Scribd
Upload
41 views23 pages

Optimizing Converged Cisco Networks (Ont) : Module 4: Implement The Diffserv Qos Model

Uploaded by

ccazorlaqsc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
41 views23 pages

Optimizing Converged Cisco Networks (Ont) : Module 4: Implement The Diffserv Qos Model

Uploaded by

ccazorlaqsc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 23

Optimizing Converged

Cisco Networks (ONT)

Module 4: Implement the DiffServ QoS Model

© 2006 Cisco Systems, Inc. All rights reserved.


Module 4: Implement
the DiffServ QoS
Model

Lesson 4.2: Using NBAR for Classification

© 2006 Cisco Systems, Inc. All rights reserved.


Network-Based Application Recognition

 Used in conjunction with QoS class-


My application based features, NBAR is an
is too slow!
intelligent classification engine that:
Classifies modern client-server and web-based
applications
Discovers what traffic is running on the
network
Analyzes application traffic patterns in real
time
 NBAR functions:
Citrix 25% Performs identification of applications and
Netshow 15% protocols (Layer 4–7)
Fasttrack 10%
FTP 30% Performs protocol discovery
HTTP 20%
Provides traffic statistics
Sample Link Utilization  New applications are easily
supported by loading a PDLM.

© 2006 Cisco Systems, Inc. All rights reserved.


NBAR Functions & Features
 NBAR performs the following two functions:
Identification of applications and protocols (Layer 4 to Layer 7)
Protocol discovery

 Some examples of class-based QoS features that can


be used on traffic after the traffic is classified by NBAR
include:
Class-Based Marking (the set command)
Class-Based Weighted Fair Queueing (the bandwidth and
queue-limit commands)
Low Latency Queueing (the priority command)
Traffic Policing (the police command)
Traffic Shaping (the shape command)

© 2006 Cisco Systems, Inc. All rights reserved.


NBAR Application Support

 NBAR can classify applications that use:


Statically assigned TCP and UDP port numbers
Non-UDP and non-TCP IP protocols
Dynamically assigned TCP and UDP port numbers negotiated
during connection establishment (requires stateful inspection)
Subport and deep packet inspection classification

© 2006 Cisco Systems, Inc. All rights reserved.


Packet Description Language Module
 PDLMs allow NBAR to recognize new protocols
matching text patterns in data packets without requiring
a new Cisco IOS software image or a router reload.
 An external PDLM can be loaded at run time to extend
the NBAR list of recognized protocols.
 PDLMs can also be used to enhance an existing
protocol recognition capability.
 PDLMs must be produced by Cisco engineers.

© 2006 Cisco Systems, Inc. All rights reserved.


PDLM Command Syntax

router(config)#
ip nbar pdlm pdlm-name
 Used to enhance the list of protocols recognized by NBAR through
a PDLM.
 The filename is in the URL format (for example, flash://citrix.pdlm).

router(config)#
ip nbar port-map protocol-name [tcp | udp] port-number
 Configures NBAR to search for a protocol or protocol name using
a port number other than the well-known port.
 Up to 16 additional port numbers can be specified.

© 2006 Cisco Systems, Inc. All rights reserved.


NBAR Protocol-to-Port Maps

router#
show ip nbar port-map [protocol-name]
 Displays the current NBAR protocol-to-port mappings

router#show ip nbar port-map

port-map bgp udp 179


port-map bgp tcp 179
port-map cuseeme udp 7648 7649
port-map cuseeme tcp 7648 7649
port-map dhcp udp 67 68
port-map dhcp tcp 67 68
port-map dns udp 53
port-map dns tcp 53

© 2006 Cisco Systems, Inc. All rights reserved.


NBAR Protocol Discovery
 Analyzes application traffic patterns in real time and
discovers which traffic is running on the network
 Provides bidirectional, per-interface, and per-protocol
statistics
 Important monitoring tool supported by Cisco QoS
management tools:
Generates real-time application statistics
Provides traffic distribution information at key network locations

© 2006 Cisco Systems, Inc. All rights reserved.


Configuring and Monitoring NBAR Protocol
Discovery

router(config-if)#
ip nbar protocol-discovery
 Configures NBAR to discover traffic for all protocols known to
NBAR on a particular interface
 Requires that CEF be enabled before protocol discovery
 Can be applied with or without a service policy enabled

router#
show ip nbar protocol-discovery
 Displays the statistics for all interfaces on which protocol discovery
is enabled

© 2006 Cisco Systems, Inc. All rights reserved.


