From: Sean C (Upp_and_Upp@hotmail.com)
Date: Sun May 08 2005 - 14:30:51 GMT-3
Hi Gladston,
Hmmmm..., same type of question from 2 people in a row...
After a little more review since my answer to the other question, from CCO
for 'match protocol':
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos_r/qrfcmd5.htm#wp1070757
if you read the last paragraph under the usage guidelines for the command:
"This command can be used to match protocols that are known to the
Network-Based Application Recognition (NBAR) feature."
But, taking a look at what NBAR recognizes:
Router#sh ip nbar port-map | i port-map d
port-map dhcp udp 67 68
port-map dns udp 53
port-map dns tcp 53
So..., if I'm reading this right, even though your match protocol is telling
the router to match on dlsw, dlsw isn't defined in NBAR, so the router
doesn't know has nothing to match on. Perhaps you need to create a custom
port map for DLSW and the appropriate ports:
R3#sh run | i port
ip nbar port-map custom-01 tcp 2065 2067
R3#sh class-map DLSW
Class Map match-all DLSW (id 2)
Match protocol custom-01
Curious to know if this works. HTH,
Sean
----- Original Message -----
From: <gladston@br.ibm.com>
To: <ccielab@groupstudy.com>
Sent: Sunday, May 08, 2005 11:07 AM
Subject: Marking DLSW with NBAR
> R2 is marking telnet and dlsw packets using CB called from a frame class.
> Telnet is marked correctly,
> but DLSW is not.
> Do you think match protocol dlsw matches just real dlsw transport traffic,
> and not dlsw session?
>
> dlsw peer exist between R5 and R3:
> Rack2R5>sh tcp brief
> TCB Local Address Foreign Address (state)
> 8318400C 142.20.5.1.11000 142.20.6.1.179 ESTAB
> 831AF9A8 142.20.5.1.11001 142.20.3.1.2065 ESTAB
> 8316F6D0 142.20.125.5.179 142.20.125.1.11001 ESTAB
> 831D8F4C 142.20.5.1.23 142.20.23.3.11009 ESTAB
>
> R2 is between R5 and R3
>
>
> R2 config:
>
>
> class-map dlsw
> match protocol dlsw
> !
> class-map telnet
> match protocol telnet
> !
> class-map match-all voip-rtp
> match ip rtp 16384 16383
> !
> !
> policy-map Priority-with-FRTS
> class voip-rtp
> priority 32
> class dlsw
> set dscp 55
> class telnet
> set dscp 60
> !
> interface Serial0/1
> ip address 142.20.23.2 255.255.255.0
> no sh
> ip router isis
> encapsulation frame-relay
> no fair-queue
> isis circuit-type level-2-only
> isis authentication mode md5 level-2
> isis authentication key-chain Isis-authen level-2
> frame-relay class Frts-to-r3
> frame-relay traffic-shaping
> frame-relay map clns 200 broadcast
> frame-relay map ip 142.20.23.3 200 broadcast
> no frame-relay inverse-arp
> !
>
> map-class frame-relay Frts-to-r3
> frame-relay cir 128000
> frame-relay bc 1280
> frame-relay be 0
> frame-relay mincir 64000
> frame-relay adaptive-shaping becn
> service-policy output Priority-with-FRTS
>
> Monitoring:
> Rack2R2#sh policy-map interface ser 0/1
> Serial0/1: DLCI 200 -
>
> Service-policy output: Priority-with-FRTS
>
> Class-map: voip-rtp (match-all)
> 0 packets, 0 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: ip rtp 16384 16383
> Queueing
> Strict Priority
> Output Queue: Conversation 24
> Bandwidth 32 (kbps) Burst 800 (Bytes)
> (pkts matched/bytes matched) 0/0
> (total drops/bytes drops) 0/0
>
> Class-map: dlsw (match-all)
> 0 packets, 0 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol dlsw
> QoS Set
> dscp 55
> Packets marked 0
>
> Class-map: telnet (match-all)
> 28 packets, 1646 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol telnet
> QoS Set
> dscp 60
> Packets marked 28
>
> Class-map: class-default (match-any)
> 1175 packets, 1127462 bytes
> 5 minute offered rate 2000 bps, drop rate 0 bps
> Match: any
>
>
> Rack2R3(config)#dls dis
> Rack2R3(config)#do sh dls peer
> Rack2R3(config)#no dls dis
> Rack2R3(config)#do sh dls peer
> Peers: state pkts_rx pkts_tx type drops ckts TCP
> uptime
> TCP 142.20.5.1 CONNECT 2 2 conf 0 0 0
> 00:00:02
> Total number of connected peers: 1
> Total number of connections: 1
>
>
> Rack2R2#sh policy-map interface ser 0/1
> Serial0/1: DLCI 200 -
>
> Service-policy output: Priority-with-FRTS
>
> Class-map: voip-rtp (match-all)
> 0 packets, 0 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: ip rtp 16384 16383
> Queueing
> Strict Priority
> Output Queue: Conversation 24
> Bandwidth 32 (kbps) Burst 800 (Bytes)
> (pkts matched/bytes matched) 0/0
> (total drops/bytes drops) 0/0
>
> Class-map: dlsw (match-all)
> 0 packets, 0 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol dlsw
> QoS Set
> dscp 55
> Packets marked 0
>
> Class-map: telnet (match-all)
> 36 packets, 2010 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol telnet
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:57 GMT-3