Re: TFTP QOS with NBAR

From: John (jgarrison1@austin.rr.com)
Date: Thu Oct 18 2007 - 22:10:04 ART

Thanks! To me it makes no sense to offer an option that's invalid, but
there I go thinking again.
----- Original Message -----
From: "Antonio Soares" <amsoares@netcabo.pt>
To: "'John'" <jgarrison1@austin.rr.com>
Cc: <ccielab@groupstudy.com>
Sent: Thursday, October 18, 2007 5:49 PM
Subject: RE: TFTP QOS with NBAR

> Because this is not NBAR. And it's explained in the DocCD why you get that
> behaviour with PQ:
>
> "For some protocols, such as TFTP and FTP, only the initial request uses
> port 69. Subsequent packets use a randomly chosen port number. For these
> types of protocols, the use of port numbers fails to be an effective
> method
> to manage queued traffic."
>
> Link:
>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/hqos_r
> /qos_o1h.htm#wp1081283
>
>
> Regards,
>
> Antonio Soares
> CCIE #18473 (R&S),CCNP,CCIP,JNCIA-ER
> http://pwp.netcabo.pt/amsoares/
>
> -----Original Message-----
> From: John [mailto:jgarrison1@austin.rr.com]
> Sent: sexta-feira, 19 de Outubro de 2007 1:28
> To: Antonio Soares
> Cc: ccielab@groupstudy.com
> Subject: Re: TFTP QOS with NBAR
>
> Please tell me what I'm doing wrong. Telnet and udp 16384 traffic go to
> the
> proper queues, but not tftp.
>
>
> interface Serial2/0
> ip address 155.1.0.5 255.255.255.0
> encapsulation frame-relay
> ip ospf network broadcast
> no fair-queue
> serial restart-delay 0
> frame-relay traffic-shaping
> frame-relay map ip 155.1.0.4 504 broadcast
> frame-relay interface-dlci 504
> class frts
> no frame-relay inverse-arp
>
> !
> map-class frame-relay frts
> frame-relay cir 56000
> frame-relay bc 560
> frame-relay be 80
> frame-relay priority-group 1
> priority-list 1 protocol ip high udp 16384
> priority-list 1 protocol ip medium tcp telnet
> priority-list 1 protocol ip high udp tftp
> ----- Original Message -----
> From: "Antonio Soares" <amsoares@netcabo.pt>
> To: "'John'" <jgarrison1@austin.rr.com>
> Cc: <ccielab@groupstudy.com>
> Sent: Thursday, October 18, 2007 5:46 AM
> Subject: RE: TFTP QOS with NBAR
>
>
>> It works for me:
>>
>> ++++++++++++++++++++++++
>> R1--|--R2--|--R3
>> ++++++++++++++++++++++++
>> R3#copy running-config flash:
>> Destination filename [r3-confg]?
>> Erase flash: before copying? [confirm]n
>> Verifying checksum... OK (0x71EF)
>> 773 bytes copied in 3.280 secs (236 bytes/sec)
>> R3#
>> ++++++++++++++++++++++++
>> R1#copy tftp: null:
>> Address or name of remote host []? 23.23.23.3
>> Source filename []? r3-confg
>> Accessing tftp://23.23.23.3/r3-confg...
>> Loading r3-confg from 23.23.23.3 (via FastEthernet0/0): !
>> [OK - 773 bytes]
>>
>> 773 bytes copied in 0.492 secs (1571 bytes/sec)
>> R1#
>> ++++++++++++++++++++++++
>> R2#sh policy-map interface
>> FastEthernet0/1
>>
>> Service-policy input: qos-in
>>
>> Class-map: tftp (match-all)
>> 8 packets, 3460 bytes
>> 5 minute offered rate 2000 bps
>> Match: protocol tftp
>>
>> Class-map: class-default (match-any)
>> 0 packets, 0 bytes
>> 5 minute offered rate 0 bps, drop rate 0 bps
>> Match: any
>> R2
>> ++++++++++++++++++++++++
>> hostname R2
>> !
>> class-map match-all tftp
>> match protocol tftp
>> !
>> !
>> policy-map qos-in
>> class tftp
>> class class-default
>> !
>> interface FastEthernet0/0
>> ip address 12.12.12.2 255.255.255.0
>> duplex auto
>> speed auto
>> !
>> interface FastEthernet0/1
>> ip address 23.23.23.2 255.255.255.0
>> duplex auto
>> speed auto
>> service-policy input qos-in
>> !
>> ++++++++++++++++++++++++
>>
>> The 3 routers are 3725's running 12.4.12 ADVENTERPRISEK9. This was tested
>> with Dynamips.
>>
>>
>> Regards,
>>
>> Antonio Soares
>> CCIE #18473 (R&S),CCNP,CCIP,JNCIA-ER
>> http://pwp.netcabo.pt/amsoares/
>>
>> -----Original Message-----
>> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>> John
>> Sent: quinta-feira, 18 de Outubro de 2007 3:41
>> Cc: ccielab@groupstudy.com
>> Subject: Re: TFTP QOS with NBAR
>>
>> I'm running c3725-adventerprisek9-mz.124-16 and when I used NBAR to
>> classify
>> the traffic and put it in a high priority queue it put the traffic into
>> the
>> default queue. I changed the command to telnet and it worked just fine.
>> ----- Original Message -----
>> From: Joel Amao
>> To: John
>> Cc: ccielab@groupstudy.com
>> Sent: Wednesday, October 17, 2007 6:13 PM
>> Subject: RE: TFTP QOS with NBAR
>>
>>
>>
>> I am not too sure but i think this has beed fixed in newer codes.
>>
>> I ran into this issue in the past, where NBAR would classify tftp
>> packets
>> as unknown because after the initial setup on a standard port (port 69),
>> the
>> server replies to the client to setup the connection on a random
>> transfer
>> identifier (TID).
>> The problem is that this TID is passed down to the datagram layer and
>> used
>> as the port number (random ports number) thus confusing Nbar.
>>
>> I havent tested this recently though.
>>
>>
>>
>>
>> regards,
>>
>> Joel Amao
>> CCIE#18128
>>
>>
>>
>>
>>
>> <
>>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> > From: jgarrison1@austin.rr.com
>> > To: ccielab@groupstudy.com
>> > Subject: TFTP QOS with NBAR
>> > Date: Wed, 17 Oct 2007 14:35:26 -0600
>> >
>> > TFTP only uses port 69 in it's initial packet. Does NBAR montior a
>> rnage
>> of
>> > ports or just port 69. If it doesn't monitor other ports how does it
>> know to
>> > distinguish TFTP packets with ports other then 69. Is NBAR useless as
>> far as
>> > TFTP is concerned.
>> >
>> >
>> _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
> ----------------------------------------------------------------------------
>> -
>> -
>> Help yourself to FREE treats served up daily at the Messenger Cafi. Stop
>> by today!
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Fri Nov 16 2007 - 13:11:16 ART