Metadata Configuration Guide Cisco IOS Release 15M&T
Metadata NBAR Integration
Downloads: This chapterpdf (PDF - 1.28MB) The complete bookPDF (PDF - 2.53MB) | The complete bookePub (ePub - 444.0KB) | Feedback

Metadata NBAR Integration

Metadata NBAR Integration

The Metadata NBAR Integration feature integrates Network-Based Application Recognition (NBAR) with metadata so that NBAR is enabled as the source for metadata. The flow information gathered from NBAR is stored and propagated using metadata.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Information About Reverse Flow Metadata Support

Benefits of Metadata NBAR Integration

The flow information from NBAR is generated only on the node on which NBAR is configured and is not available to the downstream devices. To gather flow information, NBAR must be enabled on all downstream devices. Enabling NBAR on all downstream devices may not be possible always because some nodes may be incapable of performing deep packet inspection (DPI). When NBAR is integrated with metadata, metadata information can be propagated to downstream nodes using Resource Reservation Protocol (RSVP), thereby substituting NBAR for DPI whenever DPI is not possible.

Metadata NBAR Integration

NBAR as a source for metadata is enabled by default when you create a class map with metadata-based filters, create a policy map that uses the class, and attach the policy map to the target.

You can disable NBAR as a source for metadata by using the no metadata nbar command.


Note


NBAR does not support the telepresence-data, vmware-view, webex-video, webex-voice, and wyze-zero-client application types.


How to Configure Reverse Flow Metadata Support

Integrating NBAR with Metadata

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    metadata flow

    4.    metadata flow transmit

    5.    class-map class-map-name

    6.    match application application-name

    7.    exit

    8.    policy-map policy-map-name

    9.    class class-map-name

    10.    exit

    11.    exit

    12.    interface type number

    13.    service-policy {input | output} policy-map-name

    14.    exit


DETAILED STEPS
     Command or ActionPurpose
    Step 1 enable


    Example:
    Device> enable
              
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.

     
    Step 2configure terminal


    Example:
    Device# configure terminal
    
     

    Enters global configuration mode.

     
    Step 3metadata flow


    Example:
    Device(config)# metadata flow
     

    Enables metadata on a device.

     
    Step 4metadata flow transmit


    Example:
    Device(config)# metadata flow transmit
     

    Enables RSVP transmission of information flows to downstream devices.

     
    Step 5class-map class-map-name


    Example:
    Device(config)# class-map c1
     

    Creates a class map that is to be used for matching packets to a specified class, and enters QoS class-map configuration mode.

     
    Step 6match application application-name


    Example:
    Device(config-cmap)# match application webex-meeting
     

    Classifies an application based on the specified application name.

     
    Step 7exit


    Example:
    Device(config-cmap)# exit
     

    Exits QoS class-map configuration mode.

     
    Step 8policy-map policy-map-name


    Example:
    Device(config)# policy-map p1
     

    Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy, and enters QoS policy-map configuration mode.

     
    Step 9class class-map-name


    Example:
    Device(config-pmap)# class c1
     

    Specifies the name of the class whose policy you want to create or change, and enters QoS policy-map class configuration mode.

     
    Step 10exit


    Example:
    Device(config-pmap-c)# exit
     

    Exits QoS policy-map class configuration mode and enters QoS policy-map configuration mode.

     
    Step 11exit


    Example:
    Device(config-pmap)# exit
     

    Exits QoS policy-map configuration mode and enters global configuration mode.

     
    Step 12interface type number


    Example:
    Device(config)# interface gigabitethernet 0/0
     

    Specifies the interface type and number and enters interface configuration mode.

     
    Step 13service-policy {input | output} policy-map-name


    Example:
    Device(config-if)# service-policy output p1
     

    Attaches a policy map to an input interface, a virtual circuit (VC), an output interface, or a VC that will be used as the service policy for the interface or VC.

     
    Step 14exit


    Example:
    Device(config-if)# exit
     

    Exits interface configuration mode and returns to global configuration mode.

     

    Configuration Examples for Metadata NBAR Integration

    Example: Integrating NBAR with Metadata

    The following example shows how to create a class map with metadata-based filters, create a policy map that uses the class, and attach the policy map to a target, thereby enabling NBAR as a source for metadata:

    Device> enable
    Device# configure terminal
    Device(config)# metadata flow
    Device(config)# metadata flow transmit
    Device(config)# metadata flow reverse transmit
    Device(config)# class-map c1
    Device(config-cmap)# match application webex-meeting
    Device(config-cmap)# exit
    Device(config)# policy-map p1
    Device(config-pmap)# class c1
    Device(config-pmap-c)# exit
    Device(config-pmap)# exit
    Device(config)# interface gigabitethernet 0/0
    Device(config-if)# service-policy output p1
    Device(config-if)# exit
    

    Additional References

    Related Documents

    Related Topic

    Document Title

    Cisco IOS commands

    Master Command List, All Releases

    Metadata commands

    Quality of Service Solutions Command Reference

    Technical Assistance

    Description

    Link

    The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

    http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

    Feature Information for Metadata NBAR Integration

    The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

    Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

    Table 1 Feature Information for Metadata NBAR Integration

    Feature Name

    Releases

    Feature Information

    Metadata NBAR Integration

    15.2(4)M

    The Metadata NBAR Integration feature provides integration of NBAR with metadata so that NBAR acts as the source for metadata, and the flow information gathered from NBAR is stored and propagated using metadata.

    The following commands were introduced or modified: debug metadata nbar, metadata flow transmit, metadata source nbar.