From: Bob Sinclair (bsin@cox.net)
Date: Sun May 01 2005 - 11:51:14 GMT-3
Simon,
It appears that nbar classifies RTP traffic based on "deep packet inspection",
not just by definable UDP port numbers. This might explain why the port-map
cannot be changed or viewed. It does seem inconsistent to list it as a
configuration option, however. Here is a link with some discussion of how
nbar examines RTP traffic:
http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/nbarw_wp.htm
HTH,
Bob Sinclair
CCIE #10427, CCSI 30427, CISSP
www.netmasterclass.net
----- Original Message -----
From: simon hart
To: Group Study
Sent: Sunday, May 01, 2005 4:38 AM
Subject: NBAR and NBAR port map
I have noticed on occassion, discrepencies between 'match protocol' and
'show ip nbar port-map'
An example is that on one of my routers I can configure within a class map
'match protocol rtp' with little trouble, it will even show up in the
config.
If however I run show ip nbar port-map, there is no reference to RTP.
If I perform the following command > ip nbar port-map ?
I will see RTP as an option, but if run > ip nbar port-map rtp I will
get a unrecogonized command response.
So my question is, if one is asked to do such a task should you check the
port map to make sure the router is doing what you think it is doing?
Secondly if it is not doing what you hope, then you could use a custom-01
with port-map.
Thirdly do you recommend clarfication from the Proctor on this one?
Thanks Simon
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.0 - Release Date: 29/04/2005
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:56 GMT-3