NBAR Lab

Posted on November 2, 2009 by Judson Bishop

This lab is very similar to theNBAR Fun posting a few weeks back.

Here is a copy of all of the configuration files, both initial and completed.

The server at 192.168.34.234 is running a webserver, tftp server, sshd, telnetd and iperf on port 9100 to emulate an HPJD printer.

The path for most packets will be R4 Fa0/0 -> R1 Fa0/0 -> R1 S0/0 -> R2 S0/0 -> R2 S2/1 -> R3 S2/1 -> 192.168.34.234. It will be done with both the traffic generator and from the command line on the routers.

nbar-lab

 

To prepare for this lab only turn on one 800K link between R1 and R2, the serial link between R2 and R3 and the ethernet link for 192.168.34.3 on R3.

    On R1:

  • Add tcp port 9100 as a custom protocol called jetdirect in NBAR. One of my routers had it, the other did not.
  • On the interface going to R2, S0/0, classify the traffic using NBAR.
  • Make a class-map named cmap-jetdirect for printing traffic using the custom protocol.
  • Make a policy-map named limit-jetdirect and apply it to S0/0 on R1 that includes the class-map from above.
    On R2:

  • Add tcp port 9100 as a custom protocol in NBAR if needed.
  • Make a class-map named cmap-jetdirect using the custom protocol.
  • Make a class-map named cmap-http for HTTP traffic with a regular expression matching the word msi.
  • Make a policy-map named limit-drop and apply it to S0/0 on R1 that includes the class-maps from above and limits printing to 40Kbps.
    Notes:

  • Make sure to run sh queue before and after the configuration on the routers.
  • You may or may not have the jetdirect service/protocol defined in NBAR.
  • Make sure to run sh ip nbar protocol-discovery after applying the routing policy.

R1 starting configuration:

interface Serial0/0
 ip address 192.168.112.1 255.255.255.0
 fair-queue
!
interface FastEthernet0/0
 ip address 192.168.14.1 255.255.255.0
 duplex auto
 speed auto
!
router eigrp 1
 network 192.168.0.0 0.0.255.255
 no auto-summary

R2 starting configuration:

interface Serial0/0
 ip address 192.168.112.2 255.255.255.0
 clock rate 800000
!
interface Serial2/1
 ip address 192.168.123.2 255.255.255.0
!
router eigrp 1
 network 192.168.0.0 0.0.255.255
 no auto-summary

R3 starting configuration:

interface FastEthernet1/0
 ip address 192.168.34.3 255.255.255.0
 duplex auto
 speed auto
!
interface Serial2/1
 bandwidth 128
 ip address 192.168.123.3 255.255.255.0
 clock rate 128000
!
router eigrp 1
 network 192.168.0.0 0.0.255.255
 no auto-summary
This entry was posted in Routing. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s