What is NBAR? NBAR is protocol discovery which can discover any protocol traffic support, obtain statistics associated with that protocol. Determine which protocols and applications are currently running on a network. With NBAR you can easy way to discovering application protocols operating on an interface so that appropriate QoS policies can be developed and applied. You must enable Cisco Express Forwarding (CEF) on the router prior to configuring the NBAR feature.
#### Displays the TCP/UDP port numbers
IOS#show ip nbar port-map
port-map bgp udp 179
port-map bgp tcp 179
port-map citrix udp 1604
port-map citrix tcp 1494
port-map cuseeme udp 7648 7649 24032
port-map cuseeme tcp 7648 7649
port-map dhcp udp 67 68
port-map dns udp 53
port-map dns tcp 53
port-map edonkey tcp 4662
port-map exchange tcp 135
port-map fasttrack tcp 1214
port-map finger tcp 79
port-map ftp tcp 21
port-map gnutella tcp 6346 6347 6348 6349 6355 5634
port-map gopher udp 70
port-map gopher tcp 70
port-map h323 udp 1300 1718 1719 1720 11720
port-map h323 tcp 1300 1718 1719 1720 11000 - 11999
port-map http tcp 80
port-map imap udp 143 220
port-map imap tcp 143 220
port-map irc udp 194
port-map irc tcp 194
port-map kerberos udp 88 749
port-map kerberos tcp 88 749
port-map l2tp udp 1701
port-map ldap udp 389
port-map ldap tcp 389
port-map mgcp udp 2427 2727
port-map mgcp tcp 2427 2428 2727
port-map netbios udp 137 138
port-map netbios tcp 137 139
port-map netshow tcp 1755
port-map nfs udp 2049
port-map nfs tcp 2049
port-map nntp udp 119
port-map nntp tcp 119
port-map notes udp 1352
port-map notes tcp 1352
port-map novadigm udp 3460 3461 3462 3463 3464 3465
port-map novadigm tcp 3460 3461 3462 3463 3464 3465
port-map ntp udp 123
port-map ntp tcp 123
port-map pcanywhere udp 22 5632
port-map pcanywhere tcp 65301 5631
port-map pop3 udp 110
port-map pop3 tcp 110
port-map pptp tcp 1723
port-map printer udp 515
port-map printer tcp 515
port-map rcmd tcp 512 513 514
port-map rip udp 520
port-map rsvp udp 1698 1699
port-map rtsp tcp 554
port-map secure-ftp tcp 990
port-map secure-http tcp 443
port-map secure-imap udp 585 993
port-map secure-imap tcp 585 993
port-map secure-irc udp 994
port-map secure-irc tcp 994
port-map secure-ldap udp 636
port-map secure-ldap tcp 636
port-map secure-nntp udp 563
port-map secure-nntp tcp 563
port-map secure-pop3 udp 995
port-map secure-pop3 tcp 995
port-map secure-telnet tcp 992
port-map sip udp 5060
port-map sip tcp 5060
port-map skinny tcp 2000 2001 2002
port-map smtp tcp 25
port-map snmp udp 161 162
port-map snmp tcp 161 162
port-map socks tcp 1080
port-map sqlnet tcp 1521
port-map sqlserver tcp 1433
port-map ssh tcp 22
