From: ccie-cs@comcast.net
Date: Thu Jul 15 2004 - 15:24:45 GMT-3
Hi, Geert,
Thanks for the information.
So it implies that the match only has effect on new FTP sessions which need to initiate a connection to TCP port 21. For existing sessions which are already using port 20 (assume active FTP mode) the match will fail. Can this to be agreed by all?
Thanks,
M
-------------- Original message --------------
> I think NBAR will only match port 21:
>
> R9#sh ip nbar port-map | i ftp
> port-map ftp tcp 21
> port-map secure-ftp tcp 990
> port-map tftp udp 69
>
> Correct my if i am wrong,
>
> Geert
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Neil Moore
> Sent: donderdag 15 juli 2004 4:55
> To: ccie-cs@comcast.net; comserv@groupstudy.com; ccielab@groupstudy.com
> Subject: Re: match protocol ftp
>
>
> I would ask the proctor in a format such as "which do you prefer for the
> answer .. An access-list based method or a protocol discovery method."
> My 2cents.
> -Neil
> ----- Original Message -----
> From:
> To: ;
> Sent: Wednesday, July 14, 2004 2:58 PM
> Subject: match protocol ftp
>
>
> > Hi, Team,
> > If I am asked to configure a class map to match ftp traffic, AND the
> router has NBAR feature enabled, i.e. you can match layer 4 protocols
> instead of using ACL, which configuration below should I use? The "match
> protocol ftp" is simpler, but I have not idea which ports does it match?
> Could anyone help?
> > 1) Use match protocol
> > class ftp
> > match protocol ftp
> > 2) Use ACL
> > class ftp
> > match access-group 110
> > access-list 110 permit tcp any any eq ftp
> > access-list 110 permit tcp any eq ftp any
> > access-list 110 permit tcp any any eq ftp-data
> > access-list 110 permit tcp any eq ftp-data any
> > access-list 110 permit tcp any gt 1023 any (i am not sure this line???)
> > access-list 110 permit tcp any any gt 1023 (????)
> > Thanks,
> > Mike
> > _____________________________________________________________________
> > Subscription information: http://www.groupstudy.com/list/comserv.html
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
> ################################################################################
> #####
> This e-mail and any attached files are confidential and may be legally
> privileged.
> If you are not the addressee, any disclosure, reproduction, copying,
> distribution,
> or other dissemination or use of this communication is strictly prohibited.
> If you have received this transmission in error please notify Simac immediately
> and then delete this e-mail.
>
> Simac has taken all reasonable precautions to avoid virusses in this email.
> Simac does not accept liability for damage by virusses, for the correct and
> complete
> transmission of the information, nor for any delay or interruption of the
> transmission,
> nor for damages arising from the use of or reliance on the information.
>
> All e-mail messages addressed to, received or sent by Simac or Simac employees
> are deemed to be professional in nature. Accordingly, the sender or recipient of
> these messages agrees that they may be read by other Simac employees than the
> official
> recipient or sender in order to ensure the continuity of work-related activities
> and allow supervision thereof.
> ################################################################################
> #####
This archive was generated by hypermail 2.1.4 : Sun Aug 01 2004 - 10:11:56 GMT-3