RE: NBAR Question

From: Vincent Mashburn (vmashburn@fedex.com)
Date: Thu Nov 30 2006 - 11:21:34 ART

• Next message: Andre Serrao: "Re: Mistakes"
• Previous message: Danny Cox: "Re: my wrists giving me issues, just before the exam time"
• Maybe in reply to: Lab Rat #109385382: "NBAR Question"
• Next in thread: William.Nellis@cox.com: "RE: NBAR Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I believe as of 12.4, you no longer have to enable "ip nbar protocol
discovery" to be able to match the protocols in a class map. I took a
Cisco QoS training class a couple of years ago and the instructor
informed that you did indeed have to configure protocol discovery to
enable nbar. However, we were dealing with the 12.3 train at that time.

Vince Mashburn
Sr. Voice / Data Engineer
901-263-5072
CCVP, CCNP
Cisco IP Telephony Support Specialist
Cisco IP Telephony Operations Specialist
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Iamgoingtobeaccie Iamgoingtobeaccie
Sent: Wednesday, November 29, 2006 9:28 PM
To: ccielab@groupstudy.com
Subject: Re: NBAR Question

Awaiting confirmation from other guys too.I know its easy to find this
in doc cd and other stuffs.Infact I did check the doc CD before even
writing my first mail.

But I am really confused after few guys(who have the CCIE numbers
already) told that 'ip nbar protocol-discovery' is a mandatory command
to enable NBAR.I could not see this info in any of the docs.

Advanced thanks

serdar kut <kutserdar@gmail.com> wrote: as much as I know no it is not a
necessary for nbar to enable protocol discovery on interface...but cef
is a mandatory for all app. of nbar...
  protocol discovery on interface may be a good accounting question :)
 
 Serdar

On 11/28/06, Iamgoingtobeaccie Iamgoingtobeaccie
<heyiamgoingtobeaccie@yahoo.co.in> wrote: I had a look at the CCO before
writing to the GS.I assumed that NBAR protocol discovery is just for
displaying the traffic statistics for different applications.That is
what I wanted to confirm here.

thanks

"Schulz, Dave" <DSchulz@dpsciences.com> wrote: It is not necessary to
enable the protocol discovery in order to
configure the NBAR. However, you will want to read the docCD thoroughly
on the discovery and understand when it is needed. Hope this helps.

Dave Schulz,
Email: dschulz@dpsciences.com

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Iamgoingtobeaccie Iamgoingtobeaccie
Sent: Monday, November 27, 2006 11:57 PM
To: ccielab@groupstudy.com
Subject: Re: NBAR Question

One question which I have seen with a workbook was

1)classify HTTP without enabling CEF.As NBAR needs CEF,you are forced
to
use the second method you mentioned.

Just adding my Query here..

Is enabling protocol discovery (ip nbar protocol-discovery) on the
interface mandatory to configure NBAR?

thanks

Lab Rat #109385382 wrote: If I was asked to match
HTTP traffic (to later be police'd), is there any
difference between doing the following:

class-map HTTP
  match protocol http

with doing the following:

access-list 100 permit tcp any any eq www
class-map HTTP
  match access-group 100

I've seen it done both ways, and I just want to know if there are any
distinct functional differences between the two methods.

Thanks,

Ed

• Next message: Andre Serrao: "Re: Mistakes"
• Previous message: Danny Cox: "Re: my wrists giving me issues, just before the exam time"
• Maybe in reply to: Lab Rat #109385382: "NBAR Question"
• Next in thread: William.Nellis@cox.com: "RE: NBAR Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Dec 01 2006 - 08:05:49 ART