port-map streamwork udp 1558
port-map sunrpc udp 111
port-map sunrpc tcp 111
port-map syslog udp 514
port-map telnet tcp 23
port-map tftp udp 69
port-map vdolive tcp 7000
port-map winmx tcp 6699
port-map xwindows tcp 6000 6001 6002 6003
#### Enable NBAR for interface
IOS(config-if)#ip nbar protocol-discovery
Don't forget to disable NBAR for interface, after finish discover
#### Displays NBAR's statistics for all interfaces
IOS#show ip nbar protocol-discovery
FastEthernet1/1
Input Output
----- ------
Protocol Packet Count Packet Count
Byte Count Byte Count
5min Bit Rate (bps) 5min Bit Rate (bps)
5min Max Bit Rate (bps) 5min Max Bit Rate (bps)
------------------------ ------------------------ ------------------------
eigrp 0 2
0 148
0 0
0 0
bgp 0 0
0 0
0 0
0 0
citrix 0 0
0 0
0 0
0 0
cuseeme 0 0
0 0
0 0
0 0
custom-01 0 0
0 0
0 0
0 0
custom-02 0 0
0 0
0 0
0 0
custom-03 0 0
0 0
0 0
0 0
custom-04 0 0
0 0
0 0
0 0
custom-05 0 0
0 0
0 0
0 0
custom-06 0 0
0 0
0 0
0 0
custom-07 0 0
0 0
0 0
0 0
custom-08 0 0
0 0
0 0
0 0
custom-09 0 0
0 0
0 0
0 0
custom-10 0 0
0 0
0 0
0 0
dhcp 0 0
0 0
0 0
0 0
dns 0 0
0 0
0 0
0 0
edonkey 0 0
0 0
0 0
0 0
egp 0 0
0 0
0 0
0 0
exchange 0 0
0 0
0 0
0 0
fasttrack 0 0
0 0
0 0
0 0
finger 0 0
0 0
0 0
0 0
ftp 0 0
0 0
0 0
0 0
gnutella 0 0
0 0
0 0
0 0
gopher 0 0
0 0
0 0
0 0
gre 0 0
0 0
0 0
0 0
h323 0 0
0 0
0 0
0 0
http 0 0
0 0
0 0
0 0
icmp 0 0
0 0
0 0
0 0
imap 0 0
0 0
0 0
0 0
ipinip 0 0
0 0
0 0
0 0
ipsec 0 0
0 0
0 0
0 0
irc 0 0
0 0
0 0
0 0
kazaa2 0 0
0 0
0 0
0 0
kerberos 0 0
0 0
0 0
0 0
l2tp 0 0
0 0
0 0
0 0
ldap 0 0
0 0
0 0
0 0
mgcp 0 0
0 0
0 0
0 0
netbios 0 0
0 0
0 0
0 0
netshow 0 0
0 0
0 0
0 0
nfs 0 0
0 0
0 0
0 0
nntp 0 0
0 0
0 0
0 0
notes 0 0
0 0
0 0
0 0
novadigm 0 0
0 0
0 0
0 0
ntp 0 0
0 0
0 0
0 0
ospf 0 0
0 0
0 0
0 0
pcanywhere 0 0
0 0
0 0
0 0
pop3 0 0
0 0
0 0
0 0
pptp 0 0
0 0
0 0
0 0
printer 0 0
0 0
0 0
0 0
rcmd 0 0
0 0
0 0
0 0
rip 0 0
0 0
0 0
0 0
rsvp 0 0
0 0
0 0
0 0
rtcp 0 0
0 0
0 0
0 0
rtp 0 0
0 0
0 0
0 0
rtsp 0 0
0 0
0 0
0 0
secure-ftp 0 0
0 0
0 0
0 0
secure-http 0 0
0 0
0 0
0 0
secure-imap 0 0
0 0
0 0
0 0
secure-irc 0 0
0 0
0 0
0 0
secure-ldap 0 0
0 0
0 0
0 0
secure-nntp 0 0
0 0
0 0
0 0
secure-pop3 0 0
0 0
0 0
0 0
secure-telnet 0 0
0 0
0 0
0 0
sip 0 0
0 0
0 0
0 0
skinny 0 0
0 0
0 0
0 0
smtp 0 0
0 0
0 0
0 0
snmp 0 0
0 0
0 0
0 0
socks 0 0
0 0
0 0
0 0
sqlnet 0 0
0 0
0 0
0 0
sqlserver 0 0
0 0
0 0
0 0
ssh 0 0
0 0
0 0
0 0
streamwork 0 0
0 0
0 0
0 0
sunrpc 0 0
0 0
0 0
0 0
syslog 0 0
0 0
0 0
0 0
telnet 0 0
0 0
0 0
0 0
tftp 0 0
0 0
0 0
0 0
vdolive 0 0
0 0
0 0
0 0
winmx 0 0
0 0
0 0
0 0
xwindows 0 0
0 0
0 0
0 0
unknown 0 0
0 0
0 0
0 0
Total 0 2
0 148
0 0
0 0
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment