.jpg "Opportunities, Appliacation, Openings"){kind=small}
.jpg "Hand Job, Blow Job, Job Search, Monster Job"){kind=small}
.jpg "pusat resume, daftar kerja, cari kerja"){kind=small}
.jpg "Project Manager, SOftware Engineer, SAP Consultant"){kind=small}
IP NBAR port-map
Hi Marvin
Thnx for the explaination . My bad .. I didnt figured out the 01 and 10 stuff ..
Does the port number included in CLI (UDP port no ) .. dest. port number ?
Gaurav Madan.
On Tue, Jul 29, 2008 at 1:23 PM, Marvin Greenlee wrote: > The router will complete an unfinished command. > > “ip nbar port-map custom-1″ > Completes to > “ip nbar port-map custom-10″ > > If you want to use the custom 1, you need to specify “ip nbar port-map > custom-01″, not “custom-1″. I think that missing the zero is causing your > problem. > > Regarding class-maps, it will allow you to match any that you have defined. > If 10 is the only one that you have defined, that is all that will show up > for “match protocol”. > > Router(config)#do show ip nbar port-map | i custom > port-map custom-01 udp 12345 > port-map custom-02 udp 1333 > port-map custom-10 udp 12344 > Router(config)#class-map test > Router(config-cmap)#match prot cust? > custom-01 custom-02 custom-10 > > > Marvin Greenlee, CCIE #12237 (R&S, SP, Sec) > Senior Technical Instructor - IPexpert, Inc. > Telephone: +1.810.326.1444 > Fax: +1.810.454.0130 > Mailto: mgreenlee@ipexpert.com > > Progress or excuses, which one are you making? > > > > —–Original Message—– > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of > GAURAV MADAN > Sent: Tuesday, July 29, 2008 2:57 AM > To: Cisco certification > Subject: IP NBAR port-map > > HI Group > > I wanted a small clearification : > > If my requirement says ” i have to deny upd packets going tp dest port > 1434 ” and i am not supposed to use the ACL for it . > > I plan to do this as : > > Rack1R5(config)#do sh run | inc ip nb > ip nbar port-map custom-10 udp 1434 > > Then I will match this in class-map ” match protocol custom-10 ” and > finally drop in policy-map . > > Am I correct in my approach ? > > Question > *********** > 1) Is this udp port number that i specify ; the dest port number ? > 2) When I give : > > Rack1R5(config)#ip nbar port-map ? > > custom-01 Custom protocol custom-01 > custom-02 Custom protocol custom-02 > custom-03 Custom protocol custom-03 > custom-04 Custom protocol custom-04 > custom-05 Custom protocol custom-05 > custom-06 Custom protocol custom-06 > custom-07 Custom protocol custom-07 > custom-08 Custom protocol custom-08 > custom-09 Custom protocol custom-09 > custom-10 Custom protocol custom-10 > > Whatever I choose ; I get that configured as custom-10 > > Rack1R5(config)#ip nbar port-map custom-1 udp 1001 > Rack1R5(config)#do sh run | inc ip nbar > ip nbar port-map custom-10 udp 1001 > > 3) Also ; I find only “custom-10″ as only option in match protocol …. > > If I have to do this for multiple ports ( i know i can match upto 16 > in one custom itself ) then do we have some other options ? > > Thnx in advance > Gaurav Madan. > > > Blogs and organic groups at http://www.ccie.net > > _______________________________________________________________________ > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
