Matching VoIP traffic

Answered Question
Feb 2nd, 2009

Hi,

Just wondering if these two class maps accomplish the same goal:

class-map match-all VoIP-1

match protocol rtp audio

class-map match-all VoIP-2

match access-group 123

!

access-list 123 permit udp any any range 16384 32767

thanks!

I have this problem too.
0 votes
Correct Answer by Nicholas Matthews about 7 years 11 months ago

That is the same as your access list. It's not deep packet inspection like the match protocol statement. The 2nd number there is a range, and is an alternative to using an ACL.

-nick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Nicholas Matthews Mon, 02/02/2009 - 18:52

Hi,

These are actually quite different.

If you have a Cisco only VoIP deployment, they should be equivalent. The 16384 - 32767 is a Cisco only standard. Many SIP providers and other voice applications will use ports 10000-70000.

The first uses NBAR (requires CEF), and looks inside the packet for a RTP header. If you're worried about CPU utilization this would kick up a bit.

The optimal matching would be to ensure you have a switched network that is trusting DSCP and mark/match it EF.

hth,

nick

enriquebs Tue, 02/03/2009 - 00:58

OK

No worries about CPU utilization I just trying to understand how to match VoIP traffic in a Cisco network. Also found this ACL:

match ip rtp 16384 16383

Is it also suppose to match VoIP traffic?

thanks!

Correct Answer
Nicholas Matthews Tue, 02/03/2009 - 05:48

That is the same as your access list. It's not deep packet inspection like the match protocol statement. The 2nd number there is a range, and is an alternative to using an ACL.

-nick

Actions

This Discussion