Well, this way you classify more ports than the real ones used by the CCM, but all the required are in the list, so i think it does not hurt. Like Vik said sometime ago, this is not a test of ports.
I decided to run some sniffers on the CCM port to learn more about the function of each signalling port so if it is necessary to configure this, i would do it more because i understand that because i memorize them, however i do use the help of ios command "show ip port-map" (not sure of the syntaxis) to complete the list. I think we have a lots of things to memorize, so this is at least one thing less to put in my nvram. //r.a. On Mon, Oct 27, 2008 at 6:18 PM, Sergio Polizer <[EMAIL PROTECTED]>wrote: > Does someone see any problem if we classify the CM sig. like this? > > Udp any any range 1718 1720 > Udp any range 1718 1720 any > Tcp any any range 1718 1720 > Tcp any range 1718 1720 any > > Tcp any any eq 5060 > Tcp any eq 5060 any > Udp any any eq 5060 > Udp any eq 5060 any > > Udp any eq 2427 any > Tcp any eq 2428 any > tcp any any range 1024 4999 > tcp any eq range 2000 2002 any > > ------------------------------ > > From: [EMAIL PROTECTED] > Date: Mon, 27 Oct 2008 09:18:56 -0400 > To: [EMAIL PROTECTED] > CC: ccie_voice@onlinestudylist.com > > Subject: Re: [OSL | CCIE_Voice] CCM Signalling Port ACL > > Ah ok thats true. For me i think any kind of lan qos on the 6500 is just a > time demon. The hardware is so old and unreliable you could be on your way > to a $1400 lunch real quick if it decides to play games with you. > > That said the srnd has most of the ports in it along with all the crazy > catos syntax. > > > ------------------------------ > > From: Ricardo Arevalo <[EMAIL PROTECTED]> > Sent: Monday, October 27, 2008 8:34 AM > To: Chris Parker <[EMAIL PROTECTED]> > Cc: Jacob Owen <[EMAIL PROTECTED]>; ccie_voice@onlinestudylist.com > Subject: Re: [OSL | CCIE_Voice] CCM Signalling Port ACL > > > Hi Chris, you are right, but only if you are asked to configure > classification in Router, and not to use ACLs. > > But what Jacob is talking here is about signalling classification > configuration in Cat6500 with CATOS, where nbar is not available. > > //r.a. > > On Sun, Oct 26, 2008 at 10:47 PM, Chris Parker <[EMAIL PROTECTED]> wrote: > > I know nbar is something one should use sparingly in real life, but why not > use it in the lab? > > All you would need is: > > class-map match-all ef > match protocol rtp audio > class-map match-any cs3 > match protocol sip > match protocol h323 > match protocol mgcp > match protocol skinny > > Along with nbar protocol discovery on the related interfaces. Am I crazy > for suggesting this? Why couldn't this work? Is nbar not present in the lab > IOS? What's the gotya? > > Chris > > > Jacob Owen wrote: > > Does someone have a "100% correct" Signalling ACL ports to apply to say > mark DSCP values on a 6500 for traffic coming in from Call Manager? I have > found 3-4 references in the IPExpert material but they all seem to be saying > different things. This is what I believe so far, if my to/from is backwards > please let me know: > > _*Signalling:*_ > permit tcp any range 2000 2002 any (SCCP) > permit udp any eq 2427 any (MGCP) > permit tcp any eq 2428 any (MGCP) > permit udp any any eq 1719 (H323) > permit tcp any any eq 1720 > permit tcp any any range 11000 11999 (H323 Slow Start) > permit tcp any eq 5060 any (SIP) > permit tcp any any eq 5060 (SIP) > > _*Bearer:*_ > permit udp any any range 16384 32767 > permit udp any range 16384 32767 any > > Thanks. > > > -- > Jacob Owen > CCIE #14063 (R&S, Service Provider), CCDP, CCVP > > > > > ------------------------------ > Receba GRÁTIS as mensagens do Messenger no seu celular quando você estiver > offline. Conheça o MSN Mobile! Crie já o > seu!<http://mobile.live.com/signup/signup2.aspx?lc=pt-br> >
