Does 6509 support NBAR ?

ted_wen · ‎01-24-2007

Hi all :

I'm going configure NBAR at Cisco6509 with Sup720-3B . But when I implement to interface (Layer3 interface or vlan interface) there will appear this messages :"c6509-1(config-if)#service-policy input p2p-policy

Cannot add a filter requiring NBAR while policymap is installed in HW.

Remove the service policy from the interface, add the filter and then attach th

e service policy to the interface"

and these Line Card are WS-X6516-GBIC / WS-X6316-GE-TX / WS-X6348-RJ-45/WS-X6724-SFP ,Does these modules not support NBAR ?

I need some body help me ... Thanks all .

B/R

Ted Wen.

pciaccio · ‎01-25-2007

In order to implement NBAR you must make sure that CEF is enabled on the layer 3 portion of your 6509. Then you must enable NBAR under the interface IP NBAR PROTOCOL-DISCOVERY. Once NBAR is enabled it starts to track all packets that go through the interface and if the PDLM is up to date on your flash, then it will provide to you a break down of the applications that it sees. If you need more robust PDLM's then you can download them off the Cisco website. Now that you have NBAR enabled and capturing, then you can setup your QOS and start to classify the traffic, then police it and apply the policy to your interface....

wochanda · ‎01-25-2007

It isn't a good idea to enable NBAR on a 6500, as it is not supported in hardware. If the interface accepts the command, all packets going through that interface will rely on the MSFC CPU to forward the packets, severely decreasing the max throughput of the box.

ted_wen · ‎01-25-2007

I see ! thanks your suggestion. I'll

carefully try this .

B/R

Ted Wen