• Flow source or destination direction
Byte Offset : Customization based on specific byte values in the payload
HTTP Customization
HTTP customization could be based on a combination of HTTP fields from:
• cookie - HTTP Cookie
• host - Host name of Origin Server containing resource
• method - HTTP method
• referrer - Address the resource request was obtained from
• url - Uniform Resource Locator path
• user-agent - Software used by agent sending the request
• version - HTTP version
• via - HTTP via field
HTTP Customization
Custom application called MYHTTP using the HTTP host “*mydomain.com” with Selector ID 10.
Device# configure terminal
Device(config)# ip nbar custom MYHTTP http host *mydomain.com id 10
SSL Customization
Customization can be done for SSL encrypted traffic using information extracted from the SSL Server Name
Indication (SNI) or Common Name (CN).
SSL Customization
Custom application called MYSSL using SSL unique-name “mydomain.com” with selector ID 11.
Device# configure terminal
Device(config)#ip nbar custom MYSSL ssl unique-name *mydomain.com id 11
DNS Customization
NBAR2 examines DNS request and response traffic, and can correlate the DNS response to an application.
The IP address returned from the DNS response is cached and used for later packet flows associated with that
specific application.
The command ip nbar custom application-name dns domain-name id application-id is used for DNS
customization. To extend an existing application, use the command ip nbar custom application-name dns
domain-name domain-name extends existing-application.
For more information on DNS based customization, see http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/
qos_nbar/configuration/xe-3s/asr1000/qos-nbar-xe-3s-asr-1000-book/nbar-custapp-dns-xe.html.
System Management Configuration Guide, Cisco IOS XE Amsterdam 17.2.x (Catalyst 9500 Switches)
146
Configuring Application Visibility and Control in a Wired Network
HTTP Customization
To Next Page
Loading...
