QoS Network Based Application Recognition (NBAR)

When you create access-lists or QoS (Quality of Service) policies you normally use layer 1,2,3 and 4 information to match on certain criteria. NBAR (Network Based Application Recognition) adds application layer intelligence to our Cisco IOS router which means we can match and filter based on certain applications.

Let’s say you want to block a certain website like YouTube.com. Normally you would lookup the IP addresses that YouTube uses and block those using an access-list or perhaps police / shape them in your QoS policies. Using NBAR we can match on the website addresses instead of IP addresses.

For example, the following will match the domain name youtube.com directly:

R1(config)#class-map match-any BLOCKED R1(config-cmap)#match protocol http host "*youtube.com*" R1(config-cmap)#exit

https://networklessons.com/quality-of-service/block-website-with-nbar-on-cisco-router