Network Based Application Recognition (NBAR) Protocol Pack 4.1.0 is supported on Cisco ASR 1000 Series Aggregation Services Routers.
Updated Protocols in NBAR2 Protocol Pack 4.1.0
The following protocols are updated in NBAR2 Protocol Pack 4.1.0:
Protocol
Updates
dns
Updated signatures
ftp
Data channel is now classified as
ftp-data
Note
During configuring QoS class-map with
ftp-data, the
ftp protocol must be selected. As an alternative, the
ftp application group can be selected.
qqlive
Updated signatures to avoid misclassification of
http
skype
Updated signatures to the version 6.1.0.129 (or its equivalents on other platforms) to allow the blocking better
tftp
Updated signatures
Caveats in NBAR2 Protocol Pack 4.1.0
Note
If you have an account on Cisco.com, you can also use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and go to
http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. (If the defect that you have requested cannot be displayed, this may be due to one or more of the following reasons: the defect number does not exist, the defect does not have a customer-visible description yet, or the defect has been marked Cisco Confidential.)
Resolved Caveats in NBAR2 Protocol Pack 4.1.0
The following table lists the resolved caveats in NBAR2 Protocol Pack 4.1.0:
Resolved Caveat
Description
Cscud99705
In rare situations,
HTTP traffic may be classified as
QQlive
CSCue47354
HTTP field-extraction is not working as expected
Known Caveats in NBAR2 Protocol Pack 4.1.0
The following table lists the known caveats in NBAR2 Protocol Pack 4.1.0:
Known Caveat
Description
CSCtx65481
Traffic generated by
pcAnywhere for mac and
pcAnywhere mobile app might be misclassified as unknown
CSCub62860
gtalk-video might be misclassified as
rtp
CSCub89835
gbridge pc client might not be blocked
CSCuc43505
Traffic generated by
AIM Pro might be misclassified as
unknown and
webex-meeting
CSCuc57822
NBAR classification granularity may not work or some protocols may be classified as unknown. The CSCuc57822 caveat is specific to Cisco IOS XE Release 3.7S on Cisco ASR 1000 Series Aggregation Services Routers.
CSCue08462
Some
Xunlei-KanKan traffic may be misclassified as
Xunlei
CSCue69212
Traffic generated by
qqlive might be misclassified as
http
Restrictions and Limitations in NBAR2 Protocol Pack 4.1.0
The following table lists the limitations and restrictions in NBAR2 Protocol Pack 4.1.0:
Protocol
Limitation/Restriction
bittorrent
http traffic generated by the
bitcomet bittorrent client might be classified as
http
livemeeting
Application is discontinued and replaced with
ms-lync, traffic generated by
livemeeting may be classified as
ms-lync
hulu
Encrypted video streaming generated by hulu might be classified as its underlying protocol
rtmpe
logmein
Traffic generated by the
logmein android app might be misclassified as
ssl
ms-lync
Login and chat traffic generated by the
ms-lync client might be misclassified as
ssl
secondlife
Voice traffic generated by
secondlife might be misclassified as
ssl