From: Jared Scrivener (jscrivener@ipexpert.com)
Date: Tue Feb 24 2009 - 16:23:24 ARST
The "ip nbar port-map" command is used to tell NBAR to inspect certain ports
based on the protocol definition for a protocol. This could be used, for
example, to get NBAR to inspect port 8080 for HTTP traffic (as well as the
default 80).
The "ip nbar custom" command defines a custom application - including its
ports etc. in the definition. This could be used, for example, to get NBAR
to refer to UDP ports 65001 and UDP ports 65002 as "custom-01".
In your example below, the first command will be useless unless "custom-01"
was already defined.
The second example defines two separate custom applications and then refers
to them in a "match-all" class-map (which is impossible for the same packet
to meet the criteria of having the source port as two different values) so
it is also not going to work.
Cheers,
Jared Scrivener CCIE3 #16983 (R&S, Security, SP), CISSP
Technical Instructor - IPexpert, Inc.
Telephone: +1.810.326.1444
Fax: +1.810.454.0130
Mailto: jscrivener@ipexpert.com
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Service Provider
Sent: Tuesday, 24 February 2009 3:13 AM
To: Cisco certification; Cisco certification
Subject: NBAR - Differences between port-map and custom
Hi guys
What is the difference with the following nbar configuration?
1. ip nbar port-map custom-01 udp 65001 65002
class-map match-all R7_APPLICATION
match protocol custom-01
2. ip nbar custom UDP65001 source udp 65001
ip nbar custom UDP65002 source udp 65002
class-map match-all UDP
match protocol UDP65001
match protocol UDP65002
With these 2 options, do they accomplish the same result or not?
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:12 ARST