Network Based Application Recognition (NBAR) is really a great idea, i know its not new one but worked for most of the purposes like blocking bit torrent traffic, mp3 and many more bandwidth wasting things. The resources provided here assist you in configuring your network to provide the appropriate level of service to these applications.You can use access control list to do these tasks but that’s a very old technique and there are many loop holes that you have to take care seriously. Like you can’t check and block what port a bit torrent client is using. This means you can’t depend on access-lists being able to block the traffic. Cisco’s NBAR users packet inspection to determine what traffic class a data stream belongs to. With NBAR, it’s no longer necessary to know what ports an application is using.
You need to take care three steps and you goes on air to detect if any of your user is using bit torrent to waste your valuable bandwidth and you even can block.
- Create a class-map to match the protocols to be blocked.
ITOPERATIONZ(config)#class-map match-any torrentzITOPERATIONZ(config-cmap)#match protocol bittorrent - Create a policy-map to specify what should be done with the traffic.
ITOPERATIONZ(config)#policy-map torrentzITOPERATIONZ(config-pmap)#class torrentzITOPERATIONZ(config-pmap-c)#drop - Apply the policy to the user-facing (incoming) interface.
ITOPERATIONZ(config)#interface fa0/1ITOPERATIONZ(config-if)#service-policy input torrentz
NBAR command will only work with 12.2 IOS.
Dear IT Operations,
I tried your example on 1841 Router which has 12.4 IOS though the document clearly states 12.02. Is there any work around solution to make it happen on “12.4(13r)T” IOS..?? Please do advice.
Regards,
Naddy
Hi, thanks for sharing your problem with me. I hope you will find a better help about NBAR from under given URL.
http://www.cisco.com/en/US/docs/ios/12_4t/qos/configuration/guide/qsnbar1.html
Great tutorial. I found it from Google..