.jpg "Opportunities, Appliacation, Openings"){kind=small}
.jpg "Hand Job, Blow Job, Job Search, Monster Job"){kind=small}
.jpg "pusat resume, daftar kerja, cari kerja"){kind=small}
.jpg "Project Manager, SOftware Engineer, SAP Consultant"){kind=small}
IP NBAR port-map
The router will complete an unfinished command.
“ip nbar port-map custom-1″ Completes to “ip nbar port-map custom-10″
If you want to use the custom 1, you need to specify “ip nbar port-map custom-01″, not “custom-1″. I think that missing the zero is causing your problem.
Regarding class-maps, it will allow you to match any that you have defined. If 10 is the only one that you have defined, that is all that will show up for “match protocol”.
Router(config)#do show ip nbar port-map | i custom port-map custom-01 udp 12345 port-map custom-02 udp 1333 port-map custom-10 udp 12344 Router(config)#class-map test Router(config-cmap)#match prot cust? custom-01 custom-02 custom-10
Marvin Greenlee, CCIE #12237 (R&S, SP, Sec) Senior Technical Instructor - IPexpert, Inc. Telephone: +1.810.326.1444 Fax: +1.810.454.0130 Mailto: mgreenlee@ipexpert.com
Progress or excuses, which one are you making?
—–Original Message—– From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of GAURAV MADAN Sent: Tuesday, July 29, 2008 2:57 AM To: Cisco certification Subject: IP NBAR port-map
HI Group
I wanted a small clearification :
If my requirement says ” i have to deny upd packets going tp dest port 1434 ” and i am not supposed to use the ACL for it .
I plan to do this as :
Rack1R5(config)#do sh run | inc ip nb ip nbar port-map custom-10 udp 1434
Then I will match this in class-map ” match protocol custom-10 ” and finally drop in policy-map .
Am I correct in my approach ?
Question *********** 1) Is this udp port number that i specify ; the dest port number ? 2) When I give :
Rack1R5(config)#ip nbar port-map ?
custom-01 Custom protocol custom-01 custom-02 Custom protocol custom-02 custom-03 Custom protocol custom-03 custom-04 Custom protocol custom-04 custom-05 Custom protocol custom-05 custom-06 Custom protocol custom-06 custom-07 Custom protocol custom-07 custom-08 Custom protocol custom-08 custom-09 Custom protocol custom-09 custom-10 Custom protocol custom-10
Whatever I choose ; I get that configured as custom-10
Rack1R5(config)#ip nbar port-map custom-1 udp 1001 Rack1R5(config)#do sh run | inc ip nbar ip nbar port-map custom-10 udp 1001
3) Also ; I find only “custom-10″ as only option in match protocol ….
If I have to do this for multiple ports ( i know i can match upto 16 in one custom itself ) then do we have some other options ?
Thnx in advance Gaurav Madan.
Blogs and organic groups at http://www.ccie.net
