Can NBAR filter traffic in one-interface routing?

Unanswered Question
May 20th, 2009

Say I have a routers A and B and a host C. Router A has inside FE, Router B has inside interface and host C has FE interface

Router A has a route "ip route". If host C sent an NBAR probhited packet say to host - would Router A be able to filter that traffic via NBAR?

Of course it would assume ICMP redirects were not in play. Thank-you.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Thu, 05/21/2009 - 06:38

NBAR stands for Network-Based Application Recognition. It does not restrict or filter by itself, it just 'discovers' the applications as they traverse the router. You can use ACL's to filter unwanted traffic.

Hope that helps.

mmedwid Thu, 05/21/2009 - 09:14

Yes - NBAR is used in conjunction with ACLs to do the filtering. So say you put said ACL at the inside interface - would the traffic in my scenario be filtered?

Collin Clark Thu, 05/21/2009 - 10:29

An ACL can be used to filter applications. AFAIK ACL's can't be tied to NBAR for filtering. If you know of a way, please post a config or link. Thanks.


This Discussion