Inbound Layer 7

Discussion in 'Tomato Firmware' started by lancethepants, May 4, 2011.

  1. lancethepants

    lancethepants

    Under Advanced --> Conntrack/Netfilter

    What is Inbound Layer 7, and would it having any bearing on my Pap2t having connectivity issues?
  2. GhaladReam

    GhaladReam

    I believe Inound Layer 7 refers to prioritizing bandwidth to speicific applications. I also think that "Layer 7" refers to the 7th layer of the OSI Model, the application layer, hence it being for specific applications. As for Pap2t having connectivity issues, that I am not sure.
  3. rs232

    rs232

    Layer 7 means OSI layer 7. It's a system to identify traffic not based on src/dst port or layer 4 protocol but using instead information within the data part of the packet. What it does is to run a regular expression against the data part of the packet. It's a very clever thing.In the Cisco world this system is known as NBAR.

    Remember in QoS things are split in 2: detection (identification) and action. Layer 7 strictly refer to identification, then you can do whatever you want with it e.g. block, rate limit, prioritise a.s.o.

    Any ways: watch out! It's not perfect at all. You may have your Skype traffic seen as P2P or have some other odd behaviour. You usually solve these problems having a mixture between Layer 7 and layer 4 (udp port 1000) rules placed in a specific order.

  4. Toastman

    Toastman

    lance - for connectivity issues with VOIP the problem is often the the UDP timeout settings in Conntrack/Netfilter are too short. You can search the forum for posts regarding this.

