Dear CCIEW-Students, Unfortunately there are a lot of different ways mentioned in the workbooks, how to set up the correct QoS-ACL for mapping RTP and SIGNALING. What confuses me most is the usage of the same ranges of ports for matching on the src.- and dst.- ports im some examples. [SNIP] ! ip access-list extended RTP 10 permit udp any range 16384 32767 any range 16384 32767 <— same range src. and dst.?? ! ip access-list extended SIGNALING 10 permit tcp any any range 2000 2002 <— three ports for SKINNY? 20 permit tcp any any range 5060 5061 <— two ports for SIP? 21 permit udp any any range 5060 5061 <— two ports for SIP? 30 permit tcp any any eq 1720 —> H.323 is clear 40 permit tcp any any eq 2443 <— Secure Signalling?? ! [SNIP] Has anyone maybe traced RTP/SKINNY/SIP/… to get the correct mapping-ACL? I can’t find a hint in any best practice documentation. Thx. in advance …
MICHAEL RUETZ Senior IT Architekt/Engineering Manager, CCIE#5356
_______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc
