[mrtg] Re: NBAR

[tim.reimers at asheville.k12.nc.us]

Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

 
Umm..... please ?? (-yes-)
 
One thing everyone thinking about NBAR should do is update their NBAR PDLM=
 files on the Cisco devices: These are the files that
'know' what a protocol is-
I can see the possibility of a great many posts here of people saying that=
 their sniffer sees a protocol, but the MRTG doesn't show it-
My 2c involves becoming carnally familiar with ALL the information below=
 before you try implementing MRTG graphing the results-
You DEFINITELY should know and use the debugging and testing commands that=
 Cisco recommends before assuming that it's a problem with MRTG.
 
Here's the top level public page from Cisco's TAC website regarding Traffic=
 Classification (which is what NBAR is part of)
http://www.cisco.com/pcgi-bin/Support/browse/psp_view.pl?p=3DTechnologies:C=
lassification_and_Marking=
 http://www.cisco.com/pcgi-bin/Support/browse/psp_view.pl?p=3DTechnologies:=
Classification_and_Marking
 
 
This is, I believe, the MIB you want to think of for MRTG
http://www.cisco.com/pcgi-bin/Support/Mibbrowser/mibinfo.pl?mn=3DCISCO-NBAR=
-PROTOCOL-DISCOVERY-MIB CISCO-NBAR-PROTOCOL-DISCOVERY-MIB
 
 
Tim Reimers, CCNA, CCDA
Asheville City Schools
 
 

---- Message from mailto:<kj at sunclipse.com Keith E Johnson=
 <kj at sunclipse.com> at 2004-02-19 09:05:57 ------

I'm running NBAR on a couple of my core routers and my internet routers.
I've been running NBAR for about a year now without any issues. I have a
couple scripts to feed the Data into MRTG if anybody is interested.


Thanx, kj

Keith Johnson=20
LAN Administrator=20
Amcor Sunclipse North America=20
6600 Valley View Street, Buena Park, CA 90620=20
Voice: 714.562.6179 Fax: 714.562.2036=20
Email: keith.johnson at sunclipse.com=20
-----Original Message-----
From: Trent Melcher [mailto:tmelcher at trilogytel.com]=20
Sent: Thursday, February 19, 2004 7:26 AM
To: Greg.Volk at edwardjones.com; mrtg at list.ee.ethz.ch
Subject: [mrtg] Re: NBAR

Greg

I just turned on nbar(ip nbar protocol-discovery)  on all my router
interfaces,  I Im running a 2600 with 2Serial T1 interfaces and 1
FastEthernet interface,  I currently graph cpu utilization, so I will let it
run for a day and report back the cpu statistics.

Trent

-----Original Message-----
From: mrtg-bounce at list.ee.ethz.ch [mailto:mrtg-bounce at list.ee.ethz.ch]On
Behalf Of Greg.Volk at edwardjones.com
Sent: Thursday, February 19, 2004 7:21 AM
To: mrtg at list.ee.ethz.ch
Subject: [mrtg] Re: NBAR


>
> Has anybody had a play with this:
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122
t/122t15/ftpdmib.htm
>
> I have been asked to see once its implemented on our routers can MRTG
> identify protocols so traffic can be classified appropriately
> for Quality of
> Service purposes?
>
> Can anybody help at all ?
>

This is the first time I've heard of NBAR, and it's been
around since 12.0(5)XE2! I sure feel out of the loop. ;)

>From the above URL...

>>NBAR is a classification engine that recognizes a wide
>>variety of applications, including web-based and other
>>difficult-to-classify protocols that utilize dynamic TCP/UDP
>>port assignments. When an application is recognized and
>>classified by NBAR, a network can invoke services for that
>>specific application. NBAR ensures that network bandwidth
>>is used efficiently by classifying packets and then applying
>>Quality of Service (QoS) to the classified traffic.

This just sounds too cool. What is the router overhead? It's
got to be high if it's doing payload inspection. I want
to see a pre and post implementation router-cpu graph.


-- Attached file removed by Ecartis and put at URL below --
-- Type: application/ms-tnef
-- Size: 1k (1875 bytes)
-- URL : http://www.ee.ethz.ch/~slist/p/70-WINMAIL.DAT


--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=3Dunsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi


--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=3Dunsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi

--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=3Dunsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi








-- Attached file removed by Ecartis and put at URL below --
-- Type: text/directory
-- Size: 169 bytes
-- URL : http://www.ee.ethz.ch/~slist/p/08-tim_reimers.vcf


-- Binary/unsupported file stripped by Ecartis --
-- Err : No filename to use for decode, file stripped.
-- Type: text/plain


--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi