NBAR2 Protocol Pack 7.1.0
Release Notes for NBAR2 Protocol Pack 7.1.0
Downloads: This chapterpdf (PDF - 1.18MB) The complete bookPDF (PDF - 8.83MB) | Feedback

Release Notes for NBAR2 Protocol Pack 7.1.0

Release Notes for NBAR2 Protocol Pack 7.1.0

Overview

NBAR2 Protocol Pack 7.1.0 contains the Enhanced Web Classification feature that supports multi-transactions export of URLs. For more information on this feature, see Classifying Network Traffic Using NBAR.

Supported Platforms

Network Based Application Recognition (NBAR) Protocol Pack 7.1.0 is supported on Cisco ASR 1000 Series Aggregation Services Routers.

Updated Protocols in NBAR2 Protocol Pack 7.1.0

The following protocols are updated in NBAR2 Protocol Pack 7.1.0:

Protocol

Updates

ms-lync

Updated signatures to support Microsoft Lync 2013.

netflix

Updated signatures.

sip

Updated signatures.

sling

Updated signatures to support mac client.

ssl

Updated signatures.

youtube

Updated signatures.

Caveats in NBAR2 Protocol Pack 7.1.0


Note


If you have an account on Cisco.com, you can also use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and go to http:/​/​www.cisco.com/​pcgi-bin/​Support/​Bugtool/​launch_​bugtool.pl. (If the defect that you have requested cannot be displayed, this may be due to one or more of the following reasons: the defect number does not exist, the defect does not have a customer-visible description yet, or the defect has been marked Cisco Confidential.)


Resolved Caveats in NBAR2 Protocol Pack 7.1.0

The following table lists the resolved caveats in NBAR2 Protocol Pack 7.1.0:

Resolved Caveat

Description

CSCuh95182

Some qqlive traffic may be misclassified as qq-accounts when qqlive is configured under a class-map

CSCui53625

SSL sub classification will not be matched if a built-in protocol was matched in the SSL client-hello message

CSCui58918

SIP related protocols classification and RTP sub-classification may fail when compact headers are used

CSCui58922

SIP related protocols classification and RTP sub-classification may fail when field extraction is activated and the 'contact' or 'from' fields do not contain '@'.

CSCui76906

The drop policy may not work for ms-office-web-apps protocol

CSCui84201

The drop policy may not work for sky-drive protocol

CSCui85573

Cisco-jabber-video and cisco-phone might be misclassified when configured under a class-map

CSCui85652

Cisco-jabber-video for windows may not be classified correctly

CSCuj07892

Microsoft Lync might be misclassified in certain scenarios

Known Caveats in NBAR2 Protocol Pack 7.1.0

The following table lists the known caveats in NBAR2 Protocol Pack 7.1.0:

Known Caveat

Description

CSCub62860

gtalk-video might be misclassified as rtp

CSCub89835

gbridge pc client might not be blocked

CSCuc43505

Traffic generated by AIM Pro might be misclassified as unknown and webex-meeting

CSCug12174

Under heavy SSL traffic, the following error message my appear: ": %STILE_CLIENT-4-MAX_LINK_TOUCH_WARN: F0: cpp_cp: NBAR number of flow-slinks threshold is reached, can't allocate more memory for flow-slinks"

CSCuh49380

PCoIP session-priority configuration limitation

CSCuh53623

Segmented packets are not classified when using NBAR sub classification

CSCui50424

When using Microsoft Lync in Office-365, the traffic might be misclassified as rtp or SSL

CSCui72228

Matching under ms-office-web-apps attributes might be misclassified

CSCuj58064

Field-Extraction of SSL unique-name might not work in particular cases

Restrictions and Limitations in NBAR2 Protocol Pack 7.1.0

The following table lists the limitations and restrictions in NBAR2 Protocol Pack 7.1.0:

Protocol

Limitation/Restriction

bittorrent

http traffic generated by the bitcomet bittorrent client might be classified as http

capwap-data

For capwap-data to be classified correctly, capwap-control must also be enabled

cisco-jabber

Encrypted cisco jabber might be classified as unknown.

ftp

During configuring QoS class-map with ftp-data, the ftp protocol must be selected. As an alternative, the ftp application group can be selected.

hulu

Encrypted video streaming generated by hulu might be classified as its underlying protocol rtmpe

logmein

Traffic generated by the logmein android app might be misclassified as ssl

ms-lync

Login and chat traffic generated by the ms-lync client might be misclassified as ssl

ms-lync 2013

Traffic generated by the mobile or mac app is not supported. ms-lync 2013 traffic if any, might be misclassified.

pcanywhere

Traffic generated by pcanywhere for mac might be classified as unknown.

qq-accounts

Login to QQ applications which is not via web may not be classified as qq-accounts

secondlife

Voice traffic generated by secondlife might be misclassified as ssl

Downloading NBAR2 Protocol Packs

NBAR2 Protocol Packs are available for download as Software Type 'NBAR2 Protocol Pack' on cisco.com software download page (http:/​/​www.cisco.com/​cisco/​software/​navigator.html).

Additional References

Related Documents

Related Topic

Document Title

Application Visibility and Control

Application Visibility and Control Configuration Guide

Classifying Network Traffic Using NBAR

Classifying Network Traffic Using NBAR module

NBAR Protocol Pack

NBAR Protocol Pack module

QoS: NBAR Configuration Guide

QoS: NBAR Configuration Guide

QoS Command Reference

Quality of Service Solutions Command Reference