RE: NBAR on Fastethernet

From: Scott Morris (swm@emanon.com)
Date: Thu Feb 15 2007 - 15:40:43 ART

• Next message: uyota oyearone: "RE: " Amazin " How To Run Cisco IOS On PC......!!"
• Previous message: Dennis Worth: "OT: QOS through ipsec tunnel ?"
• Maybe in reply to: Allan : "NBAR on Fastethernet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Nope, not needed to apply your service policies. Just the monitoring as
Victor notes. It's always been this way.

HTH,

 
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE
#153, CISSP, et al.
CCSI/JNCI-M/JNCI-J
IPexpert VP - Curriculum Development
IPexpert Sr. Technical Instructor
smorris@ipexpert.com
http://www.ipexpert.com
 
 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Joe
Yohannan
Sent: Thursday, February 15, 2007 1:00 PM
To: victor@ccbootcamp.com; mincisco@gmail.com; ccielab@groupstudy.com
Subject: RE: NBAR on Fastethernet

i believe it's also needed for matching against in a service policy in IOS
images prior to 12.2T . That's according to my cisco press QoS book anyway.

  We all know how it's not uncommon to have errors in the cisco books
though.

>From: "Victor Cappuccio" <victor@ccbootcamp.com>
>To: "Joe Yohannan"
><joe1265@hotmail.com>,<mincisco@gmail.com>,<ccielab@groupstudy.com>
>Subject: RE: NBAR on Fastethernet
>Date: Thu, 15 Feb 2007 08:29:52 -0800
>
>Hi Joe,
>
>The command ip nbar protocol-discovery will enable you a
>"packet-sniffing application". Use the "show ip nbar protocol-discovery"
>to see what protocols you have been running in a period of time
>
>R1#show ip nbar protocol-discovery stats bit-rate top-n 10
>
>R1#conf ter
>Enter configuration commands, one per line. End with CNTL/Z.
>R1(config)#int f0/0
>R1(config-if)#ip nbar protocol-discovery R1(config-if)#do show ip nbar
>protocol-discovery stats bit-rate top-n 10
>
> FastEthernet0/0
> Input Output
>
> ----- ------
>
> Protocol 5min Bit Rate (bps) 5min Bit Rate (bps)
>
> ------------------------ ------------------------
>------------------------
> rip 0 0
>
> bgp 0 0
>
> citrix 0 0
>
> cuseeme 0 0
>
> custom-01 0 0
>
> custom-02 0 0
>
> custom-03 0 0
>
> custom-04 0 0
>
> custom-05 0 0
>
> custom-06 0 0
>
> unknown 0 0
>
> Total 0 0
>
>R1(config-if)#do copy http://7.7.7.7/Conf.html null:
>Loading http://7.7.7.7/Conf.html !
>1317 bytes copied in 1.420 secs (927 bytes/sec) R1(config-if)#do show
>ip nbar protocol-discovery stats bit-rate top-n 10
>
> FastEthernet0/0
> Input Output
>
> ----- ------
>
> Protocol 5min Bit Rate (bps) 5min Bit Rate (bps)
>
> ------------------------ ------------------------
>------------------------
> http 0 0
>
> rip 0 0
>
> bgp 0 0
>
> citrix 0 0
>
> cuseeme 0 0
>
> custom-01 0 0
>
> custom-02 0 0
>
> custom-03 0 0
>
> custom-04 0 0
>
> custom-05 0 0
>
> unknown 0 0
>
> Total 0 0
>
>R1(config-if)#
>
>IMO, the problem Allan was running, is because he had mist configured
>the service policy-map direction of the interface
>
>Thanks,
>Victor Cappuccio.
>Network Learning Inc - A Cisco Sponsored Organization (SO) YES! We take
>Cisco Learning credits!
>mailto:brad@ccbootcamp.com
>http://www.ccbootcamp.com (Cisco Training and Rental Racks)
>http://www.ccbootcamp.com/groupstudy.html (groupstudy member
>discounts!)
>Voice: 702-968-5100
>FAX: 702-446-8012
>
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>Joe Yohannan
>Sent: Thursday, February 15, 2007 2:13 AM
>To: mincisco@gmail.com; ccielab@groupstudy.com
>Subject: RE: NBAR on Fastethernet
>Importance: Low
>
>If it's an older IOS you may need "ip nbar protocol-discovery" on the
>interface.
>
>
> >From: "Allan " <mincisco@gmail.com>
> >Reply-To: "Allan " <mincisco@gmail.com>
> >To: ccielab@groupstudy.com
> >Subject: NBAR on Fastethernet
> >Date: Thu, 15 Feb 2007 19:02:12 +1100
> >
> >Hi
> >
> >If NBAR does not work on the fast ethernet, I did the same policy
> >apply
>to
> >fa0/0 and s0/0 on a same router, fastethernet can' t policy the
>traffic.
> >any idea ?
> >
> >
> >ip cef
> >
> >class-map match-all HTTP
> > match protocol http
> >class-map match-any FTP
> > match protocol ftp
> >
> >policy-map QoS_OUT_F0/0
> >
> >class FTP
> > police 10000 conform-action transmit exceed-action drop
> > class HTTP
> > police 20000 conform-action transmit exceed-action drop
> >
> >
> > policy-map QoS_OUT_S0/0
> >
> >class FTP
> > police 10000 conform-action transmit exceed-action drop
> > class HTTP
> > police 20000 conform-action transmit exceed-action drop
> >
> >------------------------------------------>> apply to S0/0
> >
> >R3#copy ftp: null:
> >Address or name of remote host [1.1.5.5]?
> >Source filename [P00307020400.bin]?
> >Accessing ftp://1.1.5.5/P00307020400.bin...
> >Loading P00307020400.bin !!!!!!!!!!!!!!!!!!!!!!!!!!
> >[OK - 129476/4096 bytes]
> >
> >
> >sh policy-map interface
> >
> >Serial0/0
> >
> >Service-policy output: QoS_OUT_S0/0
> >Class-map: FTP (match-any)
> > 712 packets, 32040 bytes
> > 5 minute offered rate 0 bps, drop rate 0 bps
> > Match: protocol ftp
> > 712 packets, 32040 bytes
> > 5 minute rate 0 bps
> > police:
> > cir 10000 bps, bc 1500 bytes
> > conformed 712 packets, 32040 bytes; actions:
> > transmit
> > exceeded 0 packets, 0 bytes; actions:
> > drop
> > conformed 0 bps, exceed 0 bps
> >
> >------------------------------------->>> apply to F0/0
> >sh policy-map interface
> >
> >FastEthernet0/0
> >
> > Service-policy output: QoS_OUT_F0/0
> >
> > Class-map: FTP (match-any)
> > 0 packets, 0 bytes
> > 5 minute offered rate 0 bps, drop rate 0 bps
> > Match: protocol ftp
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > police:
> > cir 10000 bps, bc 1500 bytes
> > conformed 0 packets, 0 bytes; actions:
> > transmit
> > exceeded 0 packets, 0 bytes; actions:
> > drop
> > conformed 0 bps, exceed 0 bps
> >
> >_____________________________________________________________________
> >__ Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
>
>_________________________________________________________________
>Dont miss your chance to WIN 10 hours of private jet travel from
>Microsoft Office Live
>http://clk.atdmt.com/MRT/go/mcrssaub0540002499mrt/direct/01/
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html

• Next message: uyota oyearone: "RE: " Amazin " How To Run Cisco IOS On PC......!!"
• Previous message: Dennis Worth: "OT: QOS through ipsec tunnel ?"
• Maybe in reply to: Allan : "NBAR on Fastethernet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:46 ART