There's a shroud of mystery around protocol port mappings. It's documented one way, taught another, but no one really knows what the proctor is looking for. To me, the definitive answer would be to look at the open ports on servers ("netstat -a" from CMD), and the open ports on the routers ("sh ip sockets"). This will show the exact ports being used by the active devices, including src/dst and udp/tcp (IP 17 and 6 respectively); however, this may not be what the proctor is looking for. For example, if you're using UDP for SIP, there will not be an open TCP port. If the proctor sees that you've only included udp 5060 for SIP, he may deduct points. For something like this, there should be a right way; otherwise, we should be able to just remember the port numbers and use tcp/udp src/dst for all signaling traffic. It doesn't make sense to me that we can be overkill with some, but not with others. Since my lab is next week, I'm going to just memorize it per IPExpert and hope for the best, instead of trying to make sense of it. I think it's worth bringing up to the proctors though.
Anyone have any thoughts or suggestions on this? Greg Jost Network Consulting Engineer Unified Communications Practice Cisco Systems, Inc. 214-274-1922