Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
399
Views
0
Helpful
4
Replies

NBAR and QOS

jangeja
Level 1
Level 1

‎05-05-2003 08:58 PM - edited ‎03-02-2019 07:08 AM

I am new to QOS and testing out the NBAR features. I have 12.2(16) loaded and I am trying to block kazaa2 I have the PDLM loaded but the traffic is still coming through. Can someone please advise me on what I am missing in my config below. I have elimited any irrelevant info in the config. I am under the impression I just need to identify the traffic via a class map and then shape the traffic with a policy and then apply that policy to the interface. What am I missing? thanks

version 12.2

service password-encryption

ip nbar pdlm flash:kazaa2.pdlm

ip cef

class-map match-any kazaa2

match protocol kazaa2

match protocol fasttrack

policy-map mykazaapolicy

description used to Block all kazaa traffic

class kazaa2

police 8000 8000 8000 conform-action drop exceed-action drop violate-action drop

interface Ethernet0/0

ip address 10.10.11.2 255.255.255.0

ip broadcast-address 10.10.11.255

ip nbar protocol-discovery

service-policy input mykazaapolicy

interface Ethernet0/1

ip address 10.10.12.1 255.255.255.0

ip broadcast-address 10.10.12.255

ip nbar protocol-discovery

service-policy input mykazaapolicy

service-policy output mykazaapolicy

Labels:
0 Helpful
4 Replies 4

sdbell
Level 1
Level 1

‎05-06-2003 01:13 PM

I had the exact same issue. You need a "T" train of IOS. Look for 12.2(15)T1 for your router. Using the Software Finder on Cisco's site, look for the feature called NBAR Real-time Transport Protocol Payload Classification. Without this it won't classify KaZaA2 traffic. With it it does. Since this morning I have this IOS version loaded on my 7206VXR, and it is now classifying KaZaA.

0 Helpful

jangeja
Level 1
Level 1
In response to sdbell

‎05-06-2003 07:06 PM

Thanks that is exactly what I was looking for. I spent about 5 hours beating my head against the wall. Thanks again

0 Helpful

almetcousins
Level 1
Level 1

‎05-06-2003 01:21 PM

Before upgrading your IOS try with:

match protocol kazaa2 file-transfer "*"

match protocol fasttrack file-transfer "*"

on the class-map definition. This will put a wildcard and thus match all file transfers.

Hope this help

0 Helpful

jangeja
Level 1
Level 1
In response to almetcousins

‎05-07-2003 07:01 AM

Thanks for your response...I tried this but with no luck so I used a IOS (T) version and it works now. Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents