The CLI commands that you need to know to configure NBAR are as follows:
router(config-if)# ip nbar protocol-discovery
configures NBAR to discover traffic and keep traffic statistics for all protocols known to NBAR on a particular interface.
router(config)# ip nbar port-map
configures NBAR to search for a protocol or protocol name using port number(s) other than the well-known port. A protocol can be represented by up to 16 different ports.
router(config)# ip nbar custom protocol-name [number {ascii | decimal | hex}] [destination | source] [tcp | udp]
configures NBAR to classify and monitor additional static port applications. The parameters for this command are defined as follows:
- protocol-name specifies the name of the user-defined protocol.
- number is the byte location of the value to be searched in the payload (0 to 255).
- destination inspects destination flows only (optional).
- source inspects source flows only (optional).
- tcp defines up to 16 explicit TCP port numbers or a range of a maximum of 1000 TCP ports.
- udp defines up to 16 explicit UDP port numbers or a range of a maximum of 1000 UDP ports.
router(config)# ip nbar pdlm
extends the list of protocols by loading a new PDLM (providing the full path to the PDLM). New PDLM versions are provided on the Cisco website at http://www.cisco.com/go/nbar.
router(config)#ip nbar resources 10-86400
configures memory usage for tracking the max-idle time (in seconds) of stateful sessions.