NBAR Configuration Commands

The CLI commands that you need to know to configure NBAR are as follows:

  • router(config-if)# ip nbar protocol-discovery

    configures NBAR to discover traffic and keep traffic statistics for all protocols known to NBAR on a particular interface.

  • router(config)# ip nbar port-map

    configures NBAR to search for a protocol or protocol name using port number(s) other than the well-known port. A protocol can be represented by up to 16 different ports.

  • router(config)# ip nbar custom protocol-name [number {ascii | decimal | hex}] [destination | source] [tcp | udp]

    configures NBAR to classify and monitor additional static port applications. The parameters for this command are defined as follows:

    - protocol-name specifies the name of the user-defined protocol.

    - number is the byte location of the value to be searched in the payload (0 to 255).

    - destination inspects destination flows only (optional).

    - source inspects source flows only (optional).

    - tcp defines up to 16 explicit TCP port numbers or a range of a maximum of 1000 TCP ports.

    - udp defines up to 16 explicit UDP port numbers or a range of a maximum of 1000 UDP ports.

  • router(config)# ip nbar pdlm

    extends the list of protocols by loading a new PDLM (providing the full path to the PDLM). New PDLM versions are provided on the Cisco website at

  • router(config)#ip nbar resources 10-86400

    configures memory usage for tracking the max-idle time (in seconds) of stateful sessions.

Part II: Implementations on the Cisco Devices