nanog mailing list archives

RE: identifying application type of network traffic

From: "Cheung, Rick" <Rick.Cheung () nextelpartners com>
Date: Thu, 16 Dec 2004 14:55:41 -0600


        I believe NBAR stats are accessible via SNMP, so you can use MRTG to
graph application utilization.

http://vermeer.org/display_doc.php?doc_id=6



___________________________________________________________________

Thanks,
Rick Cheung


-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
Adam Atkinson
Sent: Thursday, December 16, 2004 11:17 AM
To: NANGO
Subject: RE: identifying application type of network traffic

Currently, I use (protocol, port_number) as indicator
of application. Referring to rfc on wellknown protocol
and port allocation, I can only identity about 50% of
traffic type.

Is there a complete  (protocol, port_number) list ? or
is there a better way to identify application type
based on netflow data?


Cisco's "Network Based Application Recognition" can recognise quite
a few things, particularly a fair few p2p applications. It looks
at the actual contents of packets, not just the port numbers.


This message, including any attachments, contains confidential information intended for a specific
individual and purpose and is protected by law. If you are not the intended recipient, please contact
sender immediately by reply e-mail and destroy all copies. 
You are hereby notified that any disclosure, copying, or distribution of this message, or the taking 
of any action based on it, is strictly prohibited.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email
and any attachments for the presence of viruses. The sender accepts no liability for any damage 
caused by any virus transmitted by this email. E-mail transmission cannot be guaranteed 
to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive 
late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors 
or omissions in the contents of this message, which arise as a result of e-mail transmission.

Current thread:

identifying application type of network traffic Joe Shen (Dec 15)
- Re: identifying application type of network traffic Suresh Ramasubramanian (Dec 15)
- <Possible follow-ups>
- RE: identifying application type of network traffic Joe Shen (Dec 16)
  - Re: identifying application type of network traffic Suresh Ramasubramanian (Dec 16)
- RE: identifying application type of network traffic Antonio Sanchez-Monge (Dec 16)
- RE: identifying application type of network traffic Adam Atkinson (Dec 16)
- RE: identifying application type of network traffic Cheung, Rick (Dec 16)