QoS: NBAR Configuration Guide, Cisco IOS XE Release 3S
Enabling Protocol Discovery
Downloads: This chapterpdf (PDF - 1.32MB) The complete bookPDF (PDF - 2.67MB) | Feedback

Enabling Protocol Discovery

Enabling Protocol Discovery

Network-Based Application Recognition (NBAR) includes a feature called Protocol Discovery. Protocol discovery provides an easy way to discover the application protocol packets that are passing through an interface. When you configure NBAR, the first task is to enable protocol discovery.

This module contains concepts and tasks for enabling the Protocol Discovery feature.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Prerequisites for Enabling Protocol Discovery

Before enabling Protocol Discovery, read the information in the "Classifying Network Traffic Using NBAR" module.

Restrictions for Enabling Protocol Discovery

NBAR protocol discovery does not support the following:

  • Asymmetric flows with stateful protocols.

Note


In the NBAR context, asymmetric flows are the flows in which different packets of the flow go through different routers, for reasons such as load balancing implementation or asymmetric routing where packets flow through different routes to different directions.


  • NBAR processing. By design, NBAR processing is temporarily disabled during the In-Service Software Upgrade (ISSU). The following syslog message indicates restart of NBAR classification once ISSU is complete.

"%NBAR_HA-5-NBAR_INFO: NBAR sync DONE!"

  • Multicast packet classification.
  • Multiprotocol Label Switching (MPLS)-labeled packets. NBAR classifies IP packets only. You can, however, use NBAR to classify IP traffic before the traffic is handed over to MPLS. Use the modular quality of service (QoS) CLI (MQC) to set the IP differentiated services code point (DSCP) field on the NBAR-classified packets and make MPLS map the DSCP setting to the MPLS experimental (EXP) setting inside the MPLS header.
  • Non-IP traffic.
  • Packets that originate from or that are destined to the router running NBAR.

NBAR is not supported on the following logical interfaces:

  • Dialer interfaces
  • Dynamic tunnels such as Dynamic Virtual Tunnel Interface (DVTI)
  • Fast Etherchannels
  • IPv6 tunnels that terminate on the device
  • MPLS
  • Overlay Transport Virtualization (OTV) overlay interfaces

Note


In cases where encapsulation is not supported by NBAR on some links, you can apply NBAR on other interfaces of the device to perform input classification. For example, you can configure NBAR on LAN interfaces to classify output traffic on the WAN link.
The following virtual interfaces are supported depending on the image of your Cisco IOS:
  • Generic routing encapsulation (GRE)
  • IPsec IPv4 tunnel (including tunneled IPv6) in protocol discovery mode and MQC mode
  • IPsec IPv6 tunnel in protocol discovery mode but not in MQC mode
  • Multipoint GRE/Dynamic Multipoint VPN (DMVPN) in protocol discovery mode

Note


NBAR requires more CPU power when NBAR is enabled on tunneled interfaces.

If protocol discovery is enabled on both the tunnel interface and the physical interface on which the tunnel interface is configured, the packets that are designated to the tunnel interface are counted on both interfaces. On the physical interface, the packets are classified and are counted based on the encapsulation. On the tunnel interface, packets are classified and are counted based on the Layer 7 protocol.


Note


You cannot use NBAR to classify output traffic on a WAN link where tunneling or encryption is used. Therefore, you should configure NBAR on other interfaces of the router (such as a LAN link) to perform input classification before the traffic is switched to the WAN link.


Information About Protocol Discovery

Protocol Discovery Overview

The Protocol Discovery feature of NBAR provides an easy way of discovering the application protocols passing through an interface so that appropriate QoS features can be applied.

NBAR determines which protocols and applications are currently running on your network. Protocol discovery provides an easy way of discovering the application protocols that are operating on an interface so that appropriate QoS features can be applied. With protocol discovery, you can discover any protocol traffic that is supported by NBAR and obtain statistics that are associated with that protocol.

Protocol discovery maintains the following per-protocol statistics for enabled interfaces:

  • Total number of input packets and bytes
  • Total number of output packets and bytes
  • Input bit rates
  • Output bit rates

These statistics can be used when you define classes and traffic policies (sometimes known as policy maps) for each traffic class. The traffic policies (policy maps) are used to apply specific QoS features and functionality to the traffic classes.

Interface Scalability

Depending on your release, there is a limit on the number of interfaces on which protocol discovery can be enabled.

The following table provides the details of the protocol discovery supported interface and the release number:

Table 1 Release and Protocol Discovery Interface Support

Release

Number of Interfaces Supported with Protocol Discovery

Releases prior to Cisco IOS XE Release 2.5

No restriction

Cisco IOS XE Release 2.5

128

Cisco IOS XE Release 2.6

256

Cisco IOS XE Release 2.7

32

Cisco IOS XE Release 3.2S and later

32

How to Enable Protocol Discovery

Enabling Protocol Discovery on an Interface

Perform this task to enable protocol discovery on an interface.

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    interface type number [name-tag]

    4.    ip nbar protocol-discovery [ipv4 | ipv6]

    5.    end


DETAILED STEPS
     Command or ActionPurpose
    Step 1 enable


    Example:
    Router> enable
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.
     
    Step 2 configure terminal


    Example:
    Router# configure terminal
     

    Enters global configuration mode.

     
    Step 3 interface type number [name-tag]


    Example:
    Router(config)# interface fastethernet1/1/1
     

    Configures an interface type and enters interface configuration mode.

    • Enter the interface type and the interface number.
     
    Step 4 ip nbar protocol-discovery [ipv4 | ipv6]


    Example:
    Router(config-if)# ip nbar protocol-discovery
     

    Configures NBAR to discover traffic for all protocols that are known to NBAR on a particular interface.

    • (Optional) Enter the ipv4 keyword to enable protocol discovery statistics collection for IPv4 packets, or enter the ipv6 keyword to enable protocol discovery statistics collection for IPv6 packets.
    • Specifying either of these keywords enables the protocol discovery statistics collection for the specified IP version only. If neither keywords is specified, statistics collection is enabled for both IPv4 and IPv6.
    • The no form of this command is not required to disable a keyword because the statistics collection is enabled for the specified keyword only.
     
    Step 5 end


    Example:
    Router(config-if)# end
     

    (Optional) Exits interface configuration mode.

     

    Reporting Protocol Discovery Statistics

    Perform this task to display a report of the protocol discovery statistics per interface.

    SUMMARY STEPS

      1.    enable

      2.    show policy-map interface type number

      3.    show ip nbar protocol-discovery [interface type number] [stats {byte-count | bit-rate | packet-count| max-bit-rate}] [protocol protocol-name | top-n number]

      4.    exit


    DETAILED STEPS
       Command or ActionPurpose
      Step 1 enable


      Example:
      Router> enable
       

      Enables privileged EXEC mode.

      • Enter your password if prompted.
       
      Step 2 show policy-map interface type number


      Example:
      Router# show policy-map interface FastEthernet 1/1/1
       

      (Optional) Displays the packet and class statistics for all policy maps on the specified interface.

      • Enter the interface type and interface number.
       
      Step 3 show ip nbar protocol-discovery [interface type number] [stats {byte-count | bit-rate | packet-count| max-bit-rate}] [protocol protocol-name | top-n number]


      Example:
      Router# show ip nbar protocol-discovery interface Fastethernet1/1/1
       

      Displays the statistics gathered by the NBAR Protocol Discovery feature.

      • (Optional) Enter keywords and arguments to fine-tune the statistics displayed. For more information on each of the keywords, refer to the show ip nbar protocol-discovery command in Cisco IOS Quality of Service Solutions Command Reference.
       
      Step 4 exit


      Example:
      Router# exit
       

      (Optional) Exits privileged EXEC mode.

       

      Configuration Examples for Protocol Discovery

      Example: Enabling Protocol Discovery on an Interface

      In the following sample configuration, protocol discovery is enabled on Fast Ethernet interface 1/1/1:

      Router> enable
      Router# configure terminal
      Router(config)# interface fastethernet1/1/1
      Router(config-if)# ip nbar protocol-discovery
      Router(config-if)# end
      
       
      		

      In the following sample configuration, protocol discovery is enabled on Fast Ethernet interface 1/1/2 for IPv6 packets:

      Router> enable
      Router# configure terminal
      Router(config)# interface fastethernet1/1/2
      Router(config-if)# ip nbar protocol-discovery ipv6
      Router(config-if)# end
      
       
      		

      In the following sample configuration, protocol discovery is enabled on Fast Ethernet interface 1/1/2 for IPv6 packets. Later, the protocol discovery is enabled for IPv4 packets and this does not require the no form for the ipv6 keyword.

      Router> enable
      Router# configure terminal
      Router(config)# interface fastethernet1/1/2
      Router(config-if)# ip nbar protocol-discovery ipv6
      Router(config-if)# ip nbar protocol-discovery ipv4
      Router(config-if)# end
      
       
      	 

      Example: Reporting Protocol Discovery Statistics

      The following sample output from the show ip nbar protocol-discovery command displays the five most active protocols on the Fast Ethernet interface 2/0/1:

      Router# show ip nbar protocol-discovery top-n 5
       
       FastEthernet2/0/1
                                  Input                    Output                  
                                  -----                    ------                  
        Protocol                  Packet Count             Packet Count            
                                  Byte Count               Byte Count              
                                  30sec Bit Rate (bps)     30sec Bit Rate (bps)    
                                  30sec Max Bit Rate (bps) 30sec Max Bit Rate (bps)
      --------------------------- ------------------------ ------------------------
         rtp                      3272685                  3272685                           
                                  242050604                242050604                         
                                  768000                   768000                            
                                  2002000                  2002000                           
         gnutella                 513574                   513574                            
                                  118779716                118779716                         
                                  383000                   383000                            
                                  987000                   987000                            
         ftp                      482183                   482183                            
                                  37606237                 37606237                          
                                  121000                   121000                            
                                  312000                   312000                            
         http                     144709                   144709                            
                                  32351383                 32351383                          
                                  105000                   105000                            
                                  269000                   269000                            
         netbios                  96606                    96606                             
                                  10627650                 10627650                          
                                  36000                    36000                             
                                  88000                    88000                             
         unknown                  1724428                  1724428                           
                                  534038683                534038683                         
                                  2754000                  2754000                           
                                  4405000                  4405000                           
         Total                    6298724                  6298724                           
                                  989303872                989303872                         
                                  4213000                  4213000                           
                                  8177000                  8177000 

      Additional References

      Related Documents

      Related Topic

      Document Title

      Cisco IOS commands

      Cisco IOS Master Commands List, All Releases

      QoS commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples

      Cisco IOS Quality of Service Solutions Command Reference

      Concepts and information about NBAR

      "Classifying Network Traffic Using NBAR" module

      MQC

      "Applying QoS Features Using the MQC" module

      Standards

      Standard

      Title

      No new or modified standards are supported, and support for existing standards has not been modified.

      --

      MIBs

      MIB

      MIBs Link

      No new or modified MIBs are supported, and support for existing MIBs has not been modified.

      To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL:

      http:/​/​www.cisco.com/​go/​mibs

      Technical Assistance

      Description

      Link

      The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

      http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

      Feature Information for Enabling Protocol Discovery

      The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

      Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

      Table 2 Feature Information for Enabling Protocol Discovery

      Feature Name

      Releases

      Feature Information

      Protocol Discovery

      Cisco IOS XE 2.1 Cisco IOS XE 3.3S

      This feature was introduced on Cisco ASR 1000 Series Routers.

      The following sections provide information about this feature:

      The following commands were introduced: ip nbar protocol discovery, show ip nbar protocol discovery.