Application Mapping INOP
When I look at the IOS interfaces facing our ISP peers, I look at the "Conversation" tab in the "in" direction. I notice that most of my top ten conversations in the past hour are with both LimeLight Networks and Akamai and are roughly 1 GB.
I want to classify (Application Mapping) conversations to/from LLN and Akamai as a custom application so that management can see just what type of application consuming most of our internet bandwidth without having to try to understand what an IP range is (you know, its management).
So using the addresses I look at ARIN to get their whole IP address range. I want ANY ip address, any protocol in the IP ranges I find at ARIN to be mapped to a custom named application.
Below is a sample.
Port Number Protocol Name IP Address Application
0 to 255 IP 72.246.0.0 - 72.247.255.255 Netmask: 255.254.0.0 AAA-MM-Akamai-72.246.0.0/15
0 to 255 IP 208.111.128.0 - 208.111.191.255 Netmask: 255.255.192.0 AAA-MM-LimeLight_Networks
I made these changes more than one hour ago, nearly two hours ago. However, the last hour report has not "mapped" these conversations to my new names.
Let us remember that I want to classify absolutely everything that traverses over IP to/from these networks as such. Therefore, I don't focus on just TCP, I focus on IP. And according to RFC 790 in the "ASSIGNED INTERNET PROTOCOL NUMBERS" section, the valid decimal value is 0-255. Note, this is the IP layer and IP protocol numbers are used. This is not about TCP or UDP ports, which TCP and UDP port decimal values of 0-65535.
What is wrong with the way I am trying to do it following RFC values? Why is this not working?
I want to classify (Application Mapping) conversations to/from LLN and Akamai as a custom application so that management can see just what type of application consuming most of our internet bandwidth without having to try to understand what an IP range is (you know, its management).
So using the addresses I look at ARIN to get their whole IP address range. I want ANY ip address, any protocol in the IP ranges I find at ARIN to be mapped to a custom named application.
Below is a sample.
Port Number Protocol Name IP Address Application
0 to 255 IP 72.246.0.0 - 72.247.255.255 Netmask: 255.254.0.0 AAA-MM-Akamai-72.246.0.0/15
0 to 255 IP 208.111.128.0 - 208.111.191.255 Netmask: 255.255.192.0 AAA-MM-LimeLight_Networks
I made these changes more than one hour ago, nearly two hours ago. However, the last hour report has not "mapped" these conversations to my new names.
Let us remember that I want to classify absolutely everything that traverses over IP to/from these networks as such. Therefore, I don't focus on just TCP, I focus on IP. And according to RFC 790 in the "ASSIGNED INTERNET PROTOCOL NUMBERS" section, the valid decimal value is 0-255. Note, this is the IP layer and IP protocol numbers are used. This is not about TCP or UDP ports, which TCP and UDP port decimal values of 0-65535.
What is wrong with the way I am trying to do it following RFC values? Why is this not working?