Downloads |
 Feedback
|
Table Of Contents
Classifying Network Traffic Using NBAR in Cisco IOS XE Software
Restrictions for Classifying Network Traffic Using NBAR
NBAR and Classification of HTTP Traffic
Classification of HTTP Traffic by URL, Host, or MIME
Classification of HTTP Traffic Using the HTTP Header Fields
Combinations of Classification of HTTP Headers and URL, Host, or MIME Type to Identify HTTP Traffic
NBAR and Classification of Citrix ICA Traffic
Classification of Citrix ICA Traffic by Published Application Name
Classification of Citrix ICA Traffic by ICA Tag Number
NBAR and RTP Payload Type Classification
NBAR and Classification of Custom Protocols and Applications
NBAR and Classification with Dynamic PDLMs
NBAR and Classification of Peer-to-Peer File-Sharing Applications
NBAR and Multipacket Classification
Configuration Examples for Classifying Network Traffic Using NBAR in Cisco IOS XE Software
Example: Classification of HTTP Traffic Using the HTTP Header Fields
Example: NBAR and Classification of Custom Protocols and Applications
Example: NBAR and Classification of Peer-to-Peer File-Sharing Applications
Feature Information for Classifying Network Traffic Using NBAR
Classifying Network Traffic Using NBAR in Cisco IOS XE Software
First Published: April 4, 2006Last Updated: March 14, 2011Network-Based Application Recognition (NBAR) is a classification engine that recognizes and classifies a wide variety of protocols and applications. When NBAR recognizes and classifies a protocol or application, the network can be configured to apply the appropriate quality of service (QoS) for that application or traffic with that protocol.
This module contains an overview of classifying network traffic using NBAR using Cisco IOS XE software.
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for Classifying Network Traffic Using NBAR" section.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Contents
•
Restrictions for Classifying Network Traffic Using NBAR
•
Restrictions for Classifying Network Traffic Using NBAR
NBAR does not support the following:
•
•
•
"%NBAR_HA-5-NBAR_INFO: NBAR sync DONE!"
•
•
Note
•
NBAR is not supported on the following logical interfaces:
•
•
•
•
•
•
•
Note
Information About Using NBAR
•
•
•
•
•
•
NBAR Functionality
NBAR is a classification engine that recognizes and classifies a wide variety of protocols and applications, including web-based and other difficult-to-classify applications and protocols that use dynamic TCP/UDP port assignments.
When NBAR recognizes and classifies a protocol or application, the network can be configured to apply the appropriate QoS for that application or traffic with that protocol. The QoS is applied using the MQC.
Note
NBAR introduces several classification features that identify applications and protocols from Layer 4 through Layer 7. These classification features are as follows:
•
•
•
•
Note
NBAR includes a Protocol Discovery feature that provides an easy way to discover application protocols that are operating on an interface. For more information about Protocol Discovery, see the "Enabling Protocol Discovery" module.
Note
NBAR includes the Protocol Pack feature that provides an easy way to load protocols and helps NBAR recognize additional protocols for network traffic classification. A protocol pack is set a of protocols developed and packed together. A new protocol pack can be loaded on the router to replace the default IOS protocol pack that is already present in the router.
NBAR Benefits
Identifying and classifying network traffic is an important first step in implementing QoS. A network administrator can more effectively implement QoS in a networking environment after identifying the number and the variety of applications and protocols that are running on a network.
NBAR gives network administrators the ability to see the variety of protocols and the amount of traffic generated by each protocol. After NBAR gathers this information, users can organize traffic into classes. These classes can then be used to provide different levels of service for network traffic, thereby allowing better network management by providing the appropriate level of network resources for network traffic.
NBAR and Classification of HTTP Traffic
This section includes information about the following topics:
•
•
•
Classification of HTTP Traffic by URL, Host, or MIME
NBAR can classify application traffic by looking beyond the TCP/UDP port numbers of a packet. This is called subport classification. NBAR looks into the TCP/UDP payload itself and classifies packets based on content within the payload such as the transaction identifier, message type, or other similar data.
Classification of HTTP traffic by URL, host, or Multipurpose Internet Mail Extension (MIME) type is an example of subport classification. NBAR classifies HTTP traffic by text within the URL or host fields of a request using regular expression matching. HTTP client request matching in NBAR supports most HTTP request methods such as GET, PUT, HEAD, POST, DELETE, OPTIONS, CONNECT, and TRACE. The NBAR engine then converts the specified match string into a regular expression.
Figure 1 illustrates a network topology with NBAR in which Router Y is the NBAR-enabled router.
Figure 1 Network Topology with NBAR
When specifying a URL for classification, include only the portion of the URL that follows the www.hostname.domain in the match statement. For example, for the URL www.cisco.com/latest/whatsnew.html, include only /latest/whatsnew.html with the match statement (for instance, match protocol http url /latest/whatsnew.html).
Host specification is identical to URL specification. NBAR performs a regular expression match on the host field contents inside an HTTP packet and classifies all packets from that host. For example, for the URL www.cisco.com/latest/whatsnew.html, include only www.cisco.com.
For MIME type matching, the MIME type can contain any user-specified text string. A list of the Internet Assigned Numbers Authority (IANA) supported MIME types can be found at the following URL:
http://www.iana.org/assignments/media-types/
When matching by MIME type, NBAR matches a packet containing the MIME type and all subsequent packets until the next HTTP transaction.
NBAR supports URL and host classification in the presence of persistent HTTP. NBAR does not classify packets that are part of a pipelined request. With pipelined requests, multiple requests are pipelined to the server before previous requests are serviced. Pipelined requests are not supported with subclassification and tunneled protocols that use HTTP as the transport protocol.
The NBAR Extended Inspection for HTTP Traffic feature allows NBAR to scan TCP ports that are not well-known and to identify HTTP traffic that traverses these ports. HTTP traffic classification is no longer limited to the well-known and defined TCP ports.
Classification of HTTP Traffic Using the HTTP Header Fields
NBAR introduces expanded ability for users to classify HTTP traffic using information in the HTTP header fields.
HTTP works using a client/server model. HTTP clients open connections by sending a request message to an HTTP server. The HTTP server then returns a response message to the HTTP client (this response message is typically the resource requested in the request message from the HTTP client). After delivering the response, the HTTP server closes the connection and the transaction is complete.
HTTP header fields are used to provide information about HTTP request and response messages. HTTP has numerous header fields. For additional information on HTTP headers, see section 14 of RFC 2616: Hypertext Transfer Protocol—HTTP/1.1. This RFC can be found at the following URL:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
NBAR is able to classify the following HTTP header fields:
•
–
–
–
•
–
–
–
–
Note
Within NBAR, the match protocol http c-header-field command is used to specify that NBAR identify request messages (the "c" in the c-header-field portion of the command is for client). The match protocol http s-header-field command is used to specify response messages (the "s" in the s-header-field portion of the command is for server).
Note
Note
Combinations of Classification of HTTP Headers and URL, Host, or MIME Type to Identify HTTP Traffic
Note that combinations of URL, Host, MIME type, and HTTP headers can be used during NBAR configuration. These combinations provide customers with more flexibility to classify specific HTTP traffic based on their network requirements.
NBAR and Classification of Citrix ICA Traffic
NBAR can classify Citrix Independent Computing Architecture (ICA) traffic and perform subport classification of Citrix traffic based on the published application name or ICA tag number.
This section includes information about the following topics:
•
•
Classification of Citrix ICA Traffic by Published Application Name
NBAR can monitor Citrix ICA client requests for a published application destined to a Citrix ICA Master browser. After the client requests the published application, the Citrix ICA Master browser directs the client to the server with the most available memory. The Citrix ICA client then connects to this Citrix ICA server for the application.
Note
In Server Browser Mode, NBAR statefully tracks and monitors traffic and performs a regular expression search on the packet contents for the published application name specified by the match protocol citrix command. The published application name is specified by using the app keyword and the application-name-string argument of the match protocol citrix command. For more information about the match protocol citrix command, see the Cisco IOS Quality of Service Solutions Command Reference.
The Citrix ICA session triggered to carry the specified application is cached, and traffic is classified appropriately for the published application name.
Citrix ICA Client Modes
Citrix ICA clients can be configured in various modes. NBAR cannot distinguish among Citrix applications in all modes of operation. Therefore, network administrators might need to collaborate with Citrix administrators to ensure that NBAR properly classifies Citrix traffic.
A Citrix administrator can configure Citrix to publish Citrix applications individually or as the entire desktop. In the Published Desktop mode of operation, all applications within the published desktop of a client use the same TCP session. Therefore, differentiation among applications is impossible, and NBAR can be used to classify Citrix applications only as aggregates (by looking at port 1494).
The Published Application mode for Citrix ICA clients is recommended when you use NBAR. In Published Application mode, a Citrix administrator can configure a Citrix client in either seamless or nonseamless (windows) modes of operation. In nonseamless mode, each Citrix application uses a separate TCP connection, and NBAR can be used to provide interapplication differentiation based on the name of the published application.
Seamless mode clients can operate in one of two submodes: session sharing or nonsession sharing. In seamless session sharing mode, all clients share the same TCP connection, and NBAR cannot differentiate among applications. Seamless sharing mode is enabled by default in some software releases. In seamless nonsession sharing mode, each application for each particular client uses a separate TCP connection. NBAR can provide interapplication differentiation in seamless nonsession sharing mode.
Note
Classification of Citrix ICA Traffic by ICA Tag Number
Citrix uses one TCP session each time an application is opened. In the TCP session, a variety of Citrix traffic may be intermingled in the same session. For example, print traffic may be intermingled with interactive traffic, causing interruption and delay for a particular application. Most users likely would prefer that printing be handled as a background process and that printing not interfere with the processing of higher-priority traffic.
To accommodate this preference, the Citrix ICA protocol includes the ability to identify Citrix ICA traffic based on the ICA tag number of the packet. The ability to identify, tag, and prioritize Citrix ICA traffic is referred to as ICA Priority Packet Tagging. With ICA Priority Packet Tagging, Citrix ICA traffic is categorized as high, medium, low, and background, depending on the ICA tag of the packet.
When ICA traffic priority tag numbers are used, and the priority of the traffic is determined, QoS features can be implemented to determine how the traffic will be handled. For example, QoS traffic policing can be configured to transmit or drop packets with a specific priority.
Citrix ICA Packet Tagging
The Citrix ICA tag is included in the first two bytes of the Citrix ICA packet, after the initial negotiations are completed between the Citrix client and server. These bytes are not compressed or encrypted.
The first two bytes of the packet (byte 1 and byte 2) contain the byte count and the ICA priority tag number. Byte 1 contains the low-order byte count, and the first two bits of byte 2 contain the priority tags. The other six bits contain the high-order byte count.
The ICA priority tag value can be a number from 0 to 3. The number indicates the packet priority, with 0 being the highest priority and 3 being the lowest priority.
To prioritize Citrix traffic by the ICA tag number of the packet, you must specify the tag number using the ica-tag keyword and the ica-tag-value argument of the match protocol citrix command. For more information about the match protocol citrix command, see the Cisco IOS Quality of Service Solutions Command Reference.
Table 1 contains information about different Citrix traffic and the respective priority tags.
NBAR and RTP Payload Type Classification
RTP is a packet format for multimedia data streams. It can be used for media-on-demand and for interactive services such as Internet telephony. RTP consists of a data and a control part. The control part is called Real-Time Transport Control Protocol (RTCP). RTCP is a separate protocol that is supported by NBAR. It is important to note that the NBAR RTP Payload Type Classification feature does not identify RTCP packets and that RTCP packets run on odd-numbered ports and RTP packets run on even-numbered ports.
The data part of RTP is a thin protocol that provides support for applications with real-time properties such as continuous media (audio and video), which includes timing reconstruction, loss detection, and security and content identification. RTP is discussed in RFC 1889 (A Transport Protocol for Real-Time Applications) and RFC 1890 (RTP Profile for Audio and Video Conferences with Minimal Control).
The RTP payload type is the data transported by RTP in a packet, for example audio samples or compressed video data.
NBAR RTP Payload Type Classification feature not only allows real-time audio and video traffic to be statefully identified, but can also differentiate on the basis of audio and video codecs to provide more granular QoS. The RTP Payload Type Classification feature, therefore, looks deep into the RTP header to classify RTP packets.
For more information on the classification of RTP with NBAR, see http://www.cisco.com/en/US/products/ps6616/products_white_paper09186a0080110040.shtml
NBAR and Classification of Custom Protocols and Applications
NBAR supports the use of custom protocols to identify custom applications. Custom protocols support static port-based protocols and applications that NBAR does not currently support. You can add to the set of protocols and application types that NBAR recognizes by creating custom protocols.
Custom protocols extend the capability of NBAR Protocol Discovery to classify and monitor additional static port applications and allow NBAR to classify nonsupported static port traffic.
Once the custom protocols are defined, you can then use them with the help of NBAR Protocol Discovery and the MQC to classify the traffic.
With NBAR supporting the use of custom protocols, NBAR can map static TCP and UDP port numbers to the custom protocols.
There are two types of custom protocols:
•
•
NBAR includes the following features related to predefined custom protocols and applications:
•
•
•
NBAR includes the following features related to user-defined custom protocols and applications:
•
•
•
•
•
This additional keyword and two additional arguments allow for creation of more than one custom protocol based on the same port numbers.
Note
NBAR and Classification with Dynamic PDLMs
Dynamic Packet Description Language Modules (PDLM) allow new protocol support or enhance existing protocol support for NBAR without the requirement of a Cisco IOS XE release upgrade and router reload. If the support is for enhancing protocols for NBAR, then the module version of the PDLM should be greater than the existing version of the PDLM. Subsequent Cisco IOS XE releases incorporate support for these new protocols.
Note
Dynamic PDLMs are platform-specific and have Software Family Identifier (SFI) embedded in them. Dynamic PDLMs of other platforms cannot be loaded on Cisco ASR1000 Series Routers.
NBAR and Classification of Peer-to-Peer File-Sharing Applications
The following are the most common peer-to-peer file-sharing applications supported by NBAR:
•
•
•
•
•
•
•
•
In Cisco IOS XE Release 2.5 the DirectConnect and the eDonkey P2P protocols support the following subclassifications:
•
–
–
–
•
The Gnutella file sharing became classifiable using NBAR in Cisco IOS XE Release 2.5.
Applications that use the Gnutella protocol are Bearshare, Gnewtellium, Gnucleus, Gtk-Gnutella, Limewire, Mutella, Phex, Qtella, Swapper, and Xolo.
NBAR Scalability
Interface Scalability
In Cisco IOS XE Release 2.4 and earlier releases, there is no limit on the number of interfaces on which protocol discovery can be enabled.
Table 2 provides the details of the protocol discovery supported interface and the release number.
Flow Scalability
In Cisco IOS XE Release 2.5, the following are supported:
•
•
If this limit is exceeded or there is a flow memory constraint, new flows will be classified as Unknown.
In Cisco IOS XE Release 3.1, the following are supported:
•
•
If this limit is exceeded or there is a flow memory constraint, new flows will be classified as Unknown.
In Cisco IOS XE Release 3.2, the following are supported:
•
•
If this limit is exceeded or there is a flow memory constraint, new flows will be classified as Unknown.
In Cisco IOS XE Release 3.3S, the number of bidirectional flows and the platforms supported are the same as Cisco IOS XE Release 3.2. A new method to reduce the number of active flows based on quick aging is introduced.
The quick aging occurs under the following conditions:
•
•
•
The quick aging method reduces the number of flows required for NBAR operation up to three times or more depending on the network behavior.
NBAR-Supported Protocols
The match protocol (NBAR) command is used to classify traffic on the basis of protocols supported by NBAR. NBAR can classify the following types of protocols:
•
•
•
•
Table 3 lists the NBAR-supported protocols available in Cisco IOS XE software, sorted by category. The table also provides information about the protocol type, the well-known port numbers (if applicable), the syntax for entering the protocol in NBAR, and the Cisco IOS XE software release in which the protocol was initially supported. This table is updated when a protocol becomes supported in Cisco IOS XE software.
Table 3 NBAR-Supported Protocols
Enterprise Applications
Novadigm
TCP/ UDP
3460-3465
Novadigm Enterprise Desktop Manager (EDM)
novadigm
Cisco IOS XE Release 2.3
Citrix (ICA, CGP, IMA, SB)
TCP/
UDPTCP: 1494, 2512, 2513, 2598
UDP: 1604Citrix ICA traffic
citrix
citrix app
citrix ica-tagCisco IOS XE Release 2.5
Oracle
TCP
1525
Oracle
ora-srv
Cisco IOS XE Release 2.3
PCAnywhere
TCP/UDP
TCP: 5631, 65301
UDP: 22, 5632Symantic PCAnywhere
pcanywhere
Cisco IOS XE Release 2.3
SAP
TCP
3300-3315
3200-3215
3600-3615SAP Systems Applications Product in Data processing
sap
Cisco IOS XE Release 2.5
Exchange1
TCP
135
MS-RPC for Exchange
exchange
Cisco IOS XE Release 2.5
Routing Protocols
BGP
TCP/ UDP
179
Border Gateway Protocol
bgp
Cisco IOS XE Release 2.3
EGP
IP
8
Exterior Gateway Protocol
egp
Cisco IOS XE Release 2.3
EIGRP
IP
88
Enhanced Interior Gateway Routing Protocol
eigrp
Cisco IOS XE Release 2.3
OSPF
IP
89
Open Shortest Path First
ospf
Cisco IOS XE Release 2.3
RIP
UDP
520
Routing Information Protocol
rip
Cisco IOS XE Release 2.3
Database
SQL-exec
TCP/UDP
9088
SQL Exec
sqlexec
Cisco IOS XE Release 2.3
SQL*NET
TCP/ UDP
1521
SQL*NET for Oracle
sqlnet
Cisco IOS XE Release 2.5
Financial
FIX
TCP
Heuristic
Financial Information Exchange
fix
Cisco IOS XE Release 2.5
Security and Tunneling
GRE
IP
47
Generic Routing Encapsulation
gre
Cisco IOS XE Release 2.3
IPINIP
IP
4
IP in IP
ipinip
Cisco IOS XE Release 2.3
IPsec
IP/TCP
50, 51
TCP-HeuristicIP Encapsulating Security Payload/
Authentication-
Headeripsec
Cisco IOS XE Release 2.3
Cisco IOS XE Release 3.3SL2TP
UDP
1701
L2F/L2TP Tunnel
l2tp
Cisco IOS XE Release 2.3
PPTP
TCP
1723
Point-to-Point Tunneling Protocol for VPN
pptp
Cisco IOS XE Release 2.3
SFTP
TCP
990
Secure FTP
secure-ftp
Cisco IOS XE Release 2.3
SHTTP
TCP
443
Secure HTTP
secure-http
Cisco IOS XE Release 2.1
SIMAP
TCP/
UDP585, 993
Secure Internet Message Access Protocol
secure-imap
Cisco IOS XE Release 2.3
SIRC
TCP/
UDP994
Secure Internet Relay Chat
secure-irc
Cisco IOS XE Release 2.3
SLDAP
TCP/
UDP636
Secure Lightweight Directory Access Protocol
secure-ldap
Cisco IOS XE Release 2.3
SNNTP
TCP/
UDP563
Secure Network News Transfer Protocol
secure-nntp
Cisco IOS XE Release 2.3
SOCKS
TCP
1080
Firewall Security Protocol
socks
Cisco IOS XE Release 2.3
SPOP3
TCP/
UDP995
Secure POP3
secure-pop3
Cisco IOS XE Release 2.3
SSH
TCP
22
Secured Shell
ssh
Cisco IOS XE Release 2.3
STELNET
TCP
992
Secure Telnet
secure-telnet
Cisco IOS XE Release 2.3
Network Management
ICMP
IP
1
Internet Control Message Protocol
icmp
Cisco IOS XE Release 2.3
SNMP
TCP/
UDP161, 162
Simple Network Management Protocol
snmp
Cisco IOS XE Release 2.3
Syslog
UDP
514
System Logging Utility
syslog
Cisco IOS XE Release 2.3
Network Mail Services
IMAP
TCP/
UDP143, 220
Internet Message Access Protocol
imap
Cisco IOS XE Release 2.3
Notes
TCP/
UDP1352
Lotus Notes
notes
Cisco IOS XE Release 2.3
POP3
TCP/
UDP110, Heuristic
Post Office Protocol
pop3
Cisco IOS XE Release 2.1
SMTP
TCP
25, Heuristic
Simple Mail Transfer Protocol
smtp
Cisco IOS XE Release 2.3
Directory
DHCP/
BOOTPUDP
67, 68
Dynamic Host Configuration Protocol/Bootstrap Protocol
dhcp
Cisco IOS XE Release 2.1
DNS
TCP/
UDP53
Domain Name System
dns
Cisco IOS XE Release 2.1
Finger
TCP
79
Finger User Information Protocol
finger
Cisco IOS XE Release 2.3
Kerberos
TCP/
UDP88, 749
Kerberos Network Authentication Service
kerberos
Cisco IOS XE Release 2.3
LDAP
TCP/
UDP389
Lightweight Directory Access Protocol
ldap
Cisco IOS XE Release 2.3
Internet
FTP
TCP
21, 21000, Heuristic
File Transfer Protocol
ftp
Cisco IOS XE Release 2.1
Gopher
TCP/ UDP
70
Internet Gopher Protocol
gopher
Cisco IOS XE Release 2.3
HTTP
TCP
80, Heuristic
Hypertext Transfer Protocol
http
Cisco IOS XE Release 2.1
Cisco IOS XE Release 2.5IRC
TCP/ UDP
194
Internet Relay Chat
irc
Cisco IOS XE Release 2.3
NNTP
TCP/ UDP
119, Heuristic
Network News Transfer Protocol
nntp
Cisco IOS XE Release 2.3
Telnet
TCP
23
Telnet Protocol
telnet
Cisco IOS XE Release 2.1
TFTP
UDP
69
Trivial File Transfer Protocol
tftp
Cisco IOS XE Release 2.5
Signaling
AppleQTC
TCP/UDP
458
Apple Quick Time
appleqtc
Cisco IOS XE Release 2.3
Chargen
TCP/UDP
19
Character Generator
chargen
Cisco IOS XE Release 2.3
ClearCase
TCP/UDP
371
Clear Case Protocol Software Informer
clearcase
Cisco IOS XE Release 2.3
Corba
TCP/UDP
683, 684
Corba Internet Inter-Orb Protocol (IIOP)
corba-iiop
Cisco IOS XE Release 2.3
Daytime
TCP/UDP
13
Daytime Protocol
daytime
Cisco IOS XE Release 2.3
Doom
TCP/UDP
666
Doom
doom
Cisco IOS XE Release 2.3
Echo
TCP/UDP
7
Echo Protocol
echo
Cisco IOS XE Release 2.3
IBM DB2
TCP/UDP
523
IBM Information Management
ibm-db2
Cisco IOS XE Release 2.3
IPX
TCP/UDP
213
Internet Packet Exchange
server-ipx
Cisco IOS XE Release 2.3
ISAKMP
TCP/UDP
500
Internet Security Association and Key Management Protocol
isakmp
Cisco IOS XE Release 2.3
ISI-GL
TCP/UDP
55
Interoperable Self Installation Graphics Language
isi-gl
Cisco IOS XE Release 2.3
KLogin
TCP
543
KLogin
klogin
Cisco IOS XE Release 2.3
KShell
TCP
544
KShell
kshell
Cisco IOS XE Release 2.3
LockD
TCP/UDP
4045
LockD
lockd
Cisco IOS XE Release 2.3
MSSQL
TCP
1433
Microsoft Structured Query Language (SQL) Server
mssql
Cisco IOS XE Release 2.3
RSVP
IP/
UDPIP: 46
UDP: 1698, 1699Resource Reservation Protocol
rsvp
Cisco IOS XE Release 2.3
RPC
NFS
TCP/UDP
2049
Network File System
nfs
Cisco IOS XE Release 2.3
Sunrpc
TCP/ UDP
111, Heuristic
Sun Remote Procedure Call
sunrpc
Cisco IOS XE Release 2.5
Non-IP and LAN/
LegacyNetBIOS
TCP/ UDP
TCP-137, 138
UDP-137,139NetBIOS over IP (MS Windows)
netbios
Cisco IOS XE Release 2.3
Nickname
TCP/UDP
43
Nickname
nicname
Cisco IOS XE Release 2.3
NPP
TCP/UDP
92
Network Payment Protocol
npp
Cisco IOS XE Release 2.3
Voice
H.323
TCP
Heuristic
H.323 Teleconferencing Protocol
h323
Cisco IOS Release XE 2.1
SIP
TCP/UPD
5060
Session Initiation Protocol
sip
Cisco IOS XE Release 2.1
Skype2
TCP/UDP
TCP-80, Heuristic
VoIP Client Software
skype
Cisco IOS XE Release 2.1
Cisco IOS XE Release 2.5RTP
TCP/ UDP
Heuristic
Real-Time Transport Protocol Payload Classification
rtp
Cisco IOS XE Release 2.5
Desktop Media
CUSeeMe
TCP/UDP
TCP: 7648, 7649
UDP: 24032CU-SeeMe Desktop Video Conference
cuseeme
Cisco IOS XE Release 2.3
Streaming Media
RTSP
TCP
554, 8554
Real-Time Streaming Protocol
rtsp
Cisco IOS XE Release 2.3
Peer-to-Peer File-Sharing Applications
BitTorrent3
TCP
Heuristic, or
6881-6889BitTorrent File Transfer Traffic
bittorrent
Cisco IOS XE Release 2.5
DirectConnect
TCP
80, 411-413, Heuristic
Direct Connect File Transfer Traffic
directconnect
Cisco IOS XE Release 2.5
eDonkey/eMule4
TCP
80, 4662, Heuristic
eDonkey File-Sharing Application
eMule traffic is also classified as eDonkey traffic in NBAR.
edonkey
Cisco IOS XE Release 2.5
eDonkey-static
TCP
80, 4662
Classifies some of the edonkey traffic based on WKP only.
edonkey-static
Cisco IOS XE Release 3.3S
FastTrack
N/A
Heuristic
FastTrack traffic
fasttrack
Cisco IOS XE Release 2.5
FastTrack Static
N/A
Heuristic
FastTrack Static
fasttrack-static
Cisco IOS XE Release 3.3S
Gnutella
TCP/UDP
Heuristic, or TCP-80, 6346-6349, 6355,5634 UDP-6346-6348
Gnutella traffic
gnutella
Cisco IOS XE Release 2.5
KaZaA
TCP/ UPD
Heuristic
KaZaA
Note that earlier KaZaA version 1 traffic can be classified using FastTrack.
kazaa2
Cisco IOS XE Release 2.5
WinMX
TCP
6699
WinMX Peer-to-Peer File-Sharing
winmx
Cisco IOS XE Release 2.5
Miscellaneous
3Com AMP3
TCP/UDP
629
3Com AMP3
3com-amp3
Cisco IOS XE Release 3.1S
3Com TSMUX
TCP/UDP
106
3Com TSMUX
3com-tsmux
Cisco IOS XE Release 3.1S
3PC
TCP/UDP
34
Third Party Connect Protocol
3pc
Cisco IOS XE Release 3.1S
914 C/G
TCP/UDP
211
Texas Instruments 914 Terminal
914c/g
Cisco IOS XE Release 3.1S
9PFS
TCP/UDP
564
Plan 9 file service
9pfs
Cisco IOS XE Release 3.1S
ACAP
TCP/UDP
674
ACAP
acap
Cisco IOS XE Release 3.1S
ACAS
TCP/UDP
62
ACA Services
acas
Cisco IOS XE Release 3.1S
AccessBuilder
TCP/UDP
888
Access Builder
accessbuilder
Cisco IOS XE Release 3.1S
AccessNetwork
TCP/UDP
699
Access Network
accessnetwork
Cisco IOS XE Release 3.1S
ACP
TCP/UDP
599
Aeolon Core Protocol
acp
Cisco IOS XE Release 3.1S
ACR-NEMA
TCP/UDP
104
ACR-NEMA Digital Img
acr-nema
Cisco IOS XE Release 3.1S
AED-512
TCP/UDP
149
AED 512 Emulation service
aed-512
Cisco IOS XE Release 3.1S
Agentx
TCP/UDP
705
AgentX
agentx
Cisco IOS XE Release 3.1S
Alpes
TCP/UDP
463
Alpes
alpes
Cisco IOS XE Release 3.1S
AMInet
TCP/UDP
2639
AMInet
aminet
Cisco IOS XE Release 3.1S
AN
TCP/UDP
107
Active Networks
an
Cisco IOS XE Release 3.1S
ANET
TCP/UDP
212
ATEXSSTR
anet
Cisco IOS XE Release 3.1S
ANSANotify
TCP/UDP
116
ANSA REX Notify
ansanotify
Cisco IOS XE Release 3.1S
ANSATrader
TCP/UDP
124
ansatrader
ansatrader
Cisco IOS XE Release 3.1S
AODV
TCP/UDP
654
AODV
aodv
Cisco IOS XE Release 3.1S
Apertus-LDP
TCP/UDP
539
Apertus Tech Load Distribution
apertus-ldp
Cisco IOS XE Release 3.1S
AppleQTC
TCP/UDP
458
apple quick time
appleqtc
Cisco IOS XE Release 3.1S
AppleQTSRVR
TCP/UDP
545
appleqtcsrvr
appleqtcsrvr
Cisco IOS XE Release 3.1S
Applix
TCP/UDP
999
Applix ac
applix
Cisco IOS XE Release 3.1S
ARCISDMS
TCP/UDP
262
arcisdms
arcisdms
Cisco IOS XE Release 3.1S
ARGUS
TCP/UDP
13
ARGUS
argus
Cisco IOS XE Release 3.1S
Ariel1
TCP/UDP
419
Ariel1
ariel1
Cisco IOS XE Release 3.1S
Ariel2
TCP/UDP
421
Ariel2
ariel2
Cisco IOS XE Release 3.1S
Ariel3
TCP/UDP
422
Ariel3
ariel3
Cisco IOS XE Release 3.1S
ARIS
TCP/UDP
104
ARIS
aris
Cisco IOS XE Release 3.1S
ARNS
TCP/UDP
384
A remote network server system
arns
Cisco IOS XE Release 3.1S
ASA
TCP/UDP
386
ASA Message router object def
asa
Cisco IOS XE Release 3.1S
ASA-Appl-Proto
TCP/UDP
502
asa-appl-proto
asa-appl-proto
Cisco IOS XE Release 3.1S
ASIPRegistry
TCP/UDP
687
asipregistry
asipregistry
Cisco IOS XE Release 3.1S
ASIP-Webadmin
TCP/UDP
311
AppleShare IP WebAdmin
asip-webadmin
Cisco IOS XE Release 3.1S
AS-Servermap
TCP/UDP
449
AS Server Mapper
as-servermap
Cisco IOS XE Release 3.1S
AT-3
TCP/UDP
203
AppleTalk Unused
at-3
Cisco IOS XE Release 3.1S
AT-5
TCP/UDP
205
AppleTalk Unused
at-5
Cisco IOS XE Release 3.1S
AT-7
TCP/UDP
207
AppleTalk Unused
at-7
Cisco IOS XE Release 3.1S
AT-8
TCP/UDP
208
AppleTalk Unused
at-8
Cisco IOS XE Release 3.1S
AT-Echo
TCP/UDP
204
AppleTalk Echo
at-echo
Cisco IOS XE Release 3.1S
AT-NBP
TCP/UDP
202
AppleTalk Name Binding
at-nbp
Cisco IOS XE Release 3.1S
AT-RTMP
TCP/UDP
201
AppleTalk Routing Maintenance
at-rtmp
Cisco IOS XE Release 3.1S
AT-ZIS
TCP/UDP
206
AppleTalk Zone Information
at-zis
Cisco IOS XE Release 3.1S
Audit
TCP/UDP
182
Unisys Audit SITP
audit
Cisco IOS XE Release 3.1S
Auditd
TCP/UDP
48
Digital Audit daemon
auditd
Cisco IOS XE Release 3.1S
Aurora-CMGR
TCP/UDP
364
Aurora CMGR
aurora-cmgr
Cisco IOS XE Release 3.1S
AURP
TCP/UDP
387
Appletalk Update-Based Routing Protocol
aurp
Cisco IOS XE Release 3.1S
AUTH
TCP/UDP
113
Authentication Service
auth
Cisco IOS XE Release 3.1S
Avian
TCP/UDP
486
avian
avian
Cisco IOS XE Release 3.1S
AX25
TCP/UDP
93
