Cisco Cisco ASR 5000
ACS Rulebase Configuration Mode Commands
route priority ▀
Command Line Interface Reference, StarOS Release 18 ▄
767
description
must be an alphanumeric string of 1 through 63 characters.
Usage
Instances of this CLI command control which packets are routed to which protocol analyzers. Packets sent to
ACS are always passed through the IP protocol analyzer. This CLI command controls which higher layer
analyzers are also invoked.
ACS are always passed through the IP protocol analyzer. This CLI command controls which higher layer
analyzers are also invoked.
Analyzer
Common ways to route to the analyzer
dns
UDP destination port or source port is DNS (53).
file-
transfer
transfer
FTP and the command name is retr or stor; or, HTTP and the request method is get or post.
ftp
TCP destination port or source port is FTP control (21) or FTP data (20); or, ftp analyzer (for FTP control packets)
dynamically detected an FTP data flow over TCP (tcp dynamic-flow = ftp-data).
dynamically detected an FTP data flow over TCP (tcp dynamic-flow = ftp-data).
http
TCP destination port or source port is HTTP (80).
icmp
All IPv4 packets with IP protocol = ICMP (1) are automatically routed here.
imap
TCP destination port or source port is IMAP (143).
ip
All IPv4 packets are automatically routed here.
mipv6
MIPv6 analyser can be routed in one of the following ways:
All IPv4 UDP packets with destination port = 5846
All IPv4 UDP packets with destination port = 5846, and destination IP present in LMA server host-pool
All IPv6 packets with destination IP present in LMA server host-pool
mms
WSP content type is application/vnd.wap.mms-message; or, WSP uri contains “mms”; or, HTTP content type is
application/vnd.wap.mms-message; or, HTTP uri contains “mms”.
application/vnd.wap.mms-message; or, HTTP uri contains “mms”.
p2p
Use the
p2p dynamic-flow-detection
CLI command to enable detection of the different P2P applications
specified by the
p2p application
CLI command; that will cause every TCP or UDP packet to be automatically
routed here
pop3
TCP destination port or source port is POP3 (110).
radius
UDP source or destination port 1812 to be used.
rtp
and
rtcp
RTSP has embedded RTP/RTCP payloads (you need to enable RTP dynamic flow detection to catch those flows);
or, RTSP or SDP (for SDP within SIP) creates an RTP/RTCP flow over UDP (in addition to enabling the
aforementioned dynamic flow detection, you must make sure that UDP packets are routed to the UDP analyzer) or,
RTP/RTCP uses predefined UDP port numbers (e.g. default UDP port numbers of 5004/5005).
or, RTSP or SDP (for SDP within SIP) creates an RTP/RTCP flow over UDP (in addition to enabling the
aforementioned dynamic flow detection, you must make sure that UDP packets are routed to the UDP analyzer) or,
RTP/RTCP uses predefined UDP port numbers (e.g. default UDP port numbers of 5004/5005).
rtsp
TCP destination port or source port is RTSP (554).
sdp
RTSP or SIP content type is application/sdp
secure-
http
http
TCP destination port or source port is HTTPS (443). Note that HTTP may use the CONNECT method (see RFC
2817), in which case, the subscriber will be upgraded with transport layer security, but the traffic to/from the
chassis will still be HTTP and be passed through the http rather than the secure-http analyzer (assuming that routing
to the http analyzer has been configured).
2817), in which case, the subscriber will be upgraded with transport layer security, but the traffic to/from the
chassis will still be HTTP and be passed through the http rather than the secure-http analyzer (assuming that routing
to the http analyzer has been configured).
sip
UDP destination port or source port is SIP (5060).
smtp
TCP destination port or source port is SMTP (25).