Which Applications/services use these Protocols?

Unanswered Question
May 19th, 2009

We are having bandwidth issues in some locations and I used SDM to monitor traffic across the Routers. I check application traffic and see a list like: ldap, nfs, socks, netshow, novadiqm,

rtcp, fasttrack, skinny, notes, mqcp, edonkey, sqlnet, pptp, kerberos, rsvp, citrix, sunrpc, l2tp, streamwork and also a large chunk of unknown. Any ideas on which exact applications or services may be using these protocols. Also how do I detect the large quantity of unknown traffic type? Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
John Blakley Tue, 05/19/2009 - 08:49

The only thing you can do for the unknown is to see what port it's going out/coming in on and then research what application could be using that.

Most of the protocols that you've listed tell you what they do:

ldap - ldap

nfs - linux?

socks - proxy services

fasttrack - kazaa/gnutella

notes - lotus notes

edonkey - edonkey (like kazaa)

pptp - vpn services (Microsoft PPTP)

If you're seeing traffic on these, it doesn't mean they're really being used on the network. They could just be using the same port that one of these applications are using, and SDM is categorizing them by what Cisco deems as the normal port for these applications.

HTH,

John

Actions

This Discussion