Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Matching VoIP traffic

Hi,

Just wondering if these two class maps accomplish the same goal:

class-map match-all VoIP-1

match protocol rtp audio

class-map match-all VoIP-2

match access-group 123

!

access-list 123 permit udp any any range 16384 32767

thanks!

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Matching VoIP traffic

That is the same as your access list. It's not deep packet inspection like the match protocol statement. The 2nd number there is a range, and is an alternative to using an ACL.

-nick

3 REPLIES

Re: Matching VoIP traffic

Hi,

These are actually quite different.

If you have a Cisco only VoIP deployment, they should be equivalent. The 16384 - 32767 is a Cisco only standard. Many SIP providers and other voice applications will use ports 10000-70000.

The first uses NBAR (requires CEF), and looks inside the packet for a RTP header. If you're worried about CPU utilization this would kick up a bit.

The optimal matching would be to ensure you have a switched network that is trusting DSCP and mark/match it EF.

hth,

nick

New Member

Re: Matching VoIP traffic

OK

No worries about CPU utilization I just trying to understand how to match VoIP traffic in a Cisco network. Also found this ACL:

match ip rtp 16384 16383

Is it also suppose to match VoIP traffic?

thanks!

Re: Matching VoIP traffic

That is the same as your access list. It's not deep packet inspection like the match protocol statement. The 2nd number there is a range, and is an alternative to using an ACL.

-nick

336
Views
0
Helpful
3
Replies