From: Daniel Kutchin (daniel@kutchin.com)
Date: Sun Jan 04 2009 - 12:13:27 ARST
Consider the 3 methods chronologically:
Method 1: acl - permit udp any any range 16384 32767 - Much older
Method 2: nbar - match ip rtp 16384 16383 - Software Release 12.1.2.T and
later
Method 3: nbar - match protocol rtp audio - Software Release 12.2(8)T and
later
Moreover, refer to the white paper:
nBAR RTP Payload Classification
http://www.cisco.com/en/US/products/ps6616/products_white_paper09186a0080110
040.shtml#wp39290
<quote>
Why nBAR RTP Payload Classification
While placing voice and video on a network, adequate bandwidth must exist to
meet the service needs of these applications. Classification and Marking of
the traffic should be performed as close to the edge of the network as
possible. The marked DSCP values can then classify, condition, and define
the per-hop behavior of each traffic class of traffic within the Diffserv
domain.
Cisco IOS Software currently offers many methods for the classification of
voice and video traffic. The advantages and disadvantages of each feature
are listed below.
1. Match ip rtp
This command matches IP RTP packets that fall within the specified UDP port
range. The "match ip rtp" feature matches UDP packets destined to all even
port numbers within the specified range. Its limitation is that it will
match any UDP packet using an even port number that falls within the range
configured. There is a risk that another application could use UDP ports
that fall in the same range, as specified by the "match ip rtp" match
criteria. This application traffic will now be queued in the Low Latency
queue with the delay sensitive voice traffic, and might hamper the quality
of voice calls. It is therefore very useful to have a classification engine
that can classify applications above the port number criteria.
2. Ip dscp and ip precedence
Various applications and end devices (ie: IP Phones and Polycom Video units)
can set their DSCP values. The router can now use this specific DSCP, or
Precedence, value as classification criteria for voice and video streams.
However, a danger does always exist, because another end user or application
could, deliberately or accidentally, mark their packets with the same DSCP
or Precedence value.
3. Access lists
Access lists can classify RTP packets, based on source or destination IP
addresses, and UDP port number range but do not provide a granular way to
classify RTP streams. Again, there is a risk of another application
inadvertently matching the access-list criteria for identification of voice
and video traffic, resulting in potential theft of service for these service
classes. Also, access-lists do not provide classification statistics that
are available with nBAR. nBAR thus provides more granular and
application-specific matching criteria than access lists.
4. nBAR RTP Payload Classification
This feature expands the RTP traffic-matching capabilities of an
nBAR-enabled router by looking deeper into the RTP header to check for RTP
specific parameters instead of relying on even UDP port numbers alone
This feature also addresses the challenge of distinguishing RTP packets from
different applications based on their payload types or CODECS. The space for
payload types is limited, so only very common encodings are assigned static
types. These are typically audio and video encodings that have been
"blessed" by international standardization bodies, such as the G. series of
ITU-T audio encodings (see Table 1). Dynamic payload types map an RTP
payload type to an audio and video encoding for the duration of a session.
Different members of a session could use different mappings if needed. As
shown in the above table, Dynamic payload types use the PT range 96-127.
There are multiple encodings defined by the A/V profile that use dynamic
payload types, including GSM-HR, RED, VDVI, L8, MP2P and BMPEG Codecs. nBAR
RTP Payload type classification provides a powerful means of classifying the
applications based on their static or dynamic payload type.
</quote>
Therefore Method 3 is the way to go.
Daniel
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Nitro Drops
Sent: Sonntag, 4. Januar 2009 11:20
To: asequeira@internetworkexpert.com
Cc: ccielab@groupstudy.com
Subject: RE: Voice Packets
Resend.......
Hi All & Anthony,
One more query with regards to my initial qns of matching Voice packets.
How about this 3rd method
3.) class-map VOIP
match ip rtp 16384 16383
Is it the same as the previous 2 of matching Voice packets?
1.) ACL
permit udp any any range 16384 32767
or
2.) NBAR
class VOIP
match protocol rtp audio
Happy New Year every1 8)
Cheers
Nit
> CC: ccielab@groupstudy.com
> From: asequeira@internetworkexpert.com
> To: nitrodrops@hotmail.com
> Subject: Re: Voice Packets
> Date: Sat, 20 Dec 2008 00:29:22 -0500
>
> Yes - those two both work; also do not forget that many Voice matching
> tasks in the lab may be wanting you to match on traffic that is
> already marked as Voice.
>
> Perhaps you need to match on traffic from an IP Phone that is marked
> as EF at Layer 3 or CoS 5 at Layer 2.
>
> Anthony J. Sequeira, CCIE #15626, CCSI #23251
> Senior CCIE Instructor
>
> asequeira@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987
> Outside US: 775-826-4344
>
> On Dec 19, 2008, at 10:09 PM, Nitro Drops wrote:
>
> > Just to confirm, to match voice packets
> >
> > either
> >
> > 1.) ACL
> >
> > permit udp any any range 16384 32767
> >
> > or
> >
> > 2.) NBAR
> >
> > class VOIP
> > match protocol rtp audio
> >
> >
> > Thanks for any kind replies
> >
> > Cheers
> > NIt
> >
> > _________________________________________________________________
> > Time for change? Find your ideal job with SEEK.
> >
http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Fninemsn%2Eseek%2Ecom%2Eau%2F
> > %
> > 3Ftracking%3Dsk%3Atl%3Ask%3Anine%3A0%3Ahottag
> > %3Achange&_t=757263783&_r=SEEK_t
> > agline&_m=EXT
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
>
Find your ideal job with SEEK Time for change?
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:36 ARST