Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1143
Views
5
Helpful
4
Replies

Running NBAR protocol discovery on Switches

mistryj
Level 1
Level 1

‎06-25-2009 08:02 AM - edited ‎03-06-2019 06:27 AM

Hello,

How do I enable ip nbar protocol discovery on Cisco 6509 OS version Version 12.2(18)SXF ? would like to do this to get some stats on current traffic running on our network.

I have CEF enabled already but do I need any other commands so I can enable nbar on an interface. At the moment only global command exist for nbar and not interface command.

Switch(config)#ip cef ?

accounting Enable CEF accounting

distributed Distributed Cisco Express Forwarding

event-log CEF event log commands

interface CEF linecard commands

linecard CEF linecard commands

load-sharing Load sharing

nsf Set CEF non-stop forwarding (NSF) characteristics

table Set CEF forwarding table characteristics

traffic-statistics Enable collection of traffic statistics

Global Command (No Interface Command ?) :-

Switch(config)#ip nbar ?

custom Custom PDL (protocol description language) Module

pdlm PDL (protocol description language) Module

port-map Map well-known port of a protocol to a new port

resources Configure memory usage for tracking Stateful sessions

Labels:
0 Helpful
4 Replies 4

Edison Ortiz
Hall of Fame
Hall of Fame

‎06-25-2009 08:17 AM

You should look into NetFlow instead of NBAR.

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/netflow.html

HTH,

__

Edison.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎06-25-2009 11:11 AM

Most switches don't support NBAR. For the 6500, believe some of the WAN module cards do (e.g. FlexWAN, SIP-200/4000), or there's somewhat of a similar capability(?) if using a sup32-PISA.

0 Helpful

mistryj
Level 1
Level 1
In response to Joseph W. Doherty

‎06-26-2009 04:23 AM

So 6500 with Sup-720 wont work either ?

What can I use to classify traffic for QOS ?

I thought using nbar would help greatly with minimal cost ?

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to mistryj

‎06-26-2009 05:49 AM

You can use ACLs.

For instance, for match protocol http, you can do the same with:

access-list 101 permit tcp any any eq 80

access-list 101 permit tcp any eq 80 any

class-map NETPRO

match access-group 101

While the 'match protocol' command is available under the 6500 Sup-720 CLI, activating that command will produce sub-par performance as that process will be running in software.

HTH,

__

Edison.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card