Using NBAR to view Traffic Protocols on your network.

NBAR examines the traffic on a router interface and associates it with an application. This is done by way of mapping ports to Protocols.  In addition it also recognises traffic without a standard port number, useful for things like P2P traffic.

What would you use this for?

If you are trying to identify traffic on an interface for the purpose of applying QoS polices to it.

How does it all work?

show ip nbar protocol-discovery; or

show ip nbar protocol-discovery top-n 10 (shows you the top 10 protocols)

show ip nbar protocol-discovery stats max-bit-rate top-n (show the top protocols by max bit rate)

NBAR2 Protocol Packs

Verify Cisco AVC licensing is active

router#show license

Verify current NBAR information

router# show ip nbar protocol-pack active

Verify the version of NBAR

router#sh ip nbar version | include software

Installing a new protocol pack

router#ip nbar protocol-pack flash0:/pp-adv-isrg2-152-4.M1-13-5.1.0.pack

View NBAR traffic on an interface

router#sh ip nbar protocol-discovery [interface]

That’s about it.


<span>%d</span> bloggers like this: