I often need to find what is number for specified L2/L3 protocol for example: IPX, CDP, VTP, IPV6, ISIS etc.
Does cisco have any documentation for that ?
It makes no sense to remember all those values, but on CCIE exam i will have access only to cisco documentation.
I've looked thru doc but can't find anything (there is some information in ACE module doc but only for upper layers)
Any help ?
Also port numbers for protocols based on TCP/UDP.
But most important for me are L2 protocols like: IPX, CDP, VTP, IPV6.
They don't use port numbers.
Suppose that you have mac ACL and want to permit IPX and CDP but block VTP. How would you create such ACL ?
NBAR does not support non-IP traffic.
So it does not support any of: IPX, CDP, VTP, IPV6.
Am i wrong ?
Not sure about VTP, but can see CDP in the list below. Although have never tried that
R1(config-cmap)#match protocol ?
aarp AppleTalk ARP
arp IP ARP
bgp Border Gateway Protocol
bstun Block Serial Tunnel
cdp Cisco Discovery Protocol
citrix Citrix Systems Metaframe 3.0
clns ISO CLNS
clns_es ISO CLNS End System
clns_is ISO CLNS Intermediate System
cmns ISO CMNS
compressedtcp Compressed TCP (VJ)
cuseeme CU-SeeMe desktop video conference
decnet_node DECnet Node
decnet_router-l1 DECnet Router L1
decnet_router-l2 DECnet Router L2
dhcp Dynamic Host Configuration
directconnect Direct Connect Version 2.0
dlsw Data Link Switching (Direct encapsulation only)
dns Domain Name Server lookup
egp Exterior Gateway Protocol
eigrp Enhanced Interior Gateway Routing Protocol
exchange MS-RPC for Exchange
fasttrack FastTrack Traffic - KaZaA, Morpheus, Grokster...
ftp File Transfer Protocol
gnutella Gnutella Version2 Traffic - BearShare, Shareeza, Morpheus
gre Generic Routing Encapsulation
h323 H323 Protocol
http World Wide Web traffic
icmp Internet Control Message
imap Internet Message Access Protocol
ipinip IP in IP (encapsulation)
ipsec IP Security Protocol (ESP/AH)
ipx Novell IPX
irc Internet Relay Chat
kazaa2 Kazaa Version 2
l2tp L2F/L2TP tunnel
ldap Lightweight Directory Access Protocol
mgcp Media Gateway Control Protocol
netshow Microsoft Netshow
nfs Network File System
nntp Network News Transfer Protocol
notes Lotus Notes(R)
novadigm Novadigm EDM
ntp Network Time Protocol
ospf Open Shortest Path First
pad PAD links
pcanywhere Symantec pcANYWHERE
pop3 Post Office Protocol
pppoe PPP over Ethernet
pptp Point-to-Point Tunneling Protocol
printer print spooler/lpd
qllc qllc protocol
rcmd BSD r-commands (rsh, rlogin, rexec)
rip Routing Information Protocol
rsrb Remote Source-Route Bridging
rsvp Resource Reservation Protocol
rtcp Real Time Control Protocol
rtp Real Time Protocol
rtsp Real Time Streaming Protocol
secure-ftp FTP over TLS/SSL
secure-http Secured HTTP
secure-imap Internet Message Access Protocol over TLS/SSL
secure-irc Internet Relay Chat over TLS/SSL
secure-ldap Lightweight Directory Access Protocol over TLS/SSL
secure-nntp Network News Transfer Protocol over TLS/SSL
secure-pop3 Post Office Protocol over TLS/SSL
secure-telnet Telnet over TLS/SSL
sip Session Initiation Protocol
skinny Skinny Protocol
skype Skype Peer-to-Peer Internet Telephony Protocol
smtp Simple Mail Transfer Protocol
snapshot Snapshot routing support
snmp Simple Network Management Protocol
sqlnet SQL*NET for Oracle
sqlserver MS SQL Server
ssh Secured Shell
streamwork Xing Technology StreamWorks player
stun Serial Tunnel
sunrpc Sun RPC
syslog System Logging Utility
tftp Trivial File Transfer Protocol
vdolive VDOLive streaming video
vofr voice over Frame Relay packets
winmx WinMx file-sharing application
xwindows X-Windows remote access
I do not think it will work (can't check right now). Moreover there are many situations in which i can't use class-map and can't use NBAR. The list you show is short and does not cover a whole bunch of protocols like VTP,STP,DTP,LLDP...
That's why i need L2 protocol numbers list somewhere is cisco docs....
I do not belive they force CCIE candidate to remember all possible numbers...
Aren't we looking for more complicated ways to stop VTP, STP, CDP and DTP; when we can simply disable them.
Though I understand your concern. I also don't believe Cisco will want any candidate to cram all the values. However, since it is CCIE exams, it is best said that expect the unexpected if you want to succeed.
As far as docs on them is concerns, let me assured you that you will definately find on cisco, however all the infomation will be distributed and not centrallised. You may have to do lots of browsing to come to the correct page.
PS: I guess the doing lot of broswing on UniverCD will always benifit you as during LAB only help at your disposal will be univerCD. So better practise it now, even though you don't find what you need.
Yes - for CCIE i have to expect unexpected
I've already done a lot of browsing and know docs quite well. For layers 3,4 and up there are valuable informations in ACE modules docs. But for layer2 protocols could not find any table with numbers for each protocol