From: Colin Barber (Colin.Barber@telewest.co.uk)
Date: Sat May 31 2003 - 11:37:50 GMT-3
CQ does not use nbar. It's just port matching, the same as access-lists.
Within a class-map some protocol matches require nbar and others will not.
If you show all the options on a router that does not support nbar it is
much smaller than one that does. Once you match a protocol that requires
nbar, the IOS will automatically enable nbar.
I don't know if this will happen if you don't have cef enabled, it may
enable both or it may give you an error.
Remember that nbar does more than just port matching, you can match on
certain URLs or different applications running within Citrix etc. and
therefore it is much more flexible than just using access-lists.
Colin
-----Original Message-----
From: Mustafa Bayramov (ICT/IT) [mailto:mustafa@azercell.com]
Sent: 31 May 2003 13:37
To: ccielab@groupstudy.com
Subject: CQ use NBAR ?
I tried to find this information on doc cd : ( unsuccessfully
When I matching protocol for CBWFQ I should turn on cef and nbar ( match
proto smtp )
What about custom queuing? queue-list 1 protocol ip 1 tcp www ( CQ will use
nbar or it is just port matching in TCP header )
I've always used access-list to match protocol.
Regards
Mustafa M Bayramov
CISSP
CCNP,CCDP,Cisco Security Specialist
Network engineer and security analyst
Azercell Telecom J.V.
Azerbaijan, 370620 Baku, Tbilisi pr. 31/66
Tel: (99412) 982823 /982740 Ext: 34 03
Fax: (+99412) 982825 / 93 73 63
Mob: (+99450) 2500011
E-mail: mustafa@azercell.com
url: http://www.azercell.com
"I know nothing except the fact of my ignorance." Socrates
"The only system that is truly secure is one that is switched off and
unplugged, locked,
in a titanium-line safe, buried in concrete bunker, and is surrounded by
never gas and very
highly paid armed guards. Event then, I wouldn't stake my life on it. ".
My public PGP key.
------BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
mQGiBDn9P4ERBADz+wZ3Yx62z1cJtsvrp9l/Png0Fm100+4RwZis8gG/LBNa45ob
lmaqbfKYEekUdjUIEqP671CovE14I54OXxsy7FIKu38GXwexTyA7wfFRktovdmi3
7R7ZcRX6y8rTWmqyR9H3Cyx4OQlMK9e1TWED28mYYDeteehfSR/oCuOpRwCg//bi
McTnP31z4V2QfKOhSEJd50kD/2ZRLqHlkPfApPWv6xpst77XzZu0wX8qmcS5rBUa
OtK7dEBL7LRcuKK+S5hG413Ysx2F1eNJGX2o9wjtj6RZ3r1bepSkFk3Bv8U4WD8n
pxhqQnoWqMR6QkCd6UC3mank+mM6i3M/Lp5dzZMbHyYN7W48UKWXDamAImxCNt3s
qZEEBADkGb+vVLidKK0GGEf493bMF17PwJ7g6DC83d0IqY3lM+kwF1unpk16gbSe
OKSCzAj5Q0KXoxMnAeJuI2o5AB8mXB8Mvz+Q5MyqagCIBJieQiuglXhbdMWPRFba
l12QMXzvtolS94LOTHD2hWem2skE1U5/A3zHLbhAb++H50RtqbQpQmF5cmFtb3Yg
TXVzdGFmYSA8bXVzdGFmYUBhemVyb25saW5lLmNvbT6JAE4EEBECAA4FAjn9P4EE
CwMCAQIZAQAKCRD3sXpkLDYaovrbAKDIGy27JofhFVuYfqMEOV5AJwMLjgCcD67B
4t2mLW9Gb/A92LKGb/bEnqK5BA0EOf0/gRAQAPkYoH5aBmF6Q5CV3AVsh4bsYezN
RR8O2OCjecbJ3HoLrOQ/40aUtjBKU9d8AhZIgLUV5SmZqZ8HdNP/46HFliBOmGW4
2A3uEF2rthccUdhQyiJXQym+lehWKzh4XAvb+ExN1eOqRsz7zhfoKp0UYeOEqU/R
g4Soebbvj6dDRgjGzB13VyQ4SuLE8OiOE2eXTpITYfbb6yUOF/32mPfIfHmwch04
dfv2wXPEgxEmK0Ngw+Po1gr9oSgmC66prrNlD6IAUwGgfNaroxIe+g8qzh90hE/K
8xfzpEDp19J3tkItAjbBJstoXp18mAkKjX4t7eRdefXUkk+bGI78KqdLfDL2Qle3
CH8IF3KiutapQvMF6PlTETlPtvFuuUs4INoBp1ajFOmPQFXz0AfGy0OplK33TGSG
SfgMg71l6RfUodNQ+PVZX9x2Uk89PY3bzpnhV5JZzf24rnRPxfx2vIPFRzBhznzJ
Zv8V+bv9kV7HAarTW56NoKVyOtQa8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgN
RR0PfIizHHxbLY7288kjwEPwpVsYjY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv88
4bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsi
GSa6q6Jew1XrPdYXAAICEADrnrnC5/Nwz2I4WgcPbxWGM+Vc/oAVWQpLQfa9v0tD
OtUmB7fJ8K/enezFkf18DdXLV41XKut8sJu7dd9ESSMv9wHjPPd/4sI7U+9mubiV
MwCBYj4hwrQz1QDp/879Fm0c6qcABPN7mKP/hrvs9/O4IcG4g9tEIR4NHZW1ToRi
xs9bhGc27+Q6oN3l1V/IqtKYbl8zNnvpTfUTIQiUn5bglhQConECZNure2xmzHkF
wJpgcbnj8X6vDCbXEsd1PUNwwoTDP1R+QiPPpaymMqHKXDCIpKNiknfa+WKtAUrv
LAa+jHtU8ekkS0L+7xpLziy0pXgHOBvhE2iz8XtlpSp6n8/Tkbs73l3QoAqDwVy4
zxVgbCWcCGOXbPcCpx2895EbXKxGmHhQTX/7NmDwuLabEm19wA4BPLYmU8MA9HrO
5OCDftvsFJp1b2yI23HEYyrDySVsVPMHUqmPJoES8IDtgUzmakY6Hiu04ulYNobK
FBZcHOuzI16QAMNlLNCfTY3Bzr5PJlOKAuOMQfWtrvlZtHcN3Dbg8eq7HJhvsDEN
aSypNHtiwHDBzDkTg6T3CHzwVRJxh+LUe04JGVcB06T91EC7AXoGVQffqm2pV4Cd
r85yuEG7Qq4I/5uejVxA87Shks6gXqC2iLlG2qTX3Y3JP5AhrPGQHUnYLawIkqsm
t4kARgQYEQIABgUCOf0/gQAKCRD3sXpkLDYaoqP/AKDEDIjWbKf6VZS8gjBQOflr
moLx6ACg00HvrwS886mG3JF6Ihm7KCqxtHg=
=FhTr
-------END PGP PUBLIC KEY BLOCK-----
------------------------------------------------------------------------------
Live Life in Broadband
www.telewest.co.uk
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material.
Statements and opinions expressed in this e-mail may not represent those of the company. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer.
==============================================================================
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:51 GMT-3