Running NBAR protocol discovery on Switches

Unanswered Question
Jun 25th, 2009
User Badges:


How do I enable ip nbar protocol discovery on Cisco 6509 OS version Version 12.2(18)SXF ? would like to do this to get some stats on current traffic running on our network.

I have CEF enabled already but do I need any other commands so I can enable nbar on an interface. At the moment only global command exist for nbar and not interface command.

Switch(config)#ip cef ?

accounting Enable CEF accounting

distributed Distributed Cisco Express Forwarding

event-log CEF event log commands

interface CEF linecard commands

linecard CEF linecard commands

load-sharing Load sharing

nsf Set CEF non-stop forwarding (NSF) characteristics

table Set CEF forwarding table characteristics

traffic-statistics Enable collection of traffic statistics

Global Command (No Interface Command ?) :-

Switch(config)#ip nbar ?

custom Custom PDL (protocol description language) Module

pdlm PDL (protocol description language) Module

port-map Map well-known port of a protocol to a new port

resources Configure memory usage for tracking Stateful sessions

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Joseph W. Doherty Thu, 06/25/2009 - 11:11
User Badges:
  • Super Bronze, 10000 points or more

Most switches don't support NBAR. For the 6500, believe some of the WAN module cards do (e.g. FlexWAN, SIP-200/4000), or there's somewhat of a similar capability(?) if using a sup32-PISA.

mistryj Fri, 06/26/2009 - 04:23
User Badges:

So 6500 with Sup-720 wont work either ?

What can I use to classify traffic for QOS ?

I thought using nbar would help greatly with minimal cost ?

Edison Ortiz Fri, 06/26/2009 - 05:49
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You can use ACLs.

For instance, for match protocol http, you can do the same with:

access-list 101 permit tcp any any eq 80

access-list 101 permit tcp any eq 80 any

class-map NETPRO

match access-group 101

While the 'match protocol' command is available under the 6500 Sup-720 CLI, activating that command will produce sub-par performance as that process will be running in software.





This Discussion