then you can do whatever you want with it e.g. block, rate limit, prioritise a.s.o.

    Any ways: watch out! It's not perfect at all. You may have your Skype traffic seen as P2P or have some other odd behaviour. You usually solve these problems having a mixture between Layer 7 and layer 4 (udp port 1000) rules placed in a specific order.

    HTH
    rs232
     
  4. Toastman

    Toastman Super Moderator Staff Member Member

    lance - for connectivity issues with VOIP the problem is often the the UDP timeout settings in Conntrack/Netfilter are too short. You can search the forum for posts regarding this.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice