CCIP-v2 2 pptQOS22S04L04

ClassificationandMarking,UsingNBARforClassification,Network-BasedApplicationRecognition,NBARsolvestheproblemofhowtoclassifymodernclient/serverandweb-basedapplications.NBARperformsthefollowingfunctions:Identificationofapplicationsandprotocols(Layer4toLayer7)ProtocoldiscoveryProvidestrafficstatisticsNBARenablesdownstreamactionsbasedonQoSpoliciesviarandomearlydetection,class-basedqueuing,andpolicing,byselectingtrafficwhichcanthenbemarkedtotriggerdownstreamper-hopbehaviors.通过NBAR对流量归类，能够对这些类执行randomearlydetection,class-basedqueuing,andpolicing等QOS的PHB行为NewapplicationsareeasilysupportedbyloadingPDLM.,NBARApplicationSupport,NBARcanclassifyapplicationsthatuse:StaticallyassignedTCPandUDPportnumbersNon-UDPandnon-TCPIPprotocolsDynamicallyassignedTCPandUDPportnumbersnegotiatedduringconnectionestablishment(requiresstatefulinspection)Subportclassification:classificationofHTTP(URLs,MIME,orhostnames)andCitrixapplications(ICAtrafficbasedonpublishedapplicationname)Classificationbasedondeeppacketinspectionandmultipleapplication-specificattributes(RTPpayloadclassification),NBARApplicationSupport(Cont.),PacketDescriptionLanguageModule,AnexternalPDLMcanbeloadedatruntimetoextendtheNBARlistofrecognizedprotocols.PDLMscanalsobeusedtoenhanceanexistingprotocolrecognitioncapability.PDLMsallowNBARtorecognizenewprotocolswithoutrequiringanewCiscoIOSimageorarouterreload.PDLMsmustbeproducedbyCiscoengineers.CurrentlyavailablePDLMsinclude:Peer-to-peerfile-sharingapplicationsBitTorrent,eDonkey2000,KaZaa2,gnutella,andWinMXCitrixICA(InterdependentComputingArchitecture),ProtocolDiscovery,Protocoldiscoveryanalyzesapplicationtrafficpatternsinrealtimeanddiscoverswhichtrafficisrunningonthenetwork.Providesbidirectional,per-interface,per-protocolstatistics:5-minutebitrate(bps)PacketcountsBytecountsImportantmonitoringtoolsupportedbyCiscoQoSmanagementtools.Generatesreal-timeapplicationstatisticsProvidestrafficdistributioninformationatkeynetworklocationsHistoricalQoSstatisticalinformationavailablethroughtheProtocolDiscoveryMIB.,ProtocolDiscoveryMIB,TheNBARProtocolDiscoveryMIBusesSNMPtoprovidethefollowingnewprotocoldiscoveryfunctionality:EnableordisableprotocoldiscoveryperinterfaceDisplayprotocoldiscoverystatisticsConfigureandviewmultipletop-ntablesthatlistprotocolsbybandwidthusageConfigurethresholdsbasedontrafficofparticularNBAR-supportedprotocolsorapplicationsthatreportbreachesandsendnotificationswhenthesethresholdsarecrossedReleasedinCiscoIOSRelease12.2(15)T,ConfiguringProtocolDiscovery,ipnbarprotocol-discovery,router(config-if)#,ConfiguresNBARtodiscovertrafficforallprotocolsknowntoNBARonaparticularinterfaceRequiresthatCEFbeenabledbeforeprotocoldiscoveryCanbeappliedwithorwithoutaservicepolicyenabled,snmp-serverenabletrapscnpd,router(config)#,EnablesCiscoNBARProtocolDiscoverynotificationsReleasedinCiscoIOSRelease12.2(15)T,MonitoringProtocolDiscovery,showipnbarprotocol-discovery,Router#,Displaysthestatisticsforallinterfacesonwhichprotocoldiscoveryisenabled,router#showipnbarprotocol-discoveryEthernet0/0InputOutputProtocolPacketCountPacketCountByteCountByteCount5minutebitrate(bps)5minutebitrate(bps)-realaudio291130401678304198406190001000http196241350614050949201729300.,ConfiguringNBARforStaticProtocols,matchprotocolprotocol,router(config-cmap)#,Configuresthematchcriteriaforaclassmaponthebasisofthespecifiedprotocol.Staticprotocolsarerecognizedbasedonthewell-knowndestinationportnumber.Dynamicprotocolsarerecognizedbyinspectingthesession.AmatchnotcommandcanbeusedtospecifyaQoSpolicyvaluethatisnotusedasamatchcriterion.Inthiscase,allothervaluesofthatQoSpolicybecomesuccessfulmatchcriteria.,ConfiguringNBARforStaticProtocols(Cont.),ipnbarport-mapprotocoltcp|udpnew-portnew-port.,router(config)#,ConfigureNBARtosearchforaprotocolorprotocolnameusingaportnumberotherthanthewell-knownport.Upto16additionalportnumberscanbespecified.,ipnbarpdlmpdlm-file,router(config)#,SpecifiesthelocationofthePacketDescriptionLanguageModulefiletoextendtheNBARcapabilitiesoftherouter.ThefilenameisintheURLformat(forexample,flash:/citrix.pdlm).,ConfiguringNBARforStaticProtocolsExample,HTTPisastaticprotocolusingawell-knownportnumber80.However,otherportnumbersmayalsobeinuse.Theipnbarport-mapcommandwillinformtherouterthatotherportsarealsousedforHTTP.,ConfiguringNBARforStatefulProtocols,matchprotocolhttpurlurl-string,router(config-cmap)#,RecognizestheHTTPGETpacketscontainingtheURL,andthenmatchesallpacketsthatarepartoftheHTTPGETrequest.IncludeonlytheportionoftheURLfollowingtheaddressorhostnameinthematchstatement.,matchprotocolhttphosthostname-string,router(config-cmap)#,PerformsaregularexpressionmatchonthehostfieldcontentsinsideanHTTPGETpacketandclassifiesallpacketsfromthathost.,matchprotocolhttpmimeMIME-type,router(config-cmap)#,SelecttheMIMEtypetobematched.MatchesapacketcontainingtheMIMEtypeandallsubsequentpacketsuntilthenextHTTPtransaction.,ConfiguringNBARforStatefulProtocols(Cont.),matchprotocolfasttrackfile-transferregular-expression,router(config-cmap)#,Statefulmechanismtoidentifyagroupofpeer-to-peerfile-sharingapplications.ApplicationsthatuseFastTrackincludeKaZaA,Grokster,andMorpheus.ACiscoIOSregularexpressionisusedtoidentifyspecificFastTracktraffic.TospecifythatallFastTracktrafficbeidentifiedbythetrafficclass,use“*”astheregularexpression.IntroducedinCiscoIOSRelease12.1(12c)E.,ConfiguringNBARforStatefulProtocols(Cont.),matchprotocolrtpaudio|video|payload-typepayload-string,router(config-cmap)#,Statefulmechanismtoidentifyreal-timeaudioandvideotrafficDifferentiateonthebasisofaudioandvideocodecsThematchprotocolrtpcommandhastheseoptions:audio:Matchbypayload-typevalues0to23,reservedforaudiotrafficvideo:Matchbypayload-typevalues24to33,reservedforvideotrafficpayload-type:Specifiesmatchingbyaspecificpayload-typevalue,providingmoregranularitythantheaudioorvideooptionsIntroducedinCiscoIOSReleases12.2(8)Tand12.1(11b)E,ConfiguringNBARforStatefulProtocolsExample,Summary,NBARidentifiesapplicationsandprotocols(Layer4toLayer7)andprovidestrafficstatistics.NBARsupportsbothstaticallyanddynamicallyassignedTCPandUDPportnumbersalongwithothermeanstorecognizeapplications.PDLMscontaintherulesthatareusedbyNBARtorecognizeanapplicationandcanbeusedtobringneworchangedfunctionalitytoN