[c-nsp] NBAR on 7600 - Internet Gateway
Rolf Mendelsohn
rolf-web at cyberops.biz
Mon Nov 21 05:11:07 EST 2005
Hi Guys,
>From a scalability perspective its really much better to do this on the Edge
than on the core, i.e. on you access routers you apply NBAR / rate-limit's
and make sure that high speed interfaces - e.g. Ethernets etc. are properly
limited.
To discovery how much traffic is from which application, ntop does a good job
and isn't much work to setup - www.ntop.org, then you do netflow exports to
it.
cheers
/rolf
On Monday 21 November 2005 12:27 am, Asbjorn Hojmark - Lists wrote:
> > NBAR has been on 6500/7600 for ages (well 12.1(13)E, so three
> > years at least), though only for Sup1 and Sup2. There's still
> > NBAR in 12.2SX, but only on the Sup2.
> >
> > The last time I asked for NBAR on Sup720, the answer was: "No
> > plans."
>
> PS: I was thinking of LAN interfaces. It *is* supported for
> FlexWAN with Sup720 and has been for more than two years.
>
> -A
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
--
Rolf Mendelsohn
Internet Technologies Angola
Cell: +244-92-3524981
More information about the cisco-nsp
mailing list