AX.25 Frames
ax25
Cisco IOS XE Release 3.1S
Banyan-RPC
TCP/UDP
567
Banyan-RPC
banyan-rpc
Cisco IOS XE Release 3.1S
Banyan-VIP
TCP/UDP
573
Banyan-VIP
banyan-vip
Cisco IOS XE Release 3.1S
BBNRCCMON
TCP/UDP
10
BBN RCC Monitoring
bbnrccmon
Cisco IOS XE Release 3.1S
BDP
TCP/UDP
581
Bundle Discovery protocol
bdp
Cisco IOS XE Release 3.1S
BFTP
TCP/UDP
152
Background File Transfer Program
bftp
Cisco IOS XE Release 3.1S
BGMP
TCP/UDP
264
Border Gateway Multicast Protocol
bgmp
Cisco IOS XE Release 3.1S
BGP
TCP/UDP
179
Border Gateway Protocol
bgp
Cisco IOS XE Release 3.1S
BGS-NSI
TCP/UDP
482
BGS-NSI
bgs-nsi
Cisco IOS XE Release 3.1S
Bhevent
TCP/UDP
357
Bhevent
bhevent
Cisco IOS XE Release 3.1S
BHFHS
TCP/UDP
248
BHFHS
bhfhs
Cisco IOS XE Release 3.1S
BHMDS
TCP/UDP
310
BHMDS
bhmds
Cisco IOS XE Release 3.1S
BL-IDM
TCP/UDP
142
Britton Lee IDM
bl-idm
Cisco IOS XE Release 3.1S
BMPP
TCP/UDP
632
BMPP
bmpp
Cisco IOS XE Release 3.1S
BNA
TCP/UDP
49
BNA
bna
Cisco IOS XE Release 3.1S
Bnet
TCP/UDP
415
BNET
bnet
Cisco IOS XE Release 3.1S
Borland-DSJ
TCP/UDP
707
Borland-dsj
borland-dsj
Cisco IOS XE Release 3.1S
BR-SAT-Mon
TCP/UDP
76
Backroom SATNET Monitoring
br-sat-mon
Cisco IOS XE Release 3.1S
Cableport-AX
TCP/UDP
282
Cable Port A/X
cableport-ax
Cisco IOS XE Release 3.1S
Cab-Protocol
TCP/UDP
595
CAB Protocol
cab-protocol
Cisco IOS XE Release 3.1S
Cadlock
TCP/UDP
770
Cadlock
cadlock
Cisco IOS XE Release 3.1S
CAIlic
TCP/UDP
216
Computer Associates Intl License Server
CAIlic
Cisco IOS XE Release 3.1S
CBT
TCP/UDP
7
CBT
cbt
Cisco IOS XE Release 3.1S
CDC
TCP/UDP
223
Certificate Distribution Center
cdc
Cisco IOS XE Release 3.1S
CFDPTKT
TCP/UDP
120
cfdptkt
cfdptkt
Cisco IOS XE Release 3.1S
CFTP
TCP/UDP
62
CFTP
cftp
Cisco IOS XE Release 3.1S
CHAOS
TCP/UDP
16
Chaos
chaos
Cisco IOS XE Release 3.1S
CharGen
TCP/UDP
19
Character Generator
chargen
Cisco IOS XE Release 3.1S
ChShell
TCP/UDP
562
chcmd
chshell
Cisco IOS XE Release 3.1S
Cimplex
TCP/UDP
673
Cimplex
cimplex
Cisco IOS XE Release 3.1S
Cisco-FNA
TCP/UDP
130
Cisco FNATIVE
cisco-fna
Cisco IOS XE Release 3.1S
Cisco-SYS
TCP/UDP
132
Cisco SYSMAINT
cisco-sys
Cisco IOS XE Release 3.1S
Cisco-TDP
TCP/UDP
711
Cisco TDP
cisco-tdp
Cisco IOS XE Release 3.1S
Cisco-TNA
TCP/UDP
131
Cisco TNATIVE
cisco-tna
Cisco IOS XE Release 3.1S
Clearcase
TCP/UDP
371
Clearcase
clearcase
Cisco IOS XE Release 3.1S
Cloanto-Net-1
TCP/UDP
356
Cloanto-net-1
cloanto-net-1
Cisco IOS XE Release 3.1S
CMIP-Agent
TCP/UDP
164
CMIP/TCP Agent
cmip-agent
Cisco IOS XE Release 3.1S
CMIP-Man
TCP/UDP
163
CMIP/TCP Manager
cmip-man
Cisco IOS XE Release 3.1S
Coauthor
TCP/UDP
1529
Oracle
coauthor
Cisco IOS XE Release 3.1S
Codaauth2
TCP/UDP
370
Codaauth2
codaauth2
Cisco IOS XE Release 3.1S
Collaborator
TCP/UDP
622
Collaborator
collaborator
Cisco IOS XE Release 3.1S
Commerce
TCP/UDP
542
Commerce
commerce
Cisco IOS XE Release 3.1S
Compaq-Peer
TCP/UDP
110
Compaq Peer Protocol
compaq-peer
Cisco IOS XE Release 3.1S
Compressnet
TCP/UDP
2
Management Utility
compressnet
Cisco IOS XE Release 3.1S
COMSCM
TCP/UDP
437
COMSCM
comscm
Cisco IOS XE Release 3.1S
CON
TCP/UDP
759
Con
con
Cisco IOS XE Release 3.1S
Conference
TCP/UDP
531
Chat
conference
Cisco IOS XE Release 3.1S
Connendp
TCP/UDP
693
Almanid Connection Endpoint
connendp
Cisco IOS XE Release 3.1S
ContentServer
TCP/UDP
3365
Contentserver
contentserver
Cisco IOS XE Release 3.1S
CoreRJD
TCP/UDP
284
Corerjd
corerjd
Cisco IOS XE Release 3.1S
Courier
TCP/UDP
530
RPC
courier
Cisco IOS XE Release 3.1S
Covia
TCP/UDP
64
Communications Integrator
covia
Cisco IOS XE Release 3.1S
CPHB
TCP/UDP
73
Computer Protocol Heart Beat
cphb
Cisco IOS XE Release 3.1S
CPNX
TCP/UDP
72
Computer Protocol Network Executive
cpnx
Cisco IOS XE Release 3.1S
Creativepartnr
TCP/UDP
455
Creativepartnr
creativepartnr
Cisco IOS XE Release 3.1S
Creativeserver
TCP/UDP
453
Creativeserver
creativeserver
Cisco IOS XE Release 3.1S
CRS
TCP/UDP
507
CRS
crs
Cisco IOS XE Release 3.1S
CRTP
TCP/UDP
126
Combat Radio Transport Protocol
crtp
Cisco IOS XE Release 3.1S
CRUDP
TCP/UDP
127
Combat Radio User Datagram
crudp
Cisco IOS XE Release 3.1S
CryptoAdmin
TCP/UDP
624
Crypto Admin
cryptoadmin
Cisco IOS XE Release 3.1S
CSI-SGWP
TCP/UDP
348
Cabletron Management Protocol
csi-sgwp
Cisco IOS XE Release 3.1S
CSNET-NS
TCP/UDP
105
Mailbox Name Nameserver
csnet-ns
Cisco IOS XE Release 3.1S
CTF
TCP/UDP
84
Common Trace Facility
ctf
Cisco IOS XE Release 3.1S
CUSTIX
TCP/UDP
528
Customer Ixchange
custix
Cisco IOS XE Release 3.1S
CVC_Hostd
TCP/UDP
442
CVC_Hostd
cvc_hostd
Cisco IOS XE Release 3.1S
Cybercash
TCP/UDP
551
Cybercash
cybercash
Cisco IOS XE Release 3.1S
Cycleserv
TCP/UDP
763
Cycleserv
cycleserv
Cisco IOS XE Release 3.1S
Cycleserv2
TCP/UDP
772
Cycleserv2
cycleserv2
Cisco IOS XE Release 3.1S
Dantz
TCP/UDP
497
Dantz
dantz
Cisco IOS XE Release 3.1S
DASP
TCP/UDP
439
Dasp
dasp
Cisco IOS XE Release 3.1S
DataSurfSRV
TCP/UDP
461
DataRamp Svr
datasurfsrv
Cisco IOS XE Release 3.1S
DataSurfSRVSec
TCP/UDP
462
DataRamp Svr svs
datasurfsrvsec
Cisco IOS XE Release 3.1S
Datex-ASN
TCP/UDP
355
datex-asn
datex-asn
Cisco IOS XE Release 3.1S
Daytime
TCP/UDP
13
Daytime (RFC 867)
daytime
Cisco IOS XE Release 3.1S
Dbase
TCP/UDP
217
dBASE Unix
dbase
Cisco IOS XE Release 3.1S
DCCP
TCP/UDP
33
Datagram Congestion Control Protocol
dccp
Cisco IOS XE Release 3.1S
DCN-Meas
TCP/UDP
19
DCN Measurement Subsystems
dcn-meas
Cisco IOS XE Release 3.1S
DCP
TCP/UDP
93
Device Control Protocol
dcp
Cisco IOS XE Release 3.1S
DCTP
TCP/UDP
675
DCTP
dctp
Cisco IOS XE Release 3.1S
DDM-DFM
TCP/UDP
447
DDM Distributed File management
ddm-dfm
Cisco IOS XE Release 3.1S
DDM-RDB
TCP/UDP
446
DDM-Remote Relational Database Access
ddm-rdb
Cisco IOS XE Release 3.1S
DDM-SSL
TCP/UDP
448
DDM-Remote DB Access Using Secure Sockets
ddm-ssl
Cisco IOS XE Release 3.1S
DDP
TCP/UDP
37
Datagram Delivery Protocol
ddp
Cisco IOS XE Release 3.1S
DDX
TCP/UDP
116
D-II Data Exchange
ddx
Cisco IOS XE Release 3.1S
DEC_DLM
TCP/UDP
625
dec_dlm
dec_dlm
Cisco IOS XE Release 3.1S
Decap
TCP/UDP
403
Decap
decap
Cisco IOS XE Release 3.1S
Decauth
TCP/UDP
316
Decauth
decauth
Cisco IOS XE Release 3.1S
Decbsrv
TCP/UDP
579
Decbsrv
decbsrv
Cisco IOS XE Release 3.1S
Decladebug
TCP/UDP
410
DECLadebug Remote Debug Protocol
decladebug
Cisco IOS XE Release 3.1S
Decvms-sysmgt
TCP/UDP
441
Decvms-sysmgt
decvms-sysmgt
Cisco IOS XE Release 3.1S
DEI-ICDA
TCP/UDP
618
dei-icda
dei-icda
Cisco IOS XE Release 3.1S
DEOS
TCP/UDP
76
Distributed External Object Store
deos
Cisco IOS XE Release 3.1S
Device
TCP/UDP
801
Device
device
Cisco IOS XE Release 3.1S
DGP
TCP/UDP
86
Dissimilar Gateway Protocol
dgp
Cisco IOS XE Release 3.1S
DHCP-Failover
TCP/UDP
647
DHCP Failover
dhcp-failover
Cisco IOS XE Release 3.1S
DHCP-Failover2
TCP/UDP
847
dhcp-failover2
dhcp-failover2
Cisco IOS XE Release 3.1S
DHCPv6-client
TCP/UDP
546
DHCPv6 Client
dhcpv6-client
Cisco IOS XE Release 3.1S
DHCPv6-server
TCP/UDP
547
DHCPv6 Server
dhcpv6-server
Cisco IOS XE Release 3.1S
Dicom
TCP/UDP
Heuristic
Digital Imaging and Communications in Medicine
dicom
Cisco IOS XE Release 3.3S
Digital-VRC
TCP/UDP
466
digital-vrc
digital-vrc
Cisco IOS XE Release 3.1S
Directplay
TCP/UDP
2234
DirectPlay
directplay
Cisco IOS XE Release 3.1S
Directplay8
TCP/UDP
6073
DirectPlay8
directplay8
Cisco IOS XE Release 3.1S
Directv-Catlg
TCP/UDP
3337
Direct TV Data Catalog
directv-catlg
Cisco IOS XE Release 3.1S
Directv-Soft
TCP/UDP
3335
Direct TV Software Updates
directv-soft
Cisco IOS XE Release 3.1S
Directv-Tick
TCP/UDP
3336
Direct TV Tickers
directv-tick
Cisco IOS XE Release 3.1S
Directv-Web
TCP/UDP
3334
Direct TV Webcasting
directv-web
Cisco IOS XE Release 3.1S
Discard
TCP/UDP
9
Discard
discard
Cisco IOS XE Release 3.1S
Disclose
TCP/UDP
667
campaign contribution disclosures
disclose
Cisco IOS XE Release 3.1S
Dixie
TCP/UDP
96
DIXIE Protocol Specification
dixie
Cisco IOS XE Release 3.1S
DLS
TCP/UDP
197
Directory Location Service
dls
Cisco IOS XE Release 3.1S
DLS-Mon
TCP/UDP
198
Directory Location Service Monitor
dls-mon
Cisco IOS XE Release 3.1S
DN6-NLM-AUD
TCP/UDP
195
DNSIX Network Level Module Audit
dn6-nlm-aud
Cisco IOS XE Release 3.1S
DNA-CML
TCP/UDP
436
DNA-CML
dna-cml
Cisco IOS XE Release 3.1S
DNS
TCP/UDP
53
Domain Name Server lookup
dns
Cisco IOS XE Release 3.1S
DNSIX
TCP/UDP
90
DNSIX Security Attribute Token Map
dnsix
Cisco IOS XE Release 3.1S
DOOM
TCP/UDP
666
Doom Id Software
doom
Cisco IOS XE Release 3.1S
DPSI
TCP/UDP
315
DPSI
dpsi
Cisco IOS XE Release 3.1S
DSFGW
TCP/UDP
438
DSFGW
dsfgw
Cisco IOS XE Release 3.1S
DSP
TCP/UDP
33
Display Support Protocol
dsp
Cisco IOS XE Release 3.1S
DSP3270
TCP/UDP
246
Display Systems Protocol
dsp3270
Cisco IOS XE Release 3.1S
DSR
TCP/UDP
48
Dynamic Source Routing Protocol
dsr
Cisco IOS XE Release 3.1S
DTAG-DTE-SB
TCP/UDP
352
DTAG
dtag-ste-sb
Cisco IOS XE Release 3.1S
DTK
TCP/UDP
365
DTK
dtk
Cisco IOS XE Release 3.1S
DWR
TCP/UDP
644
DWR
dwr
Cisco IOS XE Release 3.1S
Echo
TCP/UDP
7
Echo
echo
Cisco IOS XE Release 3.1S
EGP
TCP/UDP
8
Exterior Gateway Protocol
egp
Cisco IOS XE Release 3.1S
EIGRP
TCP/UDP
88
Enhanced Interior Gateway Routing Protocol
eigrp
Cisco IOS XE Release 3.1S
ELCSD
TCP/UDP
704
errlog copy/server daemon
elcsd
Cisco IOS XE Release 3.1S
EMBL-NDT
TCP/UDP
394
EMBL Nucleic Data Transfer
embl-ndt
Cisco IOS XE Release 3.1S
EMCON
TCP/UDP
14
EMCON
emcon
Cisco IOS XE Release 3.1S
EMFIS-CNTLl
TCP/UDP
141
EMFIS Control Service
emfis-cntl
Cisco IOS XE Release 3.1S
EMFIS-Data
TCP/UDP
140
EMFIS Data Service
emfis-data
Cisco IOS XE Release 3.1S
Encap
TCP/UDP
98
Encapsulation Header
encap
Cisco IOS XE Release 3.1S
Entomb
TCP/UDP
775
Entomb
entomb
Cisco IOS XE Release 3.1S
Entrust-AAAS
TCP/UDP
680
Entrust-aaas
entrust-aaas
Cisco IOS XE Release 3.1S
Entrust-AAMS
TCP/UDP
681
Entrust-aams
entrust-aams
Cisco IOS XE Release 3.1S
Entrust-ASH
TCP/UDP
710
Entrust Administration Service Handler
entrust-ash
Cisco IOS XE Release 3.1S
Entrust-KMSH
TCP/UDP
709
Entrust Key Management Service Handler
entrust-kmsh
Cisco IOS XE Release 3.1S
Entrust-SPS
TCP/UDP
640
entrust-sps
entrust-sps
Cisco IOS XE Release 3.1S
ERPC
TCP/UDP
121
Encore Expedited Remote Pro.Call
erpc
Cisco IOS XE Release 3.1S
ESCP-IP
TCP/UDP
621
escp-ip
escp-ip
Cisco IOS XE Release 3.1S
ESRO-GEN
TCP/UDP
259
Efficient Short Remote Operations
esro-gen
Cisco IOS XE Release 3.1S
ESRP-EMSDP
TCP/UDP
642
ESRO-EMSDP V1.3
esro-emsdp
Cisco IOS XE Release 3.1S
EtherIP
TCP/UDP
97
Ethernet-within-IP Encapsulation
etherip
Cisco IOS XE Release 3.1S
Eudora-Set
TCP/UDP
592
Eudora Set
eudora-set
Cisco IOS XE Release 3.1S
EXEC
TCP/UDP
512
remote process execution;
exec
Cisco IOS XE Release 3.1S
Fatserv
TCP/UDP
347
Fatmen Server
fatserv
Cisco IOS XE Release 3.1S
FC
TCP/UDP
133
Fibre Channel
fc
Cisco IOS XE Release 3.1S
FCP
TCP/UDP
510
FirstClass Protocol
fcp
Cisco IOS XE Release 3.1S
Finger
TCP/UDP
79
Finger
finger
Cisco IOS XE Release 3.1S
FIRE
TCP/UDP
125
FIRE
fire
Cisco IOS XE Release 3.1S
FlexLM
TCP/UDP
744
Flexible License Manager
flexlm
Cisco IOS XE Release 3.1S
FLN-SPX
TCP/UDP
221
Berkeley rlogind with SPX auth
fln-spx
Cisco IOS XE Release 3.1S
FTP-Agent
TCP/UDP
574
FTP Software Agent System
ftp-agent
Cisco IOS XE Release 3.1S
FTP-Data
TCP/UDP
20
File Transfer
ftp-data
Cisco IOS XE Release 3.1S
FTPS-Data
TCP/UDP
989
ftp protocol, data, over TLS/SSL
ftps-data
Cisco IOS XE Release 3.1S
Fujitsu-Dev
TCP/UDP
747
Fujitsu Device Control
fujitsu-dev
Cisco IOS XE Release 3.1S
GACP
TCP/UDP
190
Gateway Access Control Protocol
gacp
Cisco IOS XE Release 3.1S
GDOMAP
TCP/UDP
538
gdomap
gdomap
Cisco IOS XE Release 3.1S
Genie
TCP/UDP
402
Genie Protocol
genie
Cisco IOS XE Release 3.1S
Genrad-MUX
TCP/UDP
176
Genrad-mux
genrad-mux
Cisco IOS XE Release 3.1S
GGF-NCP
TCP/UDP
678
GNU Generation Foundation NCP
ggf-ncp
Cisco IOS XE Release 3.1S
GGP
TCP/UDP
3
Gateway-to-Gateway
ggp
Cisco IOS XE Release 3.1S
Ginad
TCP/UDP
634
ginad
ginad
Cisco IOS XE Release 3.1S
GMTP
TCP/UDP
100
GMTP
gmtp
Cisco IOS XE Release 3.1S
Go-Login
TCP/UDP
491
Go-login
go-login
Cisco IOS XE Release 3.1S
Gopher
TCP/UDP
70
Gopher
gopher
Cisco IOS XE Release 3.1S
Graphics
TCP/UDP
41
Graphics
graphics
Cisco IOS XE Release 3.1S
GRE
TCP/UDP
47
General Routing Encapsulation
gre
Cisco IOS XE Release 3.1S
Groove
TCP/UDP
2492
Groove
groove
Cisco IOS XE Release 3.1S
GSS-HTTP
TCP/UDP
488
gss-http
gss-http
Cisco IOS XE Release 3.1S
GSS-XLICEN
TCP/UDP
128
GNU Generation Foundation NCP
gss-xlicen
Cisco IOS XE Release 3.1S
GTP-User
TCP/UDP
2152
GTP-User Plane
gtp-user
Cisco IOS XE Release 3.1S
HA-Cluster
TCP/UDP
694
ha-cluster
ha-cluster
Cisco IOS XE Release 3.1S
HAP
TCP/UDP
661
hap
hap
Cisco IOS XE Release 3.1S
Hassle
TCP/UDP
375
Hassle
hassle
Cisco IOS XE Release 3.1S
HCP-Wismar
TCP/UDP
686
Hardware Control Protocol Wismar
hcp-wismar
Cisco IOS XE Release 3.1S
HDAP
TCP/UDP
263
hdap
hdap
Cisco IOS XE Release 3.1S
Hello-port
TCP/UDP
652
HELLO_PORT
hello-port
Cisco IOS XE Release 3.1S
HEMS
TCP/UDP
151
hems
hems
Cisco IOS XE Release 3.1S
HIP
TCP/UDP
139
Host Identity Protocol
hip
Cisco IOS XE Release 3.1S
HMMP-IND
TCP/UDP
612
HMMP Indication
hmmp-ind
Cisco IOS XE Release 3.1S
HMMP-OP
TCP/UDP
613
HMMP Operation
hmmp-op
Cisco IOS XE Release 3.1S
HMP
TCP/UDP
20
Host Monitoring
hmp
Cisco IOS XE Release 3.1S
HOPOPT
TCP/UDP
0
IPv6 Hop-by-Hop Option
hopopt
Cisco IOS XE Release 3.1S
Hostname
TCP/UDP
101
NIC Host Name Server
hostname
Cisco IOS XE Release 3.1S
HP-Alarm-Mgr
TCP/UDP
383
HP performance data alarm manager
hp-alarm-mgr
Cisco IOS XE Release 3.1S
HP-Collector
TCP/UDP
381
HP performance data collector
hp-collector
Cisco IOS XE Release 3.1S
HP-Managed-Node
TCP/UDP
382
HP performance data managed node
hp-managed-node
Cisco IOS XE Release 3.1S
HTTP-ALT
TCP/UDP
8080
HTTP Alternate
http-alt
Cisco IOS XE Release 3.1S
HTTP-Mgmt
TCP/UDP
280
http-mgmt
http-mgmt
Cisco IOS XE Release 3.1S
HTTP-RPC-EPMAP
TCP/UDP
593
HTTP RPC Ep Map
http-rpc-epmap
Cisco IOS XE Release 3.1S
Hybrid-POP
TCP/UDP
473
Hybrid-pop
hybrid-pop
Cisco IOS XE Release 3.1S
Hyper-G
TCP/UDP
418
Hyper-g
hyper-g
Cisco IOS XE Release 3.1S
Hyperwave-ISP
TCP/UDP
692
Hyperwave-isp
hyperwave-isp
Cisco IOS XE Release 3.1S
IAFDBase
TCP/UDP
480
iafdbase
iafdbase
Cisco IOS XE Release 3.1S
IAFServer
TCP/UDP
479
iafserver
iafserver
Cisco IOS XE Release 3.1S
IASD
TCP/UDP
432
iasd
iasd
Cisco IOS XE Release 3.1S
IATP
TCP/UDP
117
Interactive Agent Transfer Protocol
iatp
Cisco IOS XE Release 3.1S
IBM-App
TCP/UDP
385
IBM Application
ibm-app
Cisco IOS XE Release 3.1S
IBM-DB2
TCP/UDP
523
IBM-DB2
ibm-db2
Cisco IOS XE Release 3.1S
IBProtocol
TCP/UDP
6714
Internet Backplane Protocol
ibprotocol
Cisco IOS XE Release 3.1S
ICLCNet-Locate
TCP/UDP
886
ICL coNETion locate server
iclcnet-locate
Cisco IOS XE Release 3.1S
ICLNet_SVInfo
TCP/UDP
887
ICL coNETion server info
iclcnet_svinfo
Cisco IOS XE Release 3.1S
ICMP
TCP/UDP
1
Internet Control Message
icmp
Cisco IOS XE Release 3.1S
IDFP
TCP/UDP
549
idfp
idfp
Cisco IOS XE Release 3.1S
IDPR
TCP/UDP
35
Inter-Domain Policy Routing Protocol
idpr
Cisco IOS XE Release 3.1S
IDPRr-CMTP
TCP/UDP
38
IDPR Control Message Transport Protocol
idpr-cmtp
Cisco IOS XE Release 3.1S
IDRP
TCP/UDP
45
Inter-Domain Routing Protocol
idrp
Cisco IOS XE Release 3.1S
IEEE-MMS
TCP/UDP
651
ieee-mms
ieee-mms
Cisco IOS XE Release 3.1S
IEEE-MMS-SSL
TCP/UDP
695
ieee-mms-ssl
ieee-mms-ssl
Cisco IOS XE Release 3.1S
IFMP
TCP/UDP
101
Ipsilon Flow Management Protocol
ifmp
Cisco IOS XE Release 3.1S
IGRP
TCP/UDP
9
Cisco interior gateway
igrp
Cisco IOS XE Release 3.1S
IIOP
TCP/UDP
535
iiop
iiop
Cisco IOS XE Release 3.1S
IL
TCP/UDP
40
IL Transport Protocol
il
Cisco IOS XE Release 3.1S
IMSP
TCP/UDP
406
Interactive Mail Support Protocol
imsp
Cisco IOS XE Release 3.1S
InBusiness
TCP/UDP
244
Inbusiness
inbusiness
Cisco IOS XE Release 3.1S
Infoseek
TCP/UDP
414
InfoSeek
infoseek
Cisco IOS XE Release 3.1S
Ingres-Net
TCP/UDP
134
INGRES-NET Service
ingres-net
Cisco IOS XE Release 3.1S
I-NLSP
TCP/UDP
52
Integrated Net Layer Security TUBA
i-nlsp
Cisco IOS XE Release 3.1S
Intecourier
TCP/UDP
495
Intecourier
intecourier
Cisco IOS XE Release 3.1S
Integra-SME
TCP/UDP
484
Integra Software Management Environment
integra-sme
Cisco IOS XE Release 3.1S
Intrinsia
TCP/UDP
503
intrinsa
intrinsa
Cisco IOS XE Release 3.1S
IPCD
TCP/UDP
576
ipcd
ipcd
Cisco IOS XE Release 3.1S
IPComp
TCP/UDP
108
IP Payload Compression Protocol
ipcomp
Cisco IOS XE Release 3.1S
IPCServer
TCP/UDP
600
Sun IPC server
ipcserver
Cisco IOS XE Release 3.1S
IPCV
TCP/UDP
71
Internet Packet Core Utility
ipcv
Cisco IOS XE Release 3.1S
IPDD
TCP/UDP
578
ipdd
ipdd
Cisco IOS XE Release 3.1S
IPINIP
TCP/UDP
4
IP in IP
ipinip
Cisco IOS XE Release 3.1S
IPIP
TCP/UDP
94
IP-within-IP Encapsulation Protocol
ipip
Cisco IOS XE Release 3.1S
IPLT
TCP/UDP
129
IPLT
iplt
Cisco IOS XE Release 3.1S
IPP
TCP/UDP
631
Internet Printing Protocol
ipp
Cisco IOS XE Release 3.1S
IPPC
TCP/UDP
67
Internet Pluribus Packet Core
ippc
Cisco IOS XE Release 3.1S
Ipv6-Frag
TCP/UDP
44
Fragment Header for IPv6
ipv6-frag
Cisco IOS XE Release 3.1S
Ipv6-ICMP
TCP/UDP
58
ICMP for IPv6
ipv6-icmp
Cisco IOS XE Release 3.1S
Ipv6INIP
TCP/UDP
41
Ipv6 encapsulated
ipv6inip
Cisco IOS XE Release 3.1S
ipv6-NonXT
TCP/UDP
59
No Next Header for IPv6
ipv6-nonxt
Cisco IOS XE Release 3.1S
Ipv6-OPTS
TCP/UDP
60
Destination Options for IPv6
ipv6-opts
Cisco IOS XE Release 3.1S
Ipv6-Route
TCP/UDP
43
Routing Header for IPv6
ipv6-route
Cisco IOS XE Release 3.1S
IRC
TCP/UDP
194
Internet Relay Chat
irc
Cisco IOS XE Release 3.1S
IRC-SERV
TCP/UDP
529
IRC-SERV
irc-serv
Cisco IOS XE Release 3.1S
IRTP
TCP/UDP
28
Internet Reliable Transaction
irtp
Cisco IOS XE Release 3.1S
IS99C
TCP/UDP
379
TIA/EIA/IS-99 modem client
is99c
Cisco IOS XE Release 3.1S
IS99S
TCP/UDP
380
TIA/EIA/IS-99 modem server
is99s
Cisco IOS XE Release 3.1S
ISAKMP
UDP
500, 4500
Internet Security Association & Key Management Protocol
isakmp
Cisco IOS XE Release 3.1S
ISI-GI
TCP/UDP
55
ISI Graphics Language
isi-gl
Cisco IOS XE Release 3.1S
ISIS
TCP/UDP
124
ISIS over IPv4
isis
Cisco IOS XE Release 3.1S
ISO-ILL
TCP/UDP
499
ISO ILL Protocol
iso-ill
Cisco IOS XE Release 3.1S
ISO-IP
TCP/UDP
147
iso-ip
iso-ip
Cisco IOS XE Release 3.1S
ISO-TP0
TCP/UDP
146
iso-tp0
iso-tp0
Cisco IOS XE Release 3.1S
ISO-TP4
TCP/UDP
29
ISO Transport Protocol Class 4
iso-tp4
Cisco IOS XE Release 3.1S
ISO-TSAP
TCP/UDP
102
ISO-TSAP Class 0
iso-tsap
Cisco IOS XE Release 3.1S
ISO-TSAP-C2
TCP/UDP
399
ISO Transport Class 2 Non-Control
iso-tsap-c2
Cisco IOS XE Release 3.1S
ITM-MCELL-S
TCP/UDP
828
itm-mcell-s
itm-mcell-s
Cisco IOS XE Release 3.1S
IXP-IN-IP
TCP/UDP
111
IPX in IP
ixp-in-ip
Cisco IOS XE Release 3.1S
Jargon
TCP/UDP
148
Jargon
jargon
Cisco IOS XE Release 3.1S
Kali
TCP/UDP
2213
Kali
kali
Cisco IOS XE Release 3.1S
K-Block
TCP/UDP
287
K-block
k-block
Cisco IOS XE Release 3.1S
Keyserver
TCP/UDP
584
Key Server
keyserver
Cisco IOS XE Release 3.1S
KIS
TCP/UDP
186
KIS Protocol
kis
Cisco IOS XE Release 3.1S
Klogin
TCP/UDP
543
klogin
klogin
Cisco IOS XE Release 3.1S
Knet-CMP
TCP/UDP
157
KNET/VM Command/Message Protocol
knet-cmp
Cisco IOS XE Release 3.1S
Konspire2b
TCP/UDP
6085
Konspire2b p2p network
Konspire2b
Cisco IOS XE Release 3.1S
Kpasswd
TCP/UDP
464
Kpasswd
kpasswd
Cisco IOS XE Release 3.1S
Kryptolan
TCP/UDP
398
Kryptolan
kryptolan
Cisco IOS XE Release 3.1S
Kshell
TCP/UDP
544
Kshell
kshell
Cisco IOS XE Release 3.1S
L2TP
TCP/UDP
1701
l2tp
l2tp
Cisco IOS XE Release 3.1S
LA-Maint
TCP/UDP
51
IMP Logical Address Maintenance
la-maint
Cisco IOS XE Release 3.1S
LANServer
TCP/UDP
637
lanserver
lanserver
Cisco IOS XE Release 3.1S
LARP
TCP/UDP
91
Locus Address Resolution Protocol
larp
Cisco IOS XE Release 3.1S
LDAP
TCP/UDP
389
Lightweight Directory Access Protocol
ldap
Cisco IOS XE Release 3.1S
LDP
TCP/UDP
646
LDP
ldp
Cisco IOS XE Release 3.1S
Leaf-1
TCP/UDP
25
Leaf-1
leaf-1
Cisco IOS XE Release 3.1S
Leaf-2
TCP/UDP
26
Leaf-2
leaf-2
Cisco IOS XE Release 3.1S
Legent-1
TCP/UDP
373
Legent Corporation
legent-1
Cisco IOS XE Release 3.1S
Legent-2
TCP/UDP
374
Legent Corporation
legent-2
Cisco IOS XE Release 3.1S
LJK-Login
TCP/UDP
472
ljk-login
ljk-login
Cisco IOS XE Release 3.1S
Lockd
TCP/UDP
4045
NFS Lock Daemon Manager
lockd
Cisco IOS XE Release 3.1S
Locus-Con
TCP/UDP
127
Locus PC-Interface Conn Server
locus-con
Cisco IOS XE Release 3.1S
Locus-Map
TCP/UDP
125
Locus PC-Interface Net Map Ser
locus-map
Cisco IOS XE Release 3.1S
MAC-SRVR-Admin
TCP/UDP
660
MacOS Server Admin
mac-srvr-admin
Cisco IOS XE Release 3.1S
Magenta-Logic
TCP/UDP
313
Magenta-logic
magenta-logic
Cisco IOS XE Release 3.1S
Mailbox-LM
TCP/UDP
505
Mailbox-lm
mailbox-lm
Cisco IOS XE Release 3.1S
Mailq
TCP/UDP
174
MAILQ
mailq
Cisco IOS XE Release 3.1S
Maitrd
TCP/UDP
997
Maitrd
maitrd
Cisco IOS XE Release 3.1S
MANET
TCP/UDP
138
MANET Protocols
manet
Cisco IOS XE Release 3.1S
MasqDialer
TCP/UDP
224
Masqdialer
masqdialer
Cisco IOS XE Release 3.1S
Matip-Type-A
TCP/UDP
350
MATIP Type A
matip-type-a
Cisco IOS XE Release 3.1S
Matip-Type-B
TCP/UDP
351
MATIP Type B
matip-type-b
Cisco IOS XE Release 3.1S
MCIDAS
TCP/UDP
112
McIDAS Data Transmission Protocol
mcidas
Cisco IOS XE Release 3.1S
MCNS-Sec
TCP/UDP
638
mcns-sec
mcns-sec
Cisco IOS XE Release 3.1S
MDC-Portmapper
TCP/UDP
685
mdc-portmapper
mdc-portmapper
Cisco IOS XE Release 3.1S
MeComm
TCP/UDP
668
MeComm
mecomm
Cisco IOS XE Release 3.1S
MeRegister
TCP/UDP
669
MeRegister
meregister
Cisco IOS XE Release 3.1S
Merit-INP
TCP/UDP
32
MERIT Internodal Protocol
merit-inp
Cisco IOS XE Release 3.1S
Meta5
TCP/UDP
393
Meta5
meta5
Cisco IOS XE Release 3.1S
Metagram
TCP/UDP
99
Metagram
metagram
Cisco IOS XE Release 3.1S
Meter
TCP/UDP
570
Meter
meter
Cisco IOS XE Release 3.1S
Mfcobol
TCP/UDP
86
Micro Focus Cobol
mfcobol
Cisco IOS XE Release 3.1S
MFE-NSP
TCP/UDP
31
MFE Network Services Protocol
mfe-nsp
Cisco IOS XE Release 3.1S
MFTP
TCP/UDP
349
mftp
mftp
Cisco IOS XE Release 3.1S
Micom-PFS
TCP/UDP
490
Micom-pfs
micom-pfs
Cisco IOS XE Release 3.1S
MICP
TCP/UDP
95
Mobile Internetworking Control Pro.
micp
Cisco IOS XE Release 3.1S
Micromuse-LM
TCP/UDP
1534
micromuse-lm
micromuse-lm
Cisco IOS XE Release 3.1S
MIT-DOV
TCP/UDP
91
MIT Dover Spooler
mit-dov
Cisco IOS XE Release 3.1S
MIT-ML-Dev
TCP/UDP
83
MIT ML Device
mit-ml-dev
Cisco IOS XE Release 3.1S
Mobile
TCP/UDP
55
IP Mobility
mobile
Cisco IOS XE Release 3.1S
MobileIP-Agent
TCP/UDP
434
mobileip-agent
mobileip-agent
Cisco IOS XE Release 3.1S
MobilIP-MN
TCP/UDP
435
mobilip-mn
mobilip-mn
Cisco IOS XE Release 3.1S
Mondex
TCP/UDP
471
Mondex
mondex
Cisco IOS XE Release 3.1S
Monitor
TCP/UDP
561
Monitor
monitor
Cisco IOS XE Release 3.1S
Mortgageware
TCP/UDP
367
Mortgageware
mortgageware
Cisco IOS XE Release 3.1S
MPLS-IN-IP
TCP/UDP
137
MPLS-in-IP
mpls-in-ip
Cisco IOS XE Release 3.1S
MPM
TCP/UDP
45
Message Processing Module
mpm
Cisco IOS XE Release 3.1S
MPM-Flags
TCP/UDP
44
MPM FLAGS Protocol
mpm-flags
Cisco IOS XE Release 3.1S
MPM-SND
TCP/UDP
46
MPM [default send]
mpm-snd
Cisco IOS XE Release 3.1S
MPP
TCP/UDP
218
Netix Message Posting Protocol
mpp
Cisco IOS XE Release 3.1S
MPTN
TCP/UDP
397
Multi Protocol Transport Network
mptn
Cisco IOS XE Release 3.1S
MRM
TCP/UDP
679
mrm
mrm
Cisco IOS XE Release 3.1S
MSDP
TCP/UDP
639
msdp
msdp
Cisco IOS XE Release 3.1S
MSExch-Routing
TCP/UDP
691
MS Exchange Routing
msexch-routing
Cisco IOS XE Release 3.1S
MSFT-GC
TCP/UDP
3268
Microsoft Global Catalog
msft-gc
Cisco IOS XE Release 3.1S
MSFT-GC-SSL
TCP/UDP
3269
Microsoft Global Catalog with LDAP/SSL
msft-gc-ssl
Cisco IOS XE Release 3.1S
MSG-AUTH
TCP/UDP
31
msg-auth
msg-auth
Cisco IOS XE Release 3.1S
MSG-ICP
TCP/UDP
29
msg-icp
msg-icp
Cisco IOS XE Release 3.1S
MSNP
TCP/UDP
1863
msnp
msnp
Cisco IOS XE Release 3.1S
MS-OLAP
TCP/UDP
2393
Microsoft OLAP
ms-olap
Cisco IOS XE Release 3.1S
MSP
TCP/UDP
18
Message Send Protocol
msp
Cisco IOS XE Release 3.1S
MS-Rome
TCP/UDP
569
Microsoft rome
ms-rome
Cisco IOS XE Release 3.1S
MS-Shuttle
TCP/UDP
568
Microsoft shuttle
ms-shuttle
Cisco IOS XE Release 3.1S
MS-SQLl-M
TCP/UDP
1434
Microsoft-SQL-Monitor
ms-sql-m
Cisco IOS XE Release 3.1S
MTP
TCP/UDP
92
Multicast Transport Protocol
mtp
Cisco IOS XE Release 3.1S
Multiling-HTTP
TCP/UDP
777
Multiling HTTP
multiling-http
Cisco IOS XE Release 3.1S
Multiplex
TCP/UDP
171
Network Innovations Multiplex
multiplex
Cisco IOS XE Release 3.1S
Mumps
TCP/UDP
188
Plus Fives MUMPS
mumps
Cisco IOS XE Release 3.1S
MUX
TCP/UDP
18
Multiplexing
mux
Cisco IOS XE Release 3.1S
Mylex-MAPD
TCP/UDP
467
mylex-mapd
mylex-mapd
Cisco IOS XE Release 3.1S
MySQL
TCP/UDP
3306
MySQL
mysql
Cisco IOS XE Release 3.1S
Name
TCP/UDP
42
Host Name Server
name
Cisco IOS XE Release 3.1S
NAMP
TCP/UDP
167
namp
namp
Cisco IOS XE Release 3.1S
NARP
TCP/UDP
54
NBMA Address Resolution Protocol
narp
Cisco IOS XE Release 3.1S
NAS
TCP/UDP
991
Netnews Administration System
nas
Cisco IOS XE Release 3.1S
NCED
TCP/UDP
404
nced
nced
Cisco IOS XE Release 3.1S
NCLD
TCP/UDP
405
ncld
ncld
Cisco IOS XE Release 3.1S
NCP
TCP/UDP
524
NCP
ncp
Cisco IOS XE Release 3.1S
NDSAuth
TCP/UDP
353
NDSAUTH
ndsauth
Cisco IOS XE Release 3.1S
Nest-Protocol
TCP/UDP
489
Nest-protocol
nest-protocol
Cisco IOS XE Release 3.1S
Net8-CMAN
TCP/UDP
1830
Oracle Net8 CMan Admin
net8-cman
Cisco IOS XE Release 3.1S
Net-Assistant
TCP/UDP
3283
net-assistant
net-assistant
Cisco IOS XE Release 3.1S
Netblt
TCP/UDP
30
Bulk Data Transfer Protocol
netblt
Cisco IOS XE Release 3.1S
NetGW
TCP/UDP
741
netgw
netgw
Cisco IOS XE Release 3.1S
NetNews
TCP/UDP
532
readnews
netnews
Cisco IOS XE Release 3.1S
NetRCS
TCP/UDP
742
Network based RCS
netrcs
Cisco IOS XE Release 3.1S
NetRJS-1
TCP/UDP
71
Remote Job Service
netrjs-1
Cisco IOS XE Release 3.1S
NetRJS-2
TCP/UDP
72
Remote Job Service
netrjs-2
Cisco IOS XE Release 3.1S
NetRJS-3
TCP/UDP
73
Remote Job Service
netrjs-3
Cisco IOS XE Release 3.1S
NetRJS-4
TCP/UDP
74
Remote Job Service
netrjs-4
Cisco IOS XE Release 3.1S
NETSC-Dev
TCP/UDP
155
NETSC
netsc-dev
Cisco IOS XE Release 3.1S
NETSC-Prod
TCP/UDP
154
NETSC
netsc-prod
Cisco IOS XE Release 3.1S
NetViewDM1
TCP/UDP
729
IBM NetView M
netviewdm1
Cisco IOS XE Release 3.1S
NetviewDM2
TCP/UDP
730
IBM NetView DM
netviewdm2
Cisco IOS XE Release 3.1S
NetviewDM3
TCP/UDP
731
IBM NetView DM
netviewdm3
Cisco IOS XE Release 3.1S
Netwall
TCP/UDP
533
for emergency broadcasts
netwall
Cisco IOS XE Release 3.1S
Netware-IP
TCP/UDP
396
Novell Netware over IP
netware-ip
Cisco IOS XE Release 3.1S
New-RWHO
TCP/UDP
550
new who
new-rwho
Cisco IOS XE Release 3.1S
NextStep
TCP/UDP
178
NextStep Window Server
nextstep
Cisco IOS XE Release 3.1S
NFS
TCP/UDP
2049
Network File System
nfs
Cisco IOS XE Release 3.1S
NicName
TCP/UDP
43
Who Is
nicname
Cisco IOS XE Release 3.1S
NI-FTP
TCP/UDP
47
NI FTP
ni-ftp
Cisco IOS XE Release 3.1S
NI-Mail
TCP/UDP
61
NI MAIL
ni-mail
Cisco IOS XE Release 3.1S
Nlogin
TCP/UDP
758
nlogin
nlogin
Cisco IOS XE Release 3.1S
NMAP
TCP/UDP
689
nmap
nmap
Cisco IOS XE Release 3.1S
NMSP
TCP/UDP
537
Networked Media Streaming Protocol
nmsp
Cisco IOS XE Release 3.1S
NNSP
TCP/UDP
433
nnsp
nnsp
Cisco IOS XE Release 3.1S
Notes
TCP/UDP
1352
Lotus Notes(R)
notes
Cisco IOS XE Release 3.1S
NovaStorBakcup
TCP/UDP
308
Novastor Backup
novastorbakcup
Cisco IOS XE Release 3.1S
NPMP-GUI
TCP/UDP
611
npmp-gui
npmp-gui
Cisco IOS XE Release 3.1S
NPMP-Local
TCP/UDP
610
npmp-local
npmp-local
Cisco IOS XE Release 3.1S
NPMP-Trap
TCP/UDP
609
npmp-trap
npmp-trap
Cisco IOS XE Release 3.1S
NPP
TCP/UDP
92
Network Printing Protocol
npp
Cisco IOS XE Release 3.1S
NQS
TCP/UDP
607
nqs
nqs
Cisco IOS XE Release 3.1S
NS
TCP/UDP
760
ns
ns
Cisco IOS XE Release 3.1S
NSFNET-IGP
TCP/UDP
85
NSFNET-IGP
nsfnet-igp
Cisco IOS XE Release 3.1S
NSIIOPS
TCP/UDP
261
IIOP Name Service over TLS/SSL
nsiiops
Cisco IOS XE Release 3.1S
NSRMP
TCP/UDP
359
Network Security Risk Management Protocol
nsrmp
Cisco IOS XE Release 3.1S
NSS-Routing
TCP/UDP
159
NSS-Routing
nss-routing
Cisco IOS XE Release 3.1S
NSW-FE
TCP/UDP
27
NSW User System FE
nsw-fe
Cisco IOS XE Release 3.1S
Ntalk
TCP/UDP
518
Ntalk
ntalk
Cisco IOS XE Release 3.1S
NTP
TCP/ UDP
123
Network Time Protocol
ntp
Cisco IOS XE Release 2.3
Cisco IOS XE Release 3.1SNVP-II
TCP/UDP
11
Network Voice Protocol
nvp-ii
Cisco IOS XE Release 3.1S
NXEdit
TCP/UDP
126
nxedit
nxedit
Cisco IOS XE Release 3.1S
OBCBinder
TCP/UDP
183
ocbinder
ocbinder
Cisco IOS XE Release 3.1S
OBEX
TCP/UDP
650
obex
obex
Cisco IOS XE Release 3.1S
ObjCall
TCP/UDP
94
Tivoli Object Dispatcher
objcall
Cisco IOS XE Release 3.1S
OCS_AMU
TCP/UDP
429
ocs_amu
ocs_amu
Cisco IOS XE Release 3.1S
OCS_CMU
TCP/UDP
428
ocs_cmu
ocs_cmu
Cisco IOS XE Release 3.1S
OCServer
TCP/UDP
184
ocserver
ocserver
Cisco IOS XE Release 3.1S
ODMR
TCP/UDP
366
odmr
odmr
Cisco IOS XE Release 3.1S
OHIMSRV
TCP/UDP
506
ohimsrv
ohimsrv
Cisco IOS XE Release 3.1S
OLSR
TCP/UDP
698
olsr
olsr
Cisco IOS XE Release 3.1S
OMGInitialRefs
TCP/UDP
900
omginitialrefs
omginitialrefs
Cisco IOS XE Release 3.1S
OMServ
TCP/UDP
764
omserv
omserv
Cisco IOS XE Release 3.1S
ONMUX
TCP/UDP
417
onmux
onmux
Cisco IOS XE Release 3.1S
Opalis-RDV
TCP/UDP
536
Opalis-rdv
opalis-rdv
Cisco IOS XE Release 3.1S
Opalis-Robot
TCP/UDP
314
oOpalis-robot
opalis-robot
Cisco IOS XE Release 3.1S
OPC-Job-Start
TCP/UDP
423
IBM Operations Planning and Control Start
opc-job-start
Cisco IOS XE Release 3.1S
OPC-Job-Track
TCP/UDP
424
IBM Operations Planning and Control Track
opc-job-track
Cisco IOS XE Release 3.1S
Openport
TCP/UDP
260
Openport
openport
Cisco IOS XE Release 3.1S
OpenVMS-Sysipc
TCP/UDP
557
Openvms-sysipc
openvms-sysipc
Cisco IOS XE Release 3.1S
OracleNames
TCP/UDP
1575
Oraclenames
oraclenames
Cisco IOS XE Release 3.1S
OracleNet8CMAN
TCP/UDP
1630
Oracle Net8 Cman
oraclenet8cman
Cisco IOS XE Release 3.1S
ORA-Srv
TCP/UDP
1525
Oracle TCP/IP Listener
ora-srv
Cisco IOS XE Release 3.1S
Orbix-Config
TCP/UDP
3076
Orbix 2000 Config
orbix-config
Cisco IOS XE Release 3.1S
Orbix-Locator
TCP/UDP
3075
Orbix 2000 Locator
orbix-locator
Cisco IOS XE Release 3.1S
Orbix-Loc-SSL
TCP/UDP
3077
Orbix 2000 Locator SSL
orbix-loc-ssl
Cisco IOS XE Release 3.1S
OSPF
TCP/UDP
89
Open Shortest Path First
ospf
Cisco IOS XE Release 3.1S
OSU-NMS
TCP/UDP
192
OSU Network Monitoring System
osu-nms
Cisco IOS XE Release 3.1S
Parsec-Game
TCP/UDP
6582
Parsec Gameserver
parsec-game
Cisco IOS XE Release 3.1S
Passgo
TCP/UDP
511
Passgo
passgo
Cisco IOS XE Release 3.1S
Passgo-Tivoli
TCP/UDP
627
Passgo-tivoli
passgo-tivoli
Cisco IOS XE Release 3.1S
Password-Chg
TCP/UDP
586
Password Change
password-chg
Cisco IOS XE Release 3.1S
Pawserv
TCP/UDP
345
Perf Analysis Workbench
pawserv
Cisco IOS XE Release 3.1S
PCMail-SRV
TCP/UDP
158
PCMail Server
pcmail-srv
Cisco IOS XE Release 3.1S
PDAP
TCP/UDP
344
Prospero Data Access Protocol
pdap
Cisco IOS XE Release 3.1S
Personal-link
TCP/UDP
281
Personal-link
personal-link
Cisco IOS XE Release 3.1S
PFTP
TCP/UDP
662
Parallel File Transfer Protocol
pftp
Cisco IOS XE Release 3.1S
PGM
TCP/UDP
113
PGM Reliable Transport Protocol
pgm
Cisco IOS XE Release 3.1S
Philips-VC
TCP/UDP
583
Philips Video-Conferencing
philips-vc
Cisco IOS XE Release 3.1S
Phonebook
TCP/UDP
767
Phone
phonebook
Cisco IOS XE Release 3.1S
Photuris
TCP/UDP
468
Photuris
photuris
Cisco IOS XE Release 3.1S
PIM
TCP/UDP
103
Protocol Independent Multicast
pim
Cisco IOS XE Release 3.1S
PIM-RP-DISC
TCP/UDP
496
PIM-RP-DISC
pim-rp-disc
Cisco IOS XE Release 3.1S
PIP
TCP/UDP
1321
pip
pip
Cisco IOS XE Release 3.1S
PIPE
TCP/UDP
131
Private IP Encapsulation within IP
pipe
Cisco IOS XE Release 3.1S
PIRP
TCP/UDP
553
pirp
pirp
Cisco IOS XE Release 3.1S
PKIX-3-CA-RA
TCP/UDP
829
PKIX-3 CA/RA
pkix-3-ca-ra
Cisco IOS XE Release 3.1S
PKIX-Timestamp
TCP/UDP
318
pkix-timestamp
pkix-timestamp
Cisco IOS XE Release 3.1S
PNNI
TCP/UDP
102
PNNI over IP
pnni
Cisco IOS XE Release 3.1S
Pop2
TCP/UDP
109
Post Office Protocol - Version 2
pop2
Cisco IOS XE Release 3.1S
Pop3
TCP/UDP
110, Heuristic
Post Office Protocol 3
pop3
Cisco IOS XE Release 3.1S
POV-Ray
TCP/UDP
494
pov-ray
pov-ray
Cisco IOS XE Release 3.1S
Powerburst
TCP/UDP
485
Air Soft Power Burst
powerburst
Cisco IOS XE Release 3.1S
PPStream
TCP/UDP
Heuristic
P2P TV Application
ppstream
Cisco IOS XE Release 3.3S
PPTP
TCP/UDP
1723
Point-to-Point Tunneling Protocol
pptp
Cisco IOS XE Release 3.1S
Printer
TCP/UDP
515
spooler
printer
Cisco IOS XE Release 2.3
Cisco IOS XE Release 3.1SPrint-SRV
TCP/UDP
170
Network PostScript
print-srv
Cisco IOS XE Release 3.1S
PRM
TCP/UDP
21
Packet Radio Measurement
prm
Cisco IOS XE Release 3.1S
PRM-NM
TCP/UDP
409
Prospero Resource Manager Node Man
prm-nm
Cisco IOS XE Release 3.1S
PRM-SM
TCP/UDP
408
Prospero Resource Manager Sys. Man
prm-sm
Cisco IOS XE Release 3.1S
Profile
TCP/UDP
136
PROFILE Naming System
profile
Cisco IOS XE Release 3.1S
Prospero
TCP/UDP
191
Prosper Directory Service
prospero
Cisco IOS XE Release 3.1S
PTCNameService
TCP/UDP
597
PTC Name Service
ptcnameservice
Cisco IOS XE Release 3.1S
PTP
TCP/UDP
123
Performance Transparency Protocol
ptp
Cisco IOS XE Release 3.1S
PTP-Event
TCP/UDP
319
PTP Event
ptp-event
Cisco IOS XE Release 3.1S
PTP-General
TCP/UDP
320
PTP General
ptp-general
Cisco IOS XE Release 3.1S
Pump
TCP/UDP
751
Pump
pump
Cisco IOS XE Release 3.1S
PUP
TCP/UDP
12
PUP
pup
Cisco IOS XE Release 3.1S
Purenoise
TCP/UDP
663
purenoise
purenoise
Cisco IOS XE Release 3.1S
PVP
TCP/UDP
75
Packet Video Protocol
pvp
Cisco IOS XE Release 3.1S
PWDGen
TCP/UDP
129
Password Generator Protocol
pwdgen
Cisco IOS XE Release 3.1S
QBIKGDP
TCP/UDP
368
qbikgdp
qbikgdp
Cisco IOS XE Release 3.1S
QFT
TCP/UDP
189
Queued File Transport
qft
Cisco IOS XE Release 3.1S
QMQP
TCP/UDP
628
qmqp
qmqp
Cisco IOS XE Release 3.1S
QMTP
TCP/UDP
209
The Quick Mail Transfer Protocol
qmtp
Cisco IOS XE Release 3.1S
QNX
TCP/UDP
106
QNX
qnx
Cisco IOS XE Release 3.1S
QoTD
TCP/UDP
17
Quote of the Day
qotd
Cisco IOS XE Release 3.1S
QRH
TCP/UDP
752
qrh
qrh
Cisco IOS XE Release 3.1S
QUOTD
TCP/UDP
762
quotad
quotad
Cisco IOS XE Release 3.1S
RAP
TCP/UDP
38
Route Access Protocol
rap
Cisco IOS XE Release 3.1S
RCMD
TCP
512-514
BSD r-commands
rcmd
Cisco IOS XE Release 3.3S
RCP
TCP/UDP
469
Radio Control Protocol
rcp
Cisco IOS XE Release 2.3
Cisco IOS XE Release 3.1SRDA
TCP/UDP
630
rda
rda
Cisco IOS XE Release 3.1S
RDB-DBS-DISP
TCP/UDP
1571
Oracle Remote Data Base
rdb-dbs-disp
Cisco IOS XE Release 3.1S
RDP
TCP/UDP
27
Reliable Data Protocol
rdp
Cisco IOS XE Release 3.1S
Realm-RUSD
TCP/UDP
688
ApplianceWare managment protocol
realm-rusd
Cisco IOS XE Release 3.1S
RE-Mail-CK
TCP/UDP
50
Remote Mail Checking Protocol
re-mail-ck
Cisco IOS XE Release 3.1S
RemoteFS
TCP/UDP
556
rfs server
remotefs
Cisco IOS XE Release 3.1S
Remote-KIS
TCP/UDP
185
Remote-kis
remote-kis
Cisco IOS XE Release 3.1S
REPCMD
TCP/UDP
641
repcmd
repcmd
Cisco IOS XE Release 3.1S
REPSCMD
TCP/UDP
653
repscmd
repscmd
Cisco IOS XE Release 3.1S
RESCAP
TCP/UDP
283
rescap
rescap
Cisco IOS XE Release 3.1S
RIP
TCP/UDP
520
Routing Information Protocol
rip
Cisco IOS XE Release 3.1S
RIPING
TCP/UDP
521
ripng
ripng
Cisco IOS XE Release 3.1S
RIS
TCP/UDP
180
Intergraph
ris
Cisco IOS XE Release 3.1S
RIS-CM
TCP/UDP
748
Russell Info Sci Calendar Manager
ris-cm
Cisco IOS XE Release 3.1S
RJE
TCP/UDP
5
Remote Job Entry
rje
Cisco IOS XE Release 3.1S
RLP
TCP/UDP
39
Resource Location Protocol
rlp
Cisco IOS XE Release 3.1S
RLZDBASE
TCP/UDP
635
rlzdbase
rlzdbase
Cisco IOS XE Release 3.1S
RMC
TCP/UDP
657
rmc
rmc
Cisco IOS XE Release 3.1S
RMIActivation
TCP/UDP
1098
rmiactivation
rmiactivation
Cisco IOS XE Release 3.1S
RMIRegistry
TCP/UDP
1099
rmiregistry
rmiregistry
Cisco IOS XE Release 3.1S
RMonitor
TCP/UDP
560
Rmonitord
rmonitor
Cisco IOS XE Release 3.1S
RMT
TCP/UDP
411
Remote MT Protocol
rmt
Cisco IOS XE Release 3.1S
RPC2Portmap
TCP/UDP
369
rpc2portmap
rpc2portmap
Cisco IOS XE Release 3.1S
RRH
TCP/UDP
753
rrh
rrh
Cisco IOS XE Release 3.1S
RRP
TCP/UDP
648
Registry Registrar Protocol
rrp
Cisco IOS XE Release 3.1S
RSH-SPX
TCP/UDP
222
Berkeley rshd with SPX auth
rsh-spx
Cisco IOS XE Release 3.1S
RSVD
TCP/UDP
168
rsvd
rsvd
Cisco IOS XE Release 3.1S
RSVP_Tunnel
TCP/UDP
363
rsvp_tunnel
rsvp_tunnel
Cisco IOS XE Release 3.1S
RSVP-E2E-Ignore
TCP/UDP
134
RSVP-E2E-IGNORE
rsvp-e2e-ignore
Cisco IOS XE Release 3.1S
Rsync
TCP/UDP
873
Rsync
rsync
Cisco IOS XE Release 3.1S
RTelnet
TCP/UDP
107
Remote Telnet Service
rtelnet
Cisco IOS XE Release 2.3
Cisco IOS XE Release 3.1SRTIP
TCP/UDP
771
rtip
rtip
Cisco IOS XE Release 3.1S
RTSPS
TCP/UDP
322
RTSPS
rtsps
Cisco IOS XE Release 3.1S
Rushd
TCP/UDP
696
Rushd
rushd
Cisco IOS XE Release 3.1S
RVD
TCP/UDP
66
MIT Remote Virtual Disk Protocol
rvd
Cisco IOS XE Release 3.1S
RXE
TCP/UDP
761
rxe
rxe
Cisco IOS XE Release 3.1S
SAFT
TCP/UDP
487
saft Simple Asynchronous File Transfer
saft
Cisco IOS XE Release 3.1S
Sanity
TCP/UDP
643
Sanity
sanity
Cisco IOS XE Release 3.1S
SAT-EXPAK
TCP/UDP
64
SATNET and Backroom EXPAK
sat-expak
Cisco IOS XE Release 3.1S
SAT-Mon
TCP/UDP
69
SATNET Monitoring
sat-mon
Cisco IOS XE Release 3.1S
SCC-Security
TCP/UDP
582
scc-security
scc-security
Cisco IOS XE Release 3.1S
SCC-SP
TCP/UDP
96
Semaphore Communications Sec. Pro.
scc-sp
Cisco IOS XE Release 3.1S
SCO-DTMgr
TCP/UDP
617
SCO Desktop Administration Server
sco-dtmgr
Cisco IOS XE Release 3.1S
SCOHELP
TCP/UDP
457
scohelp
scohelp
Cisco IOS XE Release 3.1S
SCOI2ODialog
TCP/UDP
360
scoi2odialog
scoi2odialog
Cisco IOS XE Release 3.1S
SCO-Inetmgr
TCP/UDP
615
Internet Configuration Manager
sco-inetmgr
Cisco IOS XE Release 3.1S
SCO-SysMgr
TCP/UDP
616
SCO System Administration Server
sco-sysmgr
Cisco IOS XE Release 3.1S
SCO-WebsrvrMg3
TCP/UDP
598
SCO Web Server Manager 3
sco-websrvrmg3
Cisco IOS XE Release 3.1S
SCO-WebsrvrMgr
TCP/UDP
620
SCO WebServer Manager
sco-websrvrmgr
Cisco IOS XE Release 3.1S
SCPS
TCP/UDP
105
SCPS
scps
Cisco IOS XE Release 3.1S
SCTP
TCP/UDP
132
Stream Control Transmission Protocol
sctp
Cisco IOS XE Release 3.1S
SCX-Proxy
TCP/UDP
470
scx-proxy
scx-proxy
Cisco IOS XE Release 3.1S
SDNSKMP
TCP/UDP
558
SDNSKMP
sdnskmp
Cisco IOS XE Release 3.1S
SDRP
TCP/UDP
42
Source Demand Routing Protocol
sdrp
Cisco IOS XE Release 3.1S
Secure-ftp
TCP/UDP
990
ftp protocol, control, over TLS/SSL
secure-ftp
Cisco IOS XE Release 3.1S
Secure-IRC
TCP/UDP
994
irc protocol over TLS
secure-irc
Cisco IOS XE Release 3.1S
Secure-LDAP
TCP/UDP
636
ldap protocol over TLS
secure-ldap
Cisco IOS XE Release 3.1S
Secure-NNTP
TCP/UDP
563
nntp protocol over TLS
secure-nntp
Cisco IOS XE Release 3.1S
Secure-Pop3
TCP/UDP
995
pop3 protocol over TLS
secure-pop3
Cisco IOS XE Release 3.1S
Secure-Telnet
TCP/UDP
992
telnet protocol over TLS
secure-telnet
Cisco IOS XE Release 3.1S
Secure-VMTP
TCP/UDP
82
SECURE-VMTP
secure-vmtp
Cisco IOS XE Release 3.1S
Semantix
TCP/UDP
361
Semantix
semantix
Cisco IOS XE Release 3.1S
Send
TCP/UDP
169
SEND
send
Cisco IOS XE Release 3.1S
Server-IPX
TCP/UDP
213
Internetwork Packet Exchange Protocol
server-ipx
Cisco IOS XE Release 3.1S
Servstat
TCP/UDP
633
Service Status update
servstat
Cisco IOS XE Release 3.1S
SET
TCP/UDP
257
Secure Electronic Transaction
set
Cisco IOS XE Release 3.1S
SFS-Config
TCP/UDP
452
Cray SFS config server
sfs-config
Cisco IOS XE Release 3.1S
SFS-SMP-Net
TCP/UDP
451
Cray Network Semaphore server
sfs-smp-net
Cisco IOS XE Release 3.1S
SFTP
TCP/UDP
115
Simple File Transfer Protocol
sftp
Cisco IOS XE Release 3.1S
SGCP
TCP/UDP
440
sgcp
sgcp
Cisco IOS XE Release 3.1S
SGMP
TCP/UDP
153
sgmp
sgmp
Cisco IOS XE Release 3.1S
SGMP-Traps
TCP/UDP
160
sgmp-traps
sgmp-traps
Cisco IOS XE Release 3.1S
Shockwave
TCP/UDP
1626
Shockwave
shockwave
Cisco IOS XE Release 3.1S
Shrinkwrap
TCP/UDP
358
Shrinkwrap
shrinkwrap
Cisco IOS XE Release 3.1S
SIAM
TCP/UDP
498
siam
siam
Cisco IOS XE Release 3.1S
SIFT-UFT
TCP/UDP
608
Sender-Initiated/Unsolicited File Transfer
sift-uft
Cisco IOS XE Release 3.1S
SILC
TCP/UDP
706
silc
silc
Cisco IOS XE Release 3.1S
SitaraDir
TCP/UDP
2631
Sitaradir
sitaradir
Cisco IOS XE Release 3.1S
SitaraMgmt
TCP/UDP
2630
Sitaramgmt
sitaramgmt
Cisco IOS XE Release 3.1S
Sitaraserver
TCP/UDP
2629
sitaraserver
sitaraserver
Cisco IOS XE Release 3.1S
SKIP
TCP/UDP
57
SKIP
skip
Cisco IOS XE Release 3.1S
SKRONK
TCP/UDP
460
skronk
skronk
Cisco IOS XE Release 3.1S
SM
TCP/UDP
122
SM
sm
Cisco IOS XE Release 3.1S
Smakynet
TCP/UDP
122
Smakynet
smakynet
Cisco IOS XE Release 3.1S
SmartSDP
TCP/UDP
426
Smartsdp
smartsdp
Cisco IOS XE Release 3.1S
SMP
TCP/UDP
121
Simple Message Protocol
smp
Cisco IOS XE Release 3.1S
SMPNameRes
TCP/UDP
901
smpnameres
smpnameres
Cisco IOS XE Release 3.1S
SMSD
TCP/UDP
596
smsd
smsd
Cisco IOS XE Release 3.1S
SMSP
TCP/UDP
413
Storage Management Services Protocol
smsp
Cisco IOS XE Release 3.1S
SMUX
TCP/UDP
199
SMUX
smux
Cisco IOS XE Release 3.1S
SNAGas
TCP/UDP
108
SNA Gateway Access Server
snagas
Cisco IOS XE Release 3.1S
Snare
TCP/UDP
509
Snare
snare
Cisco IOS XE Release 3.1S
S-Net
TCP/UDP
166
Sirius Systems
s-net
Cisco IOS XE Release 3.1S
SNP
TCP/UDP
109
Sitara Networks Protocol
snp
Cisco IOS XE Release 3.1S
SNPP
TCP/UDP
444
Simple Network Paging Protocol
snpp
Cisco IOS XE Release 3.1S
SNTP-Heartbeat
TCP/UDP
580
SNTP HEARTBEAT
sntp-heartbeat
Cisco IOS XE Release 3.1S
SoftPC
TCP/UDP
215
Insignia Solutions
softpc
Cisco IOS XE Release 3.1S
Sonar
TCP/UDP
572
Sonar
sonar
Cisco IOS XE Release 3.1S
SPMP
TCP/UDP
656
spmp
spmp
Cisco IOS XE Release 3.1S
Sprite-RPC
TCP/UDP
90
Sprite RPC Protocol
sprite-rpc
Cisco IOS XE Release 3.1S
SPS
TCP/UDP
130
Secure Packet Shield
sps
Cisco IOS XE Release 3.1S
SPSC
TCP/UDP
478
spsc
spsc
Cisco IOS XE Release 3.1S
SQL*Net
TCP/UDP
66
Oracle SQL*NET
sql*net
Cisco IOS XE Release 3.1S
SQLExec
TCP/UDP
9088
SQL Informix
sqlexec
Cisco IOS XE Release 3.1S
SQL-Net
TCP/UDP
150
SQL-NET
sql-net
Cisco IOS XE Release 3.1S
SQLServ
TCP/UDP
118
SQL Services
sqlserv
Cisco IOS XE Release 3.1S
SQLServer
TCP/UDP
1433
Microsoft-SQL-Server
sqlserver
Cisco IOS XE Release 3.1S
SRC
TCP/UDP
200
IBM System Resource Controller
src
Cisco IOS XE Release 3.1S
SRMP
TCP/UDP
193
Spider Remote Monitoring Protocol
srmp
Cisco IOS XE Release 3.1S
SRP
TCP/UDP
119
SpectraLink Radio Protocol
srp
Cisco IOS XE Release 3.1S
SRSSend
TCP/UDP
362
srssend
srssend
Cisco IOS XE Release 3.1S
SS7NS
TCP/UDP
477
ss7ns
ss7ns
Cisco IOS XE Release 3.1S
SSCOPMCE
TCP/UDP
128
SSCOPMCE
sscopmce
Cisco IOS XE Release 3.1S
SSH
TCP/UDP
22
Secure Shell Protocol
ssh
Cisco IOS XE Release 3.1S
Sshell
TCP/UDP
614
SSLshell
sshell
Cisco IOS XE Release 3.1S
SST
TCP/UDP
266
SCSI on ST
sst
Cisco IOS XE Release 3.1S
ST
TCP/UDP
5
Stream
st
Cisco IOS XE Release 3.1S
StatSRV
TCP/UDP
133
Statistics Service
statsrv
Cisco IOS XE Release 3.1S
STMF
TCP/UDP
501
stmf
stmf
Cisco IOS XE Release 3.1S
STP
TCP/UDP
118
Schedule Transfer Protocol
stp
Cisco IOS XE Release 3.1S
StreetTalk
TCP/UDP
566
Streettalk
streettalk
Cisco IOS XE Release 3.1S
Stun-NAT
TCP/UDP
3478
STUN
stun-nat
Cisco IOS XE Release 3.1S
STX
TCP/UDP
527
Stock IXChange
stx
Cisco IOS XE Release 3.1S
Submission
TCP/UDP
587
Submission
submission
Cisco IOS XE Release 3.1S
Subntbcst_TFTP
TCP/UDP
247
subntbcst_tftp
subntbcst_tftp
Cisco IOS XE Release 3.1S
SU-MIT-TG
TCP/UDP
89
SU/MIT Telnet Gateway
su-mit-tg
Cisco IOS XE Release 3.1S
Sun-DR
TCP/UDP
665
sun-dr
sun-dr
Cisco IOS XE Release 3.1S
Sun-ND
TCP/UDP
77
SUN ND PROTOCOL-Temporary
sun-nd
Cisco IOS XE Release 3.1S
SupDup
TCP/UDP
95
SUPDUP
supdup
Cisco IOS XE Release 3.1S
Surf
TCP/UDP
1010
Surf
surf
Cisco IOS XE Release 3.1S
Sur-Meas
TCP/UDP
243
Survey Measurement
sur-meas
Cisco IOS XE Release 3.1S
Svrloc
TCP/UDP
427
Server Location
svrloc
Cisco IOS XE Release 3.1S
Swift-RVF
TCP/UDP
97
Swift Remote Virtural File Protocol
swift-rvf
Cisco IOS XE Release 3.1S
Swipe
TCP/UDP
53
IP with Encryption
swipe
Cisco IOS XE Release 3.1S
Synoptics-Trap
TCP/UDP
412
Trap Convention Port
synoptics-trap
Cisco IOS XE Release 3.1S
Synotics-Broker
TCP/UDP
392
SynOptics Port Broker Port
synotics-broker
Cisco IOS XE Release 3.1S
Synotics-Relay
TCP/UDP
391
SynOptics SNMP Relay Port
synotics-relay
Cisco IOS XE Release 3.1S
Systat
TCP/UDP
11
Active Users
systat
Cisco IOS XE Release 2.3
Cisco IOS XE Release 3.1STACACS
TCP/UDP
49, 65
Terminal Access Controller Access Control System
tacacs
Cisco IOS XE Release 2.3
Cisco IOS XE Release 3.1STAC News
TCP/UDP
98
TAC News
tacnews
Cisco IOS XE Release 3.1S
Talk
TCP/UDP
517
Talk
talk
Cisco IOS XE Release 3.1S
TCF
TCP/UDP
87
TCF
tcf
Cisco IOS XE Release 3.1S
TD-Replica
TCP/UDP
268
Tobit David Replica
td-replica
Cisco IOS XE Release 3.1S
TD-Service
TCP/UDP
267
Tobit David Service Layer
td-service
Cisco IOS XE Release 3.1S
Teedtap
TCP/UDP
559
Teedtap
teedtap
Cisco IOS XE Release 3.1S
Tell
TCP/UDP
754
Send
tell
Cisco IOS XE Release 3.1S
Telnet
TCP/UDP
23
Telnet
telnet
Cisco IOS XE Release 3.1S
Tempo
TCP/UDP
526
newdate
tempo
Cisco IOS XE Release 3.1S
Tenfold
TCP/UDP
658
Tenfold
tenfold
Cisco IOS XE Release 3.1S
Texar
TCP/UDP
333
Texar Security Port
texar
Cisco IOS XE Release 3.1S
TICF-1
TCP/UDP
492
Transport Independent Convergence for FNA
ticf-1
Cisco IOS XE Release 3.1S
TICF-2
TCP/UDP
493
Transport Independent Convergence for FNA
ticf-2
Cisco IOS XE Release 3.1S
Timbuktu
TCP/UDP
407
Timbuktu
timbuktu
Cisco IOS XE Release 3.1S
Time
TCP/UDP
37
Time
time
Cisco IOS XE Release 2.3
Cisco IOS XE Release 3.1STimed
TCP/UDP
525
Timeserver
timed
Cisco IOS XE Release 3.1S
TINC
TCP/UDP
655
tinc
tinc
Cisco IOS XE Release 3.1S
TLISRV
TCP/UDP
1527
Oracle
tlisrv
Cisco IOS XE Release 3.1S
TLSP
TCP/UDP
56
Transport Layer Security Protocol
tlsp
Cisco IOS XE Release 3.1S
TNETOS
TCP/UDP
377
NEC Corporation
tnETOS
Cisco IOS XE Release 3.1S
TNS-CML
TCP/UDP
590
tns-cml
tns-cml
Cisco IOS XE Release 3.1S
TN-TL-FD1
TCP/UDP
476
tn-tl-fd1
tn-tl-fd1
Cisco IOS XE Release 3.1S
TP++
TCP/UDP
39
TP++ Transport Protocol
tp++
Cisco IOS XE Release 3.1S
TPIP
TCP/UDP
594
tpip
tpip
Cisco IOS XE Release 3.1S
Trunk-1
TCP/UDP
23
Trunk-1
trunk-1
Cisco IOS XE Release 3.1S
Trunk-2
TCP/UDP
24
Trunk-2
trunk-2
Cisco IOS XE Release 3.1S
TServer
TCP/UDP
450
Computer Supported Telecomunication Applications
tserver
Cisco IOS XE Release 3.1S
TTP
TCP/UDP
84
TTP
ttp
Cisco IOS XE Release 3.1S
UAAC
TCP/UDP
145
UAAC Protocol
uaac
Cisco IOS XE Release 3.1S
UARPs
TCP/UDP
219
Unisys ARPs
uarps
Cisco IOS XE Release 3.1S
UDPLite
TCP/UDP
136
UDPLite
udplite
Cisco IOS XE Release 3.1S
UIS
TCP/UDP
390
uis
uis
Cisco IOS XE Release 3.1S
uLISTProc
TCP/UDP
372
List Processor
ulistproc
Cisco IOS XE Release 3.1S
ULP
TCP/UDP
522
ulp
ulp
Cisco IOS XE Release 3.1S
ULPNet
TCP/UDP
483
ulpnet
ulpnet
Cisco IOS XE Release 3.1S
Unidata-LDM
TCP/UDP
388
Unidata LDM
unidata-ldm
Cisco IOS XE Release 3.1S
Unify
TCP/UDP
181
Unify
unify
Cisco IOS XE Release 3.1S
UPS
TCP/UDP
401
Uninterruptible Power Supply
ups
Cisco IOS XE Release 3.1S
URM
TCP/UDP
606
Cray Unified Resource Manager
urm
Cisco IOS XE Release 3.1S
UTI
TCP/UDP
120
UTI
uti
Cisco IOS XE Release 3.1S
Utime
TCP/UDP
519
Unixtime
utime
Cisco IOS XE Release 3.1S
UTMPCD
TCP/UDP
431
utmpcd
utmpcd
Cisco IOS XE Release 3.1S
UTMPSD
TCP/UDP
430
utmpsd
utmpsd
Cisco IOS XE Release 3.1S
UUCP
TCP/UDP
540
uucpd
uucp
Cisco IOS XE Release 3.1S
UUCP-Path
TCP/UDP
117
UUCP Path Service
uucp-path
Cisco IOS XE Release 3.1S
UUCP-rLogin
TCP/UDP
541
uucp-rlogin
uucp-rlogin
Cisco IOS XE Release 3.1S
UUIDGEN
TCP/UDP
697
UUIDGEN
uuidgen
Cisco IOS XE Release 3.1S
VACDSM-App
TCP/UDP
671
VACDSM-APP
vacdsm-app
Cisco IOS XE Release 3.1S
VACDSM-SWS
TCP/UDP
670
VACDSM-SWS
vacdsm-sws
Cisco IOS XE Release 3.1S
VATP
TCP/UDP
690
Velazquez Application Transfer Protocol
vatp
Cisco IOS XE Release 3.1S
VEMMI
TCP/UDP
575
vemmi
vemmi
Cisco IOS XE Release 3.1S
VID
TCP/UDP
769
vid
vid
Cisco IOS XE Release 3.1S
Videotex
TCP/UDP
516
videotex
videotex
Cisco IOS XE Release 3.1S
VISA
TCP/UDP
70
VISA Protocol
visa
Cisco IOS XE Release 3.1S
VNC
TCP/UDP
5800, 5900, 5901
Virtual Network Computing
vnc
Cisco IOS XE Release 2.3
VMNet
TCP/UDP
175
vmnet
vmnet
Cisco IOS XE Release 3.1S
VMPWSCS
TCP/UDP
214
vmpwscs
vmpwscs
Cisco IOS XE Release 3.1S
VMTP
TCP/UDP
81
VMTP
vmtp
Cisco IOS XE Release 3.1S
VNAS
TCP/UDP
577
vnas
vnas
Cisco IOS XE Release 3.1S
VPP
TCP/UDP
677
Virtual Presence Protocol
vpp
Cisco IOS XE Release 3.1S
VPPS-QUA
TCP/UDP
672
vpps-qua
vpps-qua
Cisco IOS XE Release 3.1S
VPPS-VIA
TCP/UDP
676
vpps-via
vpps-via
Cisco IOS XE Release 3.1S
VRRP
TCP/UDP
112
Virtual Router Redundancy Protocol
vrrp
Cisco IOS XE Release 3.1S
VSINet
TCP/UDP
996
vsinet
vsinet
Cisco IOS XE Release 3.1S
VSLMP
TCP/UDP
312
vslmp
vslmp
Cisco IOS XE Release 3.1S
WAP-Push
TCP/UDP
2948
WAP PUSH
wap-push
Cisco IOS XE Release 3.1S
WAP-Push-HTTP
TCP/UDP
4035
WAP Push OTA-HTTP port
wap-push-http
Cisco IOS XE Release 3.1S
WAP-Push-HTTPS
TCP/UDP
4036
WAP Push OTA-HTTP secure
wap-push-https
Cisco IOS XE Release 3.1S
WAP-Pushsecure
TCP/UDP
2949
WAP PUSH SECURE
wap-pushsecure
Cisco IOS XE Release 3.1S
WAP-VACL-S
TCP/UDP
9207
WAP vCal Secure
wap-vcal-s
Cisco IOS XE Release 3.1S
WAP-VCAL
TCP/UDP
9205
WAP vCal
wap-vcal
Cisco IOS XE Release 3.1S
WAP-VCARD
TCP/UDP
9204
WAP vCard
wap-vcard
Cisco IOS XE Release 3.1S
WAP-VCARD-S
TCP/UDP
9206
WAP vCard Secure
wap-vcard-s
Cisco IOS XE Release 3.1S
WAP-WSP
TCP/UDP
9200
WAP connectionless session service
wap-wsp
Cisco IOS XE Release 3.1S
WAP-WSP-S
TCP/UDP
9202
WAP secure connectionless session service
wap-wsp-s
Cisco IOS XE Release 3.1S
WAP-WSP-WTP
TCP/UDP
9201
WAP session service
wap-wsp-wtp
Cisco IOS XE Release 3.1S
WAP-WSP-WTP-S
TCP/UDP
9203
WAP secure session service
wap-wsp-wtp-s
Cisco IOS XE Release 3.1S
WB-Expak
TCP/UDP
79
WIDEBAND EXPAK
wb-expak
Cisco IOS XE Release 3.1S
WB-Mon
TCP/UDP
78
WIDEBAND Monitoring
wb-mon
Cisco IOS XE Release 3.1S
Webster
TCP/UDP
765
Webster
webster
Cisco IOS XE Release 3.1S
WhoAmI
TCP/UDP
565
whoami
whoami
Cisco IOS XE Release 3.1S
Whois++
TCP/UDP
63
whois++ Service
whois++
Cisco IOS XE Release 2.3
Cisco IOS XE Release 3.1SWorldFusion
TCP/UDP
2595
World Fusion
worldfusion
Cisco IOS XE Release 3.1S
WPGS
TCP/UDP
780
wpgs
wpgs
Cisco IOS XE Release 3.1S
WSN
TCP/UDP
74
Wang Span Network
wsn
Cisco IOS XE Release 3.1S
XAct-Backup
TCP/UDP
911
Xact-backup
xact-backup
Cisco IOS XE Release 3.1S
X-Bone-CTL
TCP/UDP
265
Xbone CTL
x-bone-ctl
Cisco IOS XE Release 3.1S
XDMCP
TCP/UDP
177
X Display Manager Control Protocol
xdmcp
Cisco IOS XE Release 2.3
Cisco IOS XE Release 3.1SXDTP
TCP/UDP
3088
eXtensible Data Transfer Protocol
xdtp
Cisco IOS XE Release 3.1S
XFER
TCP/UDP
82
XFER Utility
xfer
Cisco IOS XE Release 3.1S
XNET
TCP/UDP
15
Cross Net Debugger
xnet
Cisco IOS XE Release 3.1S
XNS-Auth
TCP/UDP
56
XNS Authentication
xns-auth
Cisco IOS XE Release 3.1S
XNS-CH
TCP/UDP
54
XNS Clearinghouse
xns-ch
Cisco IOS XE Release 3.1S
XNS-Courier
TCP/UDP
165
Xerox
xns-courier
Cisco IOS XE Release 3.1S
XNS-IDP
TCP/UDP
22
XEROX NS IDP
xns-idp
Cisco IOS XE Release 3.1S
XNS-Mail
TCP/UDP
58
XNS mail
xns-mail
Cisco IOS XE Release 3.1S
XNS-Time
TCP/UDP
52
XNS Time Protocol
xns-time
Cisco IOS XE Release 3.1S
XTP
TCP/UDP
36
XTP
xtp
Cisco IOS XE Release 3.1S
XVTTP
TCP/UDP
508
xvttp
xvttp
Cisco IOS XE Release 3.1S
XYPlex-Mux
TCP/UDP
173
Xyplex
xyplex-mux
Cisco IOS XE Release 3.1S
X Windows
TCP
6000-6003
X Window System
xwindows
Cisco IOS XE Release 2.3
Cisco IOS XE Release 3.1Sz39.50
TCP/UDP
210
ANSI Z39.50
z39.50
Cisco IOS XE Release 3.1S
Zannet
TCP/UDP
317
Zannet
zannet
Cisco IOS XE Release 3.1S
ZServ
TCP/UDP
346
Zebra server
zserv
Cisco IOS XE Release 3.1S
AN
IP
107
Active Networks
an
Cisco IOS XE Release 3.1S
AOL-Protocol5
TCP
5190
America OnLine Protocol
aol-protocol
Cisco IOS XE Release 3.3S
ARGUS
IP
13
ARGUS
argus
Cisco IOS XE Release 3.1S
ARIS
IP
104
ARIS
aris
Cisco IOS XE Release 3.1S
AX25
IP
93
AX.25 Frames
ax25
Cisco IOS XE Release 3.1S
BBNR RCC Mon
IP
10
BBN RCC Monitoring
bbnrccmon
Cisco IOS XE Release 3.1S
BLIZWOW
TCp, UDP
3724
World of Warcraft Gaming Protocol
blizwow
Cisco IOS XE Release 3.3S
BNA
IP
49
BNA
bna
Cisco IOS XE Release 3.1S
BR-SAT-Mon
IP
76
Backroom SATNET Monitoring
br-sat-mon
Cisco IOS XE Release 3.1S
CBT
IP
7
CBT
cbt
Cisco IOS XE Release 3.1S
CFTP
IP
62
CFTP
cftp
Cisco IOS XE Release 3.1S
Choas
IP
16
Chaos
chaos
Cisco IOS XE Release 3.1S
Compaq-Peer
IP
110
Compaq Peer Protocol
compaq-peer
Cisco IOS XE Release 3.1S
CPHB
IP
73
Computer Protocol Heart Beat
cphb
Cisco IOS XE Release 3.1S
CPNX
IP
72
Computer Protocol Network Executive
cpnx
Cisco IOS XE Release 3.1S
CRTP
IP
126
Combat Radio Transport Protocol
crtp
Cisco IOS XE Release 3.1S
CRUDP
IP
127
Combat Radio User Datagram
crudp
Cisco IOS XE Release 3.1S
DCCP
IP
33
Datagram Congestion Control Protocol
dccp
Cisco IOS XE Release 3.1S
DCN-Meas
IP
19
DCN Measurement Subsystems
dcn-meas
Cisco IOS XE Release 3.1S
DDP
IP
37
Datagram Delivery Protocol
ddp
Cisco IOS XE Release 3.1S
DDX
IP
116
D-II Data Exchange
ddx
Cisco IOS XE Release 3.1S
DGP
IP
86
Dissimilar Gateway Protocol
dgp
Cisco IOS XE Release 3.1S
DSR
IP
48
Dynamic Source Routing Protocol
dsr
Cisco IOS XE Release 3.1S
EGP
IP
8
Exterior Gateway Protocol
egp
Cisco IOS XE Release 3.1S
EIGRP
IP
88
Enhanced Interior Gateway Routing Protocol
eigrp
Cisco IOS XE Release 3.1S
EMCON
IP
14
EMCON
emcon
Cisco IOS XE Release 3.1S
Encap
IP
98
Encapsulation Header
encap
15.1(3)T
EtherIP
IP
97
Ethernet-within-IP Encapsulation
etherip
Cisco IOS XE Release 3.1S
FC
IP
133
Fibre Channel
fc
Cisco IOS XE Release 3.1S
FIRE
IP
125
FIRE
fire
Cisco IOS XE Release 3.1S
GGP
IP
3
Gateway-to-Gateway
ggp
Cisco IOS XE Release 3.1S
GMTP
IP
100
GMTP
gmtp
Cisco IOS XE Release 3.1S
GRE
IP
47
General Routing Encapsulation
gre
Cisco IOS XE Release 3.1S
HIP
IP
139
Host Identity Protocol
hip
Cisco IOS XE Release 3.1S
HMP
IP
20
Host Monitoring
hmp
Cisco IOS XE Release 3.1S
HopOpt
IP
0
IPv6 Hop-by-Hop Option
hopopt
Cisco IOS XE Release 3.1S
ICQ
TCP
80, Heuristic
I seek you Instant Messaging Protocol
icq
Cisco IOS XE Release 3.3S
IATP
IP
117
Interactive Agent Transfer Protocol
iatp
Cisco IOS XE Release 3.1S
ICMP
IP
1
Internet Control Message
icmp
Cisco IOS XE Release 3.1S
IDPR
IP
35
Inter-Domain Policy Routing Protocol
idpr
Cisco IOS XE Release 3.1S
IDPR-CMTP
IP
38
IDPR Control Message Transport Protocol
idpr-cmtp
Cisco IOS XE Release 3.1S
IDRP
IP
45
Inter-Domain Routing Protocol
idrp
Cisco IOS XE Release 3.1S
IFMP
IP
101
Ipsilon Flow Management Protocol
ifmp
Cisco IOS XE Release 3.1S
IGRP
IP
9
Cisco interior gateway
igrp
Cisco IOS XE Release 3.1S
IL
IP
40
IL Transport Protocol
il
Cisco IOS XE Release 3.1S
I-NLSP
IP
52
Integrated Net Layer Security TUBA
i-nlsp
Cisco IOS XE Release 3.1S
IMPCOMP
IP
108
IP Payload Compression Protocol
ipcomp
Cisco IOS XE Release 3.1S
IPCU
IP
71
Internet Packet Core Utility
ipcv
Cisco IOS XE Release 3.1S
IPinIP
IP
4
IP in IP
ipinip
Cisco IOS XE Release 3.1S
IPIP
IP
94
IP-within-IP Encapsulation Protocol
ipip
Cisco IOS XE Release 3.1S
IPLT
IP
129
IPLT
iplt
Cisco IOS XE Release 3.1S
IPPC
IP
67
Internet Pluribus Packet Core
ippc
Cisco IOS XE Release 3.1S
IPv6-Frag
IP
44
Fragment Header for IPv6
ipv6-frag
Cisco IOS XE Release 3.1S
IPv6-ICMP
IP
58
ICMP for IPv6
ipv6-icmp
Cisco IOS XE Release 3.1S
IPv6INIP
IP
41
Ipv6 encapsulated
ipv6inip
Cisco IOS XE Release 3.1S
IPv6-NONXT
IP
59
No Next Header for IPv6
ipv6-nonxt
Cisco IOS XE Release 3.1S
IPv6-Opts
IP
60
Destination Options for IPv6
ipv6-opts
Cisco IOS XE Release 3.1S
IPv6-Route
IP
43
Routing Header for IPv6
ipv6-route
Cisco IOS XE Release 3.1S
IRTP
IP
28
Internet Reliable Transaction
irtp
Cisco IOS XE Release 3.1S
ISIS
IP
124
ISIS over IPv4
isis
Cisco IOS XE Release 3.1S
ISO-TP4
IP
29
ISO Transport Protocol Class 4
iso-tp4
Cisco IOS XE Release 3.1S
IXP-in-IP
IP
111
IPX in IP
ixp-in-ip
Cisco IOS XE Release 3.1S
LARP
IP
91
Locus Address Resolution Protocol
larp
Cisco IOS XE Release 3.1S
Leaf-1
IP
25
Leaf-1
leaf-1
Cisco IOS XE Release 3.1S
6to4 IPv6 Tunneled
L3 Protocol
—
6to4 IPv6 Tunneled
6to4 IPv6 Tunneled
Cisco IOS XE Release 3.2S
AYIYA IPv6 Tunneled
UDP
5072
IPv6 Tunneled based on AYIYA traffic
AYIYA IPv6 Tunneled
Cisco IOS XE Release 3.2S
BabelGum
TCP, UDP
80 + Heuristic
BabelGum
BabelGum
Cisco IOS XE Release 3.2S
Baidu Movie
TCP, UDP
80 + Heuristic
Baidu Movie
Baidu Movie
Cisco IOS XE Release 3.2S
DHCP
UDP
67,68
Dynamic Host Configuration Protocol
dhcp
Cisco IOS XE Release 3.2S
DHT
UDP
Heuristic
Distributed sloppy Hash Table Protocol
DHT
Cisco IOS XE Release 3.2S
Filetopia
TCP
Heuristic
Filetopia P2P file sharing
filetopia
Cisco IOS XE Release 3.2S
Fring-VoIP
UDP
Heuristic
Fring VoIP
fring-voip
Cisco IOS XE Release 3.3S
GoogleEarth
TCP
80 + Heuristic
GoogleEarth
GoogleEarth
Cisco IOS XE Release 3.2S
Guruguru
TCP
Heuristic
Guruguru
guruguru
Cisco IOS XE Release 3.2S
IMAP
TCP
143,220
Internet Mail Access Protocol
imap
Cisco IOS XE Release 3.2S
IRC
TCP
80 + Heuristic
IRC
IRC
Cisco IOS XE Release 3.2S
ISATAP IPv6 Tunneled
L3 Protocol
Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) IPv6 Tunneled
ISATAP IPv6 Tunneled
Cisco IOS XE Release 3.2S
iTunes
TCP
80 + Heuristic
iTunes
iTunes
Cisco IOS XE Release 3.2S
Kuro
TCP
Heuristic
Kuro
kuro
Cisco IOS XE Release 3.3S
Manolito
TCP, UDP
TCP - Heuristic port, UDP - 41170
Manolito P2P music sharing protocol
manolito
Cisco IOS XE Release 3.2S
MapleStory
TCP
Heuristic
Maple Story Gaming Protocol
MapleStory
Cisco IOS XE Release 3.2S
MGCP
TCP, UDP
UDP 2427/2727 - TCP 2427/2428/2727 + Heuristic
Media Gateway Control Protocol
MGCP
Cisco IOS XE Release 3.2S
Microsoftds
TCP, UDP
445
Microsoft-ds
microsoftds
Cisco IOS XE Release 3.3S
MSN Messenger
TCP
1080,1863, 80, Hueristic
MSN Messenger
msn-messenger
Cisco IOS XE Release 3.3S
MyJabber File Transfer
TCP
Heuristic
MyJabber File Transfer
MyJabber File Transfer
Cisco IOS XE Release 3.2S
Napster
TCP
80 + Heuristic
Napster
napster
Cisco IOS XE Release 3.2S
Netshow
TCP
1755 + Heuristic
Netshow
netshow
Cisco IOS XE Release 3.2S
NNTP
TCP
TCP - 119 + Heuristic, UDP -119
Network News Transfer Protocol
NNTP
Cisco IOS XE Release 3.2S
NTP
UDP
123
Network Time Protocol
NTP
Cisco IOS XE Release 3.2S
Pando
TCP,UDP
TCP - 80 + Heuristic, UDP - Heuristic
Pando
Pando
Cisco IOS XE Release 3.2S
POCO
TCP, UDP
Heuristic
POCO File-Sharing Application
POCO
Cisco IOS XE Release 3.2S
POP3
TCP
110, Heuristic
POP3
POP3
Cisco IOS XE Release 3.2S
PPTP
TCP
1723
Point-to-Point Tunneling Protocol
pptp
Cisco IOS XE Release 3.2S
RADIUS
UDP
1812, 1813
Remote Authentication Dial In User Service protocol
radius
Cisco IOS XE Release 3.3S
SIP
TCP, UDP
TCP/UDP - 5060 + Heuristic
Session Initiation Protocol
sip
Cisco IOS XE Release 3.2S
Skinny
TCP
2000-2002
Skinny Call Control Protocol
skinny
Cisco IOS XE Release 3.3S
Soribada
TCP
TCP - 80 + Heuristic, UDP - Heuristic
Soribada, Korean P2P music sharing Protocol
soribada
Cisco IOS XE Release 3.2S
Soulseek
TCP
Heuristic
SoulSeek internet download manager Protocol
soulseek
Cisco IOS XE Release 3.3S
TeamSpeak
UDP
Heuristic
TeamSpeak internet based voice-conferencing Protocol
TeamSpeak
Cisco IOS XE Release 3.2S
Telepresence-control
TCP,UDP
TCP- 5060, UDP- Heuristic
Telepresence-control
telepresence-control
Cisco IOS XE Release 3.2S
Teredo IPv6 Tunneled
TCP,UDP
TCP- Heuristic, UDP - 3544 + Heuristic
Teredo IPv6 Tunneled
teredo-ipv6-tunneled
Cisco IOS XE Release 3.2S
TFTP
UDP
69
Trivial File Transfer Protocol
tftp
Cisco IOS XE Release 3.2S
TomatoPang
TCP
Heuristic
TomatoPang P2P Sharing Protocol
TomatoPang
Cisco IOS XE Release 3.2S
Tunnel-HTTP
TCP
80 + Heuristic
HTTP Tunneling
tunnel-http
Cisco IOS XE Release 3.2S
Ventrilo
TCP, UDP
Heuristic
Ventrilo VoIP Protocol
Ventrilo
Cisco IOS XE Release 3.2S
Waste
TCP/UDP
Heuristic
Waste
waste
Cisco IOS XE Release 3.3S
WebThunder
TCP, UDP
TCP-80, UDP-Heuristic
WebThunder Peer-to-Peer File Sharing
WebThunder
Cisco IOS XE Release 3.2S
Yahoo-Messenger
TCP
TCP-5050/5101/1080/119/80 /Heuristic
Yahoo Messenger
yahoo-messenger
Cisco IOS XE Release 3.3S
Yahoo-Messenger-
VoIPTCP/UDP
Heuristic
Yahoo Messenger VoIP
yahoo-voip-messenger
Cisco IOS XE Release 3.3S
1 For Cisco IOS XE Release 2.5, Cisco supports Exchange 03 and 07 only. MS client access is recognized, but web client access is not recognized.
2 Cisco software supports Skype 1.0, 2.5, 3.0, and 4.0. In Skype 4.0, the classification may not be complete.
3 BitTorrent classifies only unencrypted traffic.
4 eDonkey classifies only unencrypted traffic.
5 AOL-Protocol classifies traffic shared between ICQ and AOL clients.
NBAR Protocol Discovery
NBAR includes a feature called Protocol Discovery. Protocol discovery provides an easy way to discover protocol packets passing through an interface. For more information about Protocol Discovery, see the "Enabling Protocol Discovery" module.
NBAR Protocol Discovery MIB
The NBAR Protocol Discovery MIB expands the capabilities of NBAR Protocol Discovery by providing the following new functionality through Simple Network Management Protocol (SNMP):
•
•
•
•
For more information about the NBAR Protocol Discovery MIB, see the "Network-Based Application Recognition Protocol Discovery Management Information Base" module.
NBAR Configuration Processes
You can configure NBAR in the following two ways:
•
•
For more information about the NBAR configuration, see the Cisco IOS XE QoS Configuration Guide.
Restarting NBAR
NBAR is restarted under the following events described below.
•
•
•
•
•
•
Restart involves deactivating and reactivating NBAR. During this time, all packets are classified as `Unknown' by NBAR. Once NBAR is reactivated, classification is activated.
Note
NBAR Protocol Pack
NBAR Protocol Pack provides an easy way to update the protocols supported by NBAR without replacing the base IOS image that is already present in the router. A protocol pack is a set of protocols developed and packed together. For more information about NBAR Protocol Pack, see the NBAR Protocol Pack feature document in Cisco IOS XE QoS Configuration Guide.
NBAR and Multipacket Classification
In Cisco IOS XE Release 3.3S, NBAR provides the ability to search large number of multipacket signatures simultaneously. This new technique is supported for many of the new protocols in Cisco IOS XE Release 3.3S and later releases. This technique also provides improved performance and accuracy for other protocols. Along with the support for new signatures, the multipacket classification capabilities change NBAR behavior in the following ways:
1.
2.
3.
4.
5.
NBAR on VRF Interfaces
In Cisco IOS XE Release 3.3S and later releases, the NBAR IPv4 and IPv6 classification on VRF interfaces is supported:
Note
NBAR and IPv6
In Cisco IOS XE Release 3.3S and later releases, the following are supported:
•
•
•
Configuration Examples for Classifying Network Traffic Using NBAR in Cisco IOS XE Software
•
•
•
Example: Classification of HTTP Traffic Using the HTTP Header Fields
In the following example, any request message that contains "somebody@cisco.com" in the User-Agent, Referer, or From fields will be classified by NBAR. Typically, a term with a format similar to "somebody@cisco.com" would be found in the From header field of the HTTP request message.
class-map match-all class1match protocol http from "somebody@cisco.com"In the following example, any request message that contains "http://www.cisco.com/routers" in the User-Agent, Referer, or From fields will be classified by NBAR. Typically, a term with a format similar to "http://www.cisco.com/routers" would be found in the Referer header field of the HTTP request message.
class-map match-all class2match protocol http referer "http://www.cisco.com/routers"In the following example, any request message that contains "CERN-LineMode/2.15" in the User-Agent, Referer, or From header field will be classified by NBAR. Typically, a term with a format similar to "CERN-LineMode/2.15" would be found in the User-Agent header field of the HTTP request message.
class-map match-all class3match protocol http user-agent "CERN-LineMode/2.15"In the following example, any response message that contains "CERN/3.0" in the Content-Base (if available), Content-Encoding, Location, or Server header field will be classified by NBAR. Typically, a term with a format similar to "CERN/3.0" would be found in the Server header field of the response message.
class-map match-all class4match protocol http server "CERN/3.0"In the following example, any response message that contains "http://www.cisco.com/routers" in the Content-Base (if available), Content-Encoding, Location, or Server header field will be classified by NBAR. Typically, a term with a format similar to "http://www.cisco.com/routers" would be found in the Content-Base (if available) or Location header field of the response message.
class-map match-all class5match protocol http location "http://www.cisco.com/routers"In the following example, any response message that contains "gzip" in the Content-Base (if available), Content-Encoding, Location, or Server header field will be classified by NBAR. Typically, the term "gzip" would be found in the Content-Encoding header field of the response message.
class-map match-all class6match protocol http content-encoding "gzip"Example: Combinations of Classification of HTTP Headers and URL, Host, or MIME Type to Identify HTTP Traffic
In the following example, HTTP header fields are combined with a URL to classify traffic. In this example, traffic with a User-Agent field of "CERN-LineMode/3.0" and a Server field of "CERN/3.0," along with URL "www.cisco.com/routers," will be classified using NBAR:
class-map match-all c-http match protocol http user-agent "CERN-LineMode/3.0" match protocol http server "CERN/3.0" match protocol http url "www.cisco.com/routers"Example: NBAR and Classification of Custom Protocols and Applications
In the following example, the custom protocol app-sales1 will identify TCP packets that have a source port of 4567 and that contain the term "SALES" in the fifth byte of the payload:
Router(config)# ip nbar custom app-sales1 5 ascii SALES source tcp 4567In the following example, the custom protocol virus-home will identify UDP packets that have a destination port of 3000 and that contain "0x56" in the seventh byte of the payload:
Router(config)# ip nbar custom virus-home 7 hex 0x56 destination udp 3000In the following example, the custom protocol media_new will identify TCP packets that have a destination or source port of 4500 and that have a value of 90 at the sixth byte of the payload:
Router(config)# ip nbar custom media_new 6 decimal 90 tcp 4500In the following example, the custom protocol msn1 will look for TCP packets that have a destination or source port of 6700:
Router(config)# ip nbar custom msn1 tcp 6700In the following example, the custom protocol mail_x will look for UDP packets that have a destination port of 8202:
Router(config)# ip nbar custom mail_x destination udp 8202In the following example, the custom protocol mail_y will look for UDP packets that have destination ports between 3000 and 4000 inclusive:
Router(config)# ip nbar custom mail_y destination udp range 3000 4000Example: NBAR and Classification of Peer-to-Peer File-Sharing Applications
The match protocol gnutella file-transfer regular-expression and match protocol fasttrack file-transfer regular-expression commands are used to enable Gnutella and FastTrack classification in a traffic class. The file-transfer keyword indicates that a regular expression variable will be used to identify specific Gnutella or FastTrack traffic. The regular-expression variable can be expressed as "*" to indicate that all FastTrack or Gnutella traffic be classified by a traffic class.
In the following example, all FastTrack traffic is classified into class map nbar:
class-map match-all nbar match protocol fasttrack file-transfer "*"Similarly, all Gnutella traffic is classified into class map nbar in the following example:
class-map match-all nbar match protocol gnutella file-transfer "*"Wildcard characters in a regular expression can also be used to identify specified Gnutella and FastTrack traffic. These regular expression matches can be used to match on the basis of a filename extension or a particular string in a filename.
In the following example, all Gnutella files that have the .mpeg extension will be classified into class map nbar.
class-map match-all nbar match protocol gnutella file-transfer "*.mpeg"In the following example, only Gnutella traffic that contains the characters "cisco" is classified:
class-map match-all nbar match protocol gnutella file-transfer "*cisco*"The same examples can be used for FastTrack traffic:
class-map match-all nbar match protocol fasttrack file-transfer "*.mpeg"or
class-map match-all nbar match protocol fasttrack file-transfer "*cisco*"Additional References
Related Documents
Cisco IOS commands
QoS commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples
Classifying network traffic if not using NBAR
Marking network traffic
"Marking Network Traffic" module
MQC
Protocol Discovery
Standards
MIBs
RFCs
Technical Assistance
Feature Information for Classifying Network Traffic Using NBAR
Table 4 lists the features in this module and provides links to specific configuration information.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note
Table 4 Feature Information for Classifying Network Traffic Using NBAR in Cisco IOS XE software
Additional PDL Support for NBAR
Cisco IOS XE Release 3.1S
Additional PDL Support for NBAR feature provides support for additional PDLs.
The following section provides information about this feature:
Enhanced NBAR
Cisco IOS XE Release 3.2S
The Enhanced NBAR feature provides additional PDLs for Cisco IOS XE Release 3.2S.
The following section provides information about this feature:
NBAR PDLM Supported in ASR 1000 Release 2.5
Cisco IOS XE Release 2.5
Cisco IOS XE Release 3.1S
Cisco IOS XE Release 3.3SThis feature was integrated into Cisco IOS XE Release 2.5. NBAR-supported protocols were added for this release.
The following section provides information about this feature:
•
The following command was modified: match protocol (NBAR).
NBAR Protocols
Cisco IOS XE Release 2.3
This feature was integrated into Cisco IOS XE Release 2.3. NBAR-supported protocols were added for this release.
The following section provides information about this feature:
•
The following command was modified: match protocol (NBAR).
NBAR Real-time Transport Protocol Payload Classification
Cisco IOS XE Release 2.1
This feature was introduced on Cisco ASR 1000 Series Aggregation Services Routers.
The following section provides information about this feature:
NBAR Static IPv4 IANA Protocols Pack1
Cisco IOS XE Release 3.1S
This feature was introduced on Cisco ASR 1000 Series Aggregation Services Routers.
The following section provides information about this feature:
NBAR VRF aware
Cisco IOS XE Release 3.3S
This feature was introduced on Cisco ASR 1000 Series Aggregation Services Routers.
The following section provides information about this feature:
Glossary
encryption—Encryption is the application of a specific algorithm to data so as to alter the appearance of the data, making it incomprehensible to those who are not authorized to see the information.
HTTP—Hypertext Transfer Protocol. The protocol used by web browsers and web servers to transfer files, such as text and graphic files.
IANA—Internet Assigned Numbers Authority. An organization operated under the auspices of the Internet Society (ISOC) as a part of the Internet Architecture Board (IAB). IANA delegates authority for IP address-space allocation and domain-name assignment to the InterNIC and other organizations. IANA also maintains a database of assigned protocol identifiers used in the TCP/IP stack, including autonomous system numbers.
LAN—local-area network. A high-speed, low-error data network that covers a relatively small geographic area (up to a few thousand meters). LANs connect workstations, peripherals, terminals, and other devices in a single building or other geographically limited area. LAN standards specify cabling and signaling at the physical and data link layers of the Open System Interconnection (OSI) model. Ethernet, FDDI, and Token Ring are widely used LAN technologies.
MIME—Multipurpose Internet Mail Extension. The standard for transmitting nontext data (or data that cannot be represented in plain ASCII code) in Internet mail, such as binary, foreign language text (such as Russian or Chinese), audio, and video data. MIME is defined in RFC 2045, Multipurpose Internet Mail Extension (MIME) Part One: Format of Internet Message Bodies.
MPLS—Multiprotocol Label Switching. A switching method that forwards IP traffic using a label. This label instructs the routers and the switches in the network where to forward the packets based on preestablished IP routing information.
MQC—modular quality of service command-line interface. A command-line interface that allows you to define traffic classes, create and configure traffic policies (policy maps), and then attach the policy maps to interfaces. The policy maps are used to apply the appropriate quality of service (QoS) to network traffic.
Protocol Discovery—A feature included with NBAR. Protocol Discovery provides a way to discover the application protocols that are operating on an interface.
QoS—quality of service. A measure of performance for a transmission system that reflects its transmission quality and service availability.
RTCP—RTP Control Protocol. A protocol that monitors the QoS of an IPv6 Real-Time Transport Protocol (RTP) connection and conveys information about the ongoing session.
stateful protocol—A protocol that uses TCP and UDP port numbers that are determined at connection time.
static protocol—A protocol that uses well-defined (predetermined) TCP and UDP ports for communication.
subport classification—The classification of network traffic by information that is contained in the packet payload; that is, information found beyond the TCP or UDP port number.
TCP—Transmission Control Protocol. A connection-oriented transport layer protocol that provides reliable full-duplex data transmission. TCP is part of the TCP/IP protocol stack.
tunneling—Tunneling is an architecture that is designed to provide the services necessary to implement any standard point-to-point encapsulation scheme.
UDP—User Datagram Protocol. A connectionless transport layer protocol in the TCP /IP protocol stack. UDP is a simple protocol that exchanges datagrams without acknowledgments or guaranteed delivery, requiring that error processing and retransmission be handled by other protocols. UDP is defined in RFC 768, User Datagram Protocol.
WAN—wide-area network. A data communications network that serves users across a broad geographic area and often uses transmission devices provided by common carriers.
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2006-2011 Cisco Systems, Inc. All rights reserved.
