From: Nitro Drops (nitrodrops@hotmail.com)
Date: Mon Jan 05 2009 - 05:05:03 ARST
Thanks Daniel!
This is an excellent article. Maybe IE can have this on their blog?
One last query, 'IE labs' has been using ACL to match 'TCP 1720' for voice
packets on top of the ACL to match 'UDP range 16384 - 32767'.
Inside the white papers, i didnt come across "match protocol rtp" covering
this TCP 1720, where TCP 1720 is used for 'calls control signalling' in VoIP.
I assume "match protocol rtp" does cover the 'calls control signalling'?
Cheers
Nit
> From: daniel@kutchin.com
> To: ccielab@groupstudy.com
> Subject: RE: Voice Packets
> Date: Sun, 4 Jan 2009 15:13:27 +0100
>
> Consider the 3 methods chronologically:
>
> Method 1: acl - permit udp any any range 16384 32767 - Much older
> Method 2: nbar - match ip rtp 16384 16383 - Software Release 12.1.2.T and
> later
> Method 3: nbar - match protocol rtp audio - Software Release 12.2(8)T and
> later
>
> Moreover, refer to the white paper:
>
> nBAR RTP Payload Classification
>
http://www.cisco.com/en/US/products/ps6616/products_white_paper09186a0080110
> 040.shtml#wp39290
>
> <quote>
>
> Why nBAR RTP Payload Classification
> While placing voice and video on a network, adequate bandwidth must exist
to
> meet the service needs of these applications. Classification and Marking of
> the traffic should be performed as close to the edge of the network as
> possible. The marked DSCP values can then classify, condition, and define
> the per-hop behavior of each traffic class of traffic within the Diffserv
> domain.
>
> Cisco IOS Software currently offers many methods for the classification of
> voice and video traffic. The advantages and disadvantages of each feature
> are listed below.
>
> 1. Match ip rtp
>
> This command matches IP RTP packets that fall within the specified UDP port
> range. The "match ip rtp" feature matches UDP packets destined to all even
> port numbers within the specified range. Its limitation is that it will
> match any UDP packet using an even port number that falls within the range
> configured. There is a risk that another application could use UDP ports
> that fall in the same range, as specified by the "match ip rtp" match
> criteria. This application traffic will now be queued in the Low Latency
> queue with the delay sensitive voice traffic, and might hamper the quality
> of voice calls. It is therefore very useful to have a classification engine
> that can classify applications above the port number criteria.
>
> 2. Ip dscp and ip precedence
>
> Various applications and end devices (ie: IP Phones and Polycom Video
units)
> can set their DSCP values. The router can now use this specific DSCP, or
> Precedence, value as classification criteria for voice and video streams.
> However, a danger does always exist, because another end user or
application
> could, deliberately or accidentally, mark their packets with the same DSCP
> or Precedence value.
>
> 3. Access lists
>
> Access lists can classify RTP packets, based on source or destination IP
> addresses, and UDP port number range but do not provide a granular way to
> classify RTP streams. Again, there is a risk of another application
> inadvertently matching the access-list criteria for identification of voice
> and video traffic, resulting in potential theft of service for these
service
> classes. Also, access-lists do not provide classification statistics that
> are available with nBAR. nBAR thus provides more granular and
> application-specific matching criteria than access lists.
>
> 4. nBAR RTP Payload Classification
>
> This feature expands the RTP traffic-matching capabilities of an
> nBAR-enabled router by looking deeper into the RTP header to check for RTP
> specific parameters instead of relying on even UDP port numbers alone
>
> This feature also addresses the challenge of distinguishing RTP packets
from
> different applications based on their payload types or CODECS. The space
for
> payload types is limited, so only very common encodings are assigned static
> types. These are typically audio and video encodings that have been
> "blessed" by international standardization bodies, such as the G. series of
> ITU-T audio encodings (see Table 1). Dynamic payload types map an RTP
> payload type to an audio and video encoding for the duration of a session.
> Different members of a session could use different mappings if needed. As
> shown in the above table, Dynamic payload types use the PT range 96-127.
>
> There are multiple encodings defined by the A/V profile that use dynamic
> payload types, including GSM-HR, RED, VDVI, L8, MP2P and BMPEG Codecs. nBAR
> RTP Payload type classification provides a powerful means of classifying
the
> applications based on their static or dynamic payload type.
>
> </quote>
>
> Therefore Method 3 is the way to go.
>
>
> Daniel
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Nitro Drops
> Sent: Sonntag, 4. Januar 2009 11:20
> To: asequeira@internetworkexpert.com
> Cc: ccielab@groupstudy.com
> Subject: RE: Voice Packets
>
> Resend.......
>
>
>
>
>
>
>
>
> Hi All & Anthony,
>
> One more query with regards to my initial qns of matching Voice packets.
>
> How about this 3rd method
>
> 3.) class-map VOIP
> match ip rtp 16384 16383
>
> Is it the same as the previous 2 of matching Voice packets?
>
>
> 1.) ACL
> permit udp any any range 16384 32767
>
> or
>
> 2.) NBAR
> class VOIP
> match protocol rtp audio
>
>
> Happy New Year every1 8)
>
> Cheers
> Nit
>
>
>
> > CC: ccielab@groupstudy.com
> > From: asequeira@internetworkexpert.com
> > To: nitrodrops@hotmail.com
> > Subject: Re: Voice Packets
> > Date: Sat, 20 Dec 2008 00:29:22 -0500
> >
> > Yes - those two both work; also do not forget that many Voice matching
> > tasks in the lab may be wanting you to match on traffic that is
> > already marked as Voice.
> >
> > Perhaps you need to match on traffic from an IP Phone that is marked
> > as EF at Layer 3 or CoS 5 at Layer 2.
> >
> > Anthony J. Sequeira, CCIE #15626, CCSI #23251
> > Senior CCIE Instructor
> >
> > asequeira@internetworkexpert.com
> >
> > Internetwork Expert, Inc.
> > http://www.InternetworkExpert.com
> > Toll Free: 877-224-8987
> > Outside US: 775-826-4344
> >
> > On Dec 19, 2008, at 10:09 PM, Nitro Drops wrote:
> >
> > > Just to confirm, to match voice packets
> > >
> > > either
> > >
> > > 1.) ACL
> > >
> > > permit udp any any range 16384 32767
> > >
> > > or
> > >
> > > 2.) NBAR
> > >
> > > class VOIP
> > > match protocol rtp audio
> > >
> > >
> > > Thanks for any kind replies
> > >
> > > Cheers
> > > NIt
> > >
> > > _________________________________________________________________
> > > Time for change? Find your ideal job with SEEK.
> > >
>
http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Fninemsn%2Eseek%2Ecom%2Eau%2F
> > > %
> > > 3Ftracking%3Dsk%3Atl%3Ask%3Anine%3A0%3Ahottag
> > > %3Achange&_t=757263783&_r=SEEK_t
> > > agline&_m=EXT
> > >
> > >
> > > Blogs and organic groups at http://www.ccie.net
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> >
>
> Find your ideal job with SEEK Time for change?
> _________________________________________________________________
> Time for change? Find your ideal job with SEEK.
>
http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Fninemsn%2Eseek%2Ecom%2Eau%2F
> %
>
3Ftracking%3Dsk%3Atl%3Ask%3Anine%3A0%3Ahottag%3Achange&_t=757263783&_r=SEEK_
> t
> agline&_m=EXT
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:36 ARST