Ryan, Almost there,I add acl to match tcp H245 11000-65535 negotiation as well.
One more thing I don't use match protocol rtp audio , since cisco use even ports for rtp and odd one for rtcp. Instead I will create acl and match udp 16384 32767 to match both rtp and rtcp. Summary : add to more matches -acl udp 16384 32767 -acl tcp 11000-65535 Thanks Cyrus On Tue, Jan 20, 2009 at 3:47 AM, Ryan Trauernicht <ryanstudyvo...@gmail.com>wrote: > Thinking about my class-map to look like the following for marking on the > ingress > > Class-map match-any SCCP > > Match protocol skinny > > Match protocol h323 > > Match protocol mgcp > > Match protocol sip > > match ip dscp cs3 > > match ip dscp af31 > > Class-map match-any RTP > > Match protocol rtp audio > > match ip dscp ef > > > > any thoughts? > > On Mon, Jan 19, 2009 at 10:44 AM, Cyrus <cyrus....@gmail.com> wrote: > >> Ryan >> >> I will use it ,it's more easy to use NBAR than access lists. same result. >> High process utilization does not breaking any lab requirements if nothing >> specified. >> >> >> >> I know when it comes to lab exam, picking up the right tool becomes a >> nightmare ,I'm too fussy about it! :) >> >> >> Cyrus >> >> >> >> On Tue, Jan 20, 2009 at 3:01 AM, Ryan Trauernicht < >> ryanstudyvo...@gmail.com> wrote: >> >>> Anyone got thoughts on using NBAR for the lab to mark packets? >>> Best practice in the field is to use access-lists b/c NBAR causes to much >>> processor power, but will you be docked if you just used NBAR for protocols >>> (skinny, h323, mgcp, sip)? >>> >>> Thanks, >>> Ryan Trauernicht >>> >> >> >> >> -- >> Sirus Moghadasian >> CCIE #21862 (R&S) >> > > -- Sirus Moghadasian CCIE #21862 (R&S)
