NBAR Configuration Commands

The CLI commands that you need to know to configure NBAR are as follows:

• router(config-if)# ip nbar protocol-discovery

  configures NBAR to discover traffic and keep traffic statistics for all protocols known to NBAR on a particular interface.

• router(config)# ip nbar port-map

  configures NBAR to search for a protocol or protocol name using port number(s) other than the well-known port. A protocol can be represented by up to 16 different ports.

• router(config)# ip nbar custom protocol-name [number {ascii | decimal | hex}] [destination | source] [tcp | udp]

  configures NBAR to classify and monitor additional static port applications. The parameters for this command are defined as follows:

  - protocol-name specifies the name of the user-defined protocol.

  - number is the byte location of the value to be searched in the payload (0 to 255).

  - destination inspects destination flows only (optional).

  - source inspects source flows only (optional).

  - tcp defines up to 16 explicit TCP port numbers or a range of a maximum of 1000 TCP ports.

  - udp defines up to 16 explicit UDP port numbers or a range of a maximum of 1000 UDP ports.

• router(config)# ip nbar pdlm

  extends the list of protocols by loading a new PDLM (providing the full path to the PDLM). New PDLM versions are provided on the Cisco website at http://www.cisco.com/go/nbar.

• router(config)#ip nbar resources 10-86400

  configures memory usage for tracking the max-idle time (in seconds) of stateful sessions.