Configuring and Monitoring Protocol
Discovery Output

router#show ip nbar protocol-discovery

Ethernet0/0
Input Output
Protocol Packet Count Packet Count
Byte Count Byte Count
5 minute bit rate (bps) 5 minute bit rate (bps)
---------- ------------------------ ------------------------
realaudio 2911 3040
1678304 198406
19000 1000
http 19624 13506
14050949 2017293
0 0
<output omitted>

© 2006 Cisco Systems, Inc. All rights reserved.


Steps for Configuring NBAR for Static
Protocols

 Required steps:
Enable NBAR Protocol Discovery.
Configure a traffic class.
Configure a traffic policy.
Attach the traffic policy to an interface.
Enable PDLM if needed.

© 2006 Cisco Systems, Inc. All rights reserved.


Configuring NBAR for Static Protocols
Commands

router(config-cmap)#
match protocol protocol
 Configures the match criteria for a class map on the basis of the
specified protocol using the MQC configuration mode.
 Static protocols are recognized based on the well-known
destination port number.
 A match not command can be used to specify a QoS policy value
that is not used as a match criterion; in this case, all other values
of that QoS policy become successful match criteria.

© 2006 Cisco Systems, Inc. All rights reserved.


Configuring NBAR Example

 HTTP is a static protocol using a well-known port number 80. However, other port numbers
may also be in use.
 The ip nbar port-map command will inform the router that other ports are also used for HTTP.

© 2006 Cisco Systems, Inc. All rights reserved.


Steps for Configuring Stateful NBAR for
Dynamic Protocols

 Required steps:
Configure a traffic class.
Configure a traffic policy.
Attach the traffic policy to an interface.

© 2006 Cisco Systems, Inc. All rights reserved.


Enhanced NBAR Classification for HTTP

router(config-cmap)#
match protocol http url url-string
 Recognizes the HTTP GET packets containing the URL, and then
matches all packets that are part of the HTTP GET request
 Include only the portion of the URL following the address or host
name in the match statement

router(config-cmap)#
match protocol http host hostname-string
 Performs a regular expression match on the host field content
inside an HTTP GET packet and classifies all packets from that
host

© 2006 Cisco Systems, Inc. All rights reserved.


Special NBAR Configuration for HTTP and
FastTrack

router(config-cmap)#
match protocol http mime MIME-type
 Matches a packet containing the MIME type and all subsequent packets
until the next HTTP transaction for stateful protocol.

router(config-cmap)#
match protocol fasttrack file-transfer
regular-expression
 Stateful mechanism to identify a group of peer-to-peer file-sharing applications.
 Applications that use FastTrack peer-to-peer protocol include Kazaa, Grokster,
Gnutella, and Morpheus.
 A Cisco IOS regular expression is used to identify specific FastTrack traffic.
 To specify that all FastTrack traffic will be identified by the traffic class, use
asterisk (*) as the regular expression.

© 2006 Cisco Systems, Inc. All rights reserved.


URL or HOST Specification String Options

Options Description
* Match any zero or more characters in this position.

? Match any one character in this position.

| Match one of a choice of characters.

(|) Match one of a choice of characters in a range. For


example, xyz.(gif | jpg) matches either xyz.gif or
xyz.jpg.

[ ] Match any character in the range specified, or one of


the special characters. For example, [0-9] is all of
the digits; [*] is the "*" character, and [[] is the
"[" character.

© 2006 Cisco Systems, Inc. All rights reserved.


Configuring Stateful NBAR for RTP

router(config-cmap)#
match protocol rtp [audio | video | payload-type
payload-string]

 Identifies real-time audio and video traffic in the class-map mode


of MQC
 Differentiates on the basis of audio and video codecs
 The match protocol rtp command has these options:
audio: Match by payload type values 0 to 23, reserved for audio
traffic
video: Match by payload type values 24 to 33, reserved for video
traffic
payload-type: Match by a specific payload type value; provides
more granularity than the audio or video options

© 2006 Cisco Systems, Inc. All rights reserved.


Classification of RTP Session

© 2006 Cisco Systems, Inc. All rights reserved.


Q and A

© 2006 Cisco Systems, Inc. All rights reserved.


Resources
 Network-Based Application Recognition, Q&A
http://www.cisco.com/en/US/partner/products/ps6616/products_
qanda_item09186a00800a3ded.shtml

 Network-Based Application Recognition and Distributed


Network-Based Application Recognition
http://www.cisco.com/en/US/partner/products/ps6350/products_
configuration_guide_chapter09186a0080455985.html

© 2006 Cisco Systems, Inc. All rights reserved.


© 2006 Cisco Systems, Inc. All rights reserved.

You might also like