Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
816
Views
4
Helpful
3
Replies

using NBAR for classifying traffic

Kevin Melton
Level 2
Level 2

‎11-17-2008 09:18 AM

Is configuring NBAR on a Cisco router the same as using a separate appliance (for example Packeteer) to perform traffic shaping and prioritization?

Also how is NBAR different than QoS?

Than DiffServ?

Labels:
0 Helpful
3 Replies 3

Istvan_Rabai
Level 7
Level 7

‎11-18-2008 09:40 AM

Hi Kevin,

NBAR does not perfom traffic shaping and prioritization. It is the job of the QoS policy applied to the interface.

- NBAR can be used to discover existing traffic flowing through an interface, using the "ip nbar protocol-discovery" interface command and the "show ip nbar protocol-discovery" exec command.

Based on the protocol and traffic statistics discovered by NBAR, you can classify your traffic into classes based on the requirements of your business and you can configure a QoS policy to tell the router how to treat the different classes of traffic.

- You actually use NBAR within class-maps when classifying traffic with the "match protocol" command.

- When you use the Auto QoS feature, it uses NBAR as well for protocol discovery, and it generates the class-maps and the policy-map based on Cisco best practices for QoS.

So NBAR can be used as useful QoS tool within the DiffServ model

Does this answer your question?

Cheers:

Istvan

Kevin Melton
Level 2
Level 2
In response to Istvan_Rabai

‎11-18-2008 11:37 AM

Those are fine answers. I applied it to my 3825 router,and when I perform the "show ip nbar protocol-discovery" exec command, I see alot of data about all the protocols/classes of traffic running thru our router.

How is this similar to and then in turn different from Netflow?

0 Helpful

Istvan_Rabai
Level 7
Level 7
In response to Kevin Melton

‎11-22-2008 10:22 PM

Hi Kevin,

I found a good document for you on the Cisco website explaining Netflow and the relationship between NBAR and Netflow:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtnfinpf.html

They state the following here:

"This feature requires the classification of packets in a variety of ways: IP source and destination addresses, Layer 4 protocol and port numbers, incoming interface, MAC address, IP Precedence, DSCP value, Layer 2 information (such as Frame-Relay DE bits or Ethernet 802.1p bits), and NBAR (Network-Based Application Recognition)information."

Cheers:

Istvan

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents