Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NBAR not working

We use Bittorrent PDLM to bock bittorrent download, but after we implemented the command, BT still working:

1. we download the PDLM and copy into bootflash:

GOV001#dir

Directory of bootflash:/

1 -rw- 8103684 Jan 14 2000 07:22:27 +08:00 c7200-kboot-mz.124-12.bin

2 -rw- 1752 May 13 2009 16:08:58 +08:00 kazaa2.pdlm

3 -rw- 2377 May 13 2009 16:09:31 +08:00 gnutella.pdlm

4 -rw- 3492 May 13 2009 16:10:14 +08:00 eDonkey.pdlm

5 -rw- 3100 May 13 2009 16:10:51 +08:00 bittorrent.pdlm

2.there are NBAR ERROR messages prompted after we put the following commands:

ip nbar pdlm bootflash://bittorrent.pdlm

ip nbar pdlm bootflash://eDonkey.pdlm

GOV001(config)#ip nbar pdlm bootflash://bittorrent.pdlm

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

SGKDHARGOV001(config)#ip nbar pdlm bootflash://eDonkey.pdlm

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

% NBAR ERROR: protocol_list_index not found in map table

3. the following are class-map policy-map command:

class-map match-any P2P

match protocol bittorrent

match protocol edonkey

policy-map dropP2P

class P2P

drop

interface GigabitEthernet0/1

desc "internet facing"

ip address x.x.x.x 255.255.255.252

ip access-group anitspoof in

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat outside

ip nbar protocol-discovery

duplex full

speed 100

media-type rj45

no negotiation auto

service-policy input dropP2P

After that, we use:

GOV001#sh ip nbar pr pr bittorrent

GigabitEthernet0/1

Input Output

Protocol Packet Count Packet Count

Byte Count Byte Count

5 minute bit rate (bps) 5 minute bit rate (bps)

------------------------ ------------------------ ------------------------

bittorrent 698 566

71612 50985

1000 1000

unknown 23383 17875

1998977 10357303

59000 229000

Total 25688 20547

2929115 12001987

87000 284000

we can see nbar matched bittorrent packet, but it cannot drop it. how can help me to slove it?

thanks in advance.

1 REPLY
Hall of Fame Super Silver

Re: NBAR not working

Hello Bindong,

the following document can help:

http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/nbar_app_recog_mods.html#wp1027258

the key point is that the added pdlm should have an higher version then the native (included in IOS) module

the command to check this is :

show ip nbar version

Hope to help

Giuseppe

506
Views
0
Helpful
1
Replies