[cisco-voip] Nbar missing some RTP traffic
Jeffrey Ollie
jeff at ocjtech.us
Thu Apr 17 10:46:01 EDT 2008
On Thu, Apr 17, 2008 at 9:35 AM, Ellington, Chris
<Chris.Ellington at inin.com> wrote:
> Well, yes that is true - however you can pick a range of ports to match - I do it all of the time. Use an extended ACL to match by port range if you like. Much more granular than trying to use nbar
By default RTP on Cisco kit uses UDP ports in the range of 16K - 32K.
That's a lot of ports... Plus don't you think that that will match non
RTP data? Plus not all RTP data is alike... you need to assign
different DSCP mappings to packets depending on if the packet contains
audio or video data. That's why trying to match based on UDP port
number is inadequate and why I hoped that using nBAR to match RTP
packets would work better. Unfortunately, since nBAR doesn't work
properly if your RTP streams are using dynamically negotiated payload
types using nBAR to classify RTP traffic is useless to me.
Jeff
More information about the cisco-voip
mailing list