02-02-2009 04:43 AM
Hi,
Just wondering if these two class maps accomplish the same goal:
class-map match-all VoIP-1
match protocol rtp audio
class-map match-all VoIP-2
match access-group 123
!
access-list 123 permit udp any any range 16384 32767
thanks!
Solved! Go to Solution.
02-03-2009 05:48 AM
That is the same as your access list. It's not deep packet inspection like the match protocol statement. The 2nd number there is a range, and is an alternative to using an ACL.
-nick
02-02-2009 06:52 PM
Hi,
These are actually quite different.
If you have a Cisco only VoIP deployment, they should be equivalent. The 16384 - 32767 is a Cisco only standard. Many SIP providers and other voice applications will use ports 10000-70000.
The first uses NBAR (requires CEF), and looks inside the packet for a RTP header. If you're worried about CPU utilization this would kick up a bit.
The optimal matching would be to ensure you have a switched network that is trusting DSCP and mark/match it EF.
hth,
nick
02-03-2009 12:58 AM
OK
No worries about CPU utilization I just trying to understand how to match VoIP traffic in a Cisco network. Also found this ACL:
match ip rtp 16384 16383
Is it also suppose to match VoIP traffic?
thanks!
02-03-2009 05:48 AM
That is the same as your access list. It's not deep packet inspection like the match protocol statement. The 2nd number there is a range, and is an alternative to using an ACL.
-nick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide