12-07-2009 01:05 AM - edited 03-06-2019 08:51 AM
Hi All,
Does Cisco 6509 support NBAR ? do i need a FlexWAN module to implement the NBAR ?
Module:
WS-SUP32-10GE-3B ,
WS-F6K-MSFC2A,
IOS:
s3223-ipservices_wan-mz-1.122-18.SXF13.bin
Thanks
GD
12-07-2009 03:33 AM
liuguiqing wrote:
Hi All,
Does Cisco 6509 support NBAR ? do i need a FlexWAN module to implement the NBAR ?
Module:
WS-SUP32-10GE-3B ,
WS-F6K-MSFC2A,
IOS:
s3223-ipservices_wan-mz-1.122-18.SXF13.bin
Thanks
GD
NBAR is only officially supported on the 6500 when using a Sup32 with a PISA card and even then turning on NBAR drastically downgrades throughput.
Even though some of the commands might be available for the Sup720 you should not enable them as this means all packets are then software prcoessed and this will severely affect throughput. NBAR is every CPU intensive hence the reason you don't find it switches.
Netflow would be a much better choice for the 6500 with sup720.
Jon
12-08-2009 10:17 PM
Hi jon.marshall ,
I want to limit the Bitorrent download and upload on the 6509 .
About 400Mbps traffice pass through the Cisco 6509 , Can i do NBAR ? will it cause hight CPU ? all packets are software prcoessed even install FlexWan module in 6509 ?
Thanks
Liuguiqing
12-09-2009 01:56 AM
As I understand, you would like to know about the SUP-32 supporting NBAR. NBAR is only supported on sup 32 with PISA not without PISA
These links will give you additional information :
1. Sup32 Pisa supports NBAR and can handle upto 2 Gbps maximum throughput for deep packet inspection .
The PISA is capable of accelerating intelligent services such as NBAR and FPM at 2-Gbps speeds for Internet mix (IMIX) traffic, which is
optimal for standard campus access networks of typical enterprises using a pair of Gigabit Ethernet Small Form-Factor Pluggable (SFP) uplinks to
each distribution layer switch.
http://www.cisco.com/en/US/prod/collateral/modules/ps2797/ps7209/prod_qas0900aecd805a0e95.html
<http://www.cisco.com/en/US/prod/collateral/modules/ps2797/ps7209/prod_qas0900aecd805a0e95.html>
2. Layer 2 NBAR is not supported on Layer 2 interfaces that are configured as part of a service module (such as FWSM and IDSM) when
those service modules are configured in inline mode (that is, network traffic is in a direct path through the service module).
FPM and NBAR policies can be applied on any Layer 3 LAN port (routed ports, SVIs, port channels) on the Supervisor Engine 32 PISA. They
cannot be applied to WAN interfaces or MPLS VPN/tunnel interfaces.
http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/clsfy_traffic_nbar.html#wp1128904
<http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/clsfy_traffic_nbar.html#wp1128904>
3. Also providing the data sheet for the SUP32-PISA.
http://www.cisco.com/en/US/prod/collateral/modules/ps2797/ps7209/product_data_sheet0900aecd805a6b87_ps708_Products_Data_Sheet.html
<http://www.cisco.com/en/US/prod/collateral/modules/ps2797/ps7209/product_data_sheet0900aecd805a6b87_ps708_Products_Data_Sheet.html>
Regards,
Varun
12-10-2009 12:05 AM
Hi Varun , Thanks for you greate help .
Our 6509 is supervisor32 without PISA, so it cannot support NBAR .
12-10-2009 12:08 AM
Unfortunatly it wont support NBAR. NBAR was one of the main reason behind coming up with Pisa.
regards,
Varun
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide