Exam 400-101 | Question id=936 | Infrastructure Services |
Which of the following commands should you issue to increase the number of protocols that NBAR can classify and inspect?
A. |
ip nbar pdlm | |
B. |
ip nbar port-map | |
C. |
ip nbar protocol-discovery | |
D. |
ip nbar resources |
You should issue the ip nbar pdlm command to increase the number of protocols that Network Based Application Recognition (NBAR) can classify and inspect. NBAR enables a router to perform deep packet inspection for all packets that pass through an NBARenabled interface. Although NBAR supports several common applications and protocols, you can update or expand the base protocol support by installing Packet Description Language Modules (PDLMs). Cisco provides many PDLMs for download on its support website. PDLMs are stored in Flash memory.
Issuing the ip nbar portmap command does not increase the number of protocols that NBAR can classify and inspect; it modifies the mapping between NBARrecognized applications and their associated ports. NBAR supports a limited number of protocols and applications based on their wellknown port numbers. However, if an application or protocol has been configured to use nonstandard port numbers, you can issue the ip nbar portmap command to modify the NBAR configuration accordingly. For example, if Secure Shell (SSH) servers on the network are configured to listen on ports 22 and 2222, you should issue the ip nbar portmap ssh tcp 22 2222 command to configure NBAR to search for SSH on those ports.
Issuing the ip nbar protocoldiscovery command does not increase the number of protocols that NBAR can classify and inspect; it records traffic statistics on an interface based on packet content. After NBAR has been enabled on an interface, you can issue the servicepolicy input command to configure NBAR to classify inbound traffic or you can issue the servicepolicy output command to configure NBAR to classify outbound traffic.
Issuing the ip nbar resources command does not increase the number of protocols that NBAR can classify and inspect; it tunes NBAR's memory usage. You can issue the ip nbar resources command to adjust how quickly state information expires and how much system memory is available to NBAR recognized applications.