QoS - How to detect Youtube HTML5 video over port 443?

Question

I'm running Tomato on a small network. It has fairly comprehensive QoS controls, but I'm having trouble getting it to correctly classify Youtube HTML5 videos over port 443. They are being classified as FileXfer, the same as a regular download. I want FileXfer to only be used for normal file downloads, whereas HTML5 video should be classified as Media. Is there any additional rule I can use to match Youtube? Or is this not possible since it's encrypted traffic over port 443?

Thanks a lot for the help.

Everything coming in from the internet is a file transfer. :-) The problem is recognizing what *kind* of file is being transferred so as to assign it the correct priority. — rahim123, Oct 28 '16 at 23:30

score 2 · Answer 1 · edited Oct 29 '16 at 01:03

2

Add a classification to throttle traffic on port 443 after 512kb have been downloaded to a specific internal address. or you can set the destination address to any.

it will look like this in the end

Inbound Direction:

TCP
DstPort: 443
Transferred: 0-512kb

make sure you set src ip is statically assigned on the machine so tomato will know whom to throttle. or you can set a DHCP reservation to assign that machine the same address each time.

*make sure your on inbound classification

Here's how it looks:

How it Looks

edited Oct 29 '16 at 01:03

techraf

4,243
8
29
44

answered Oct 28 '16 at 16:37

Bryan Cerrati

96
8

Thanks a lot for the reply. I actually want to assign *higher* priority to Youtube downloads, and make it throttle other kinds of large file downloads, but *only* when needed. In other words, I want full-speed normal file downloads as long as nobody is trying to stream a video. – rahim123 Oct 28 '16 at 23:32
what are your layer 7 options in the classifications? – Bryan Cerrati Oct 31 '16 at 15:50
I tried `httpvideo` and `youtube-2012`, doesn't seem to catch it. – rahim123 Nov 01 '16 at 18:59
[heres a list of supported layer 7 protocols.](http://l7-filter.sourceforge.net/protocols) youtube is not a protocol but i thought it may have found a pattern and created into a filter in the "Layer 7 Filter" project. but it hasnt worked. – Bryan Cerrati Nov 01 '16 at 19:12
[Pattern Writing](http://l7-filter.sourceforge.net/Pattern-HOWTO) gives you the ability to write a specific filter to add to L7-Filtering. – Bryan Cerrati Nov 01 '16 at 19:16
as far as i can see unless you add your own filter, you will have to accelerate by ip address or mac on port 443 and low(er) priority on 80. – Bryan Cerrati Nov 01 '16 at 19:20

QoS - How to detect Youtube HTML5 video over port 443?

1 Answers1