Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Traffic Inspection on IOS Firewall

I have a Cisco IOS firewall configured and customer would like to know what traffic inbound is using the most traffic.

Customer received report from service provider that shows high traffic utilization on their internet connection and customer wants to know what traffic is mostly using their bandwidth.

What commands can I run on the IOS firewall to get an idea what protocol/traffic is maximizing their internet bandwidth?


Re: Traffic Inspection on IOS Firewall

New Member

Re: Traffic Inspection on IOS Firewall


as mentioned by the other poster, the best and more complete solution is netflow. Although netflow support is included in IOS and is easy to configure, unfortunately netflow collectors and analyzers are mostly commercial.

There is also some open source netflow products though, but they tend to be more complicated to use & configure. You can try for example ntop, but just google around a little bit and you'll find some more.

On the other, for a quick snapshot of protocol use in your router, if you have NBAR protocol discovery activated in your interfaces, just issue the following command:

# sh ip nbar protocol-discovery int YOUR_INTEFACE_GOES_HERE

That should show a traffic summary by protocol (last 5min I think) for protocols recognized by NBAR.

Jut remember, NBAR has to be activated on the corresponding interface prior to issuing the command above!