The NBAR Categorization and Attributes feature provides the mechanism to match protocols or applications based on certain attributes. Categorizing the protocols and applications into different groups will help with reporting and performing group actions, such as applying QoS policies, on them. Attributes are statically assigned to each protocol or application, and they are not dependent on the traffic. The following attributes are available to configure the match criteria using the
match protocol attribute command:
application-group keyword allows the configuration of applications grouped together based on the same networking application as the match criteria. For example, Yahoo-Messenger, Yahoo-VoIP-messenger, and Yahoo-VoIP-over-SIP are grouped together under the yahoo-messenger-group.
category keyword allows you to configure applications that are grouped together based on the first level of categorization for each protocol as the match criteria. Similar applications are grouped together under one category. For example, the email category contains all email applications such as, Internet Mail Access Protocol (IMAP), Simple Mail Transfer Protocol (SMTP), Lotus Notes, and so forth.
sub-category keyword provides the option to configure applications grouped together based on the second level of categorization for each protocol as the match criteria. For example, clearcase, dbase, rda, mysql and other database applications are grouped under the database group.
encrypted keyword provides the option to configure applications grouped together based on whether the protocol is an encrypted protocol or not as the match criteria. Applications are grouped together based on the encrypted and nonencrypted status of the applications. Protocols for which the NBAR does not provide any value are categorized under the unassigned encrypted group.
tunnel keyword provides the option to configure protocols based on whether or not a protocol tunnels the traffic of other protocols. Protocols for which the NBAR does not provide any value are categorized under the unassigned tunnel group. For example, Layer 2 Tunneling Protocols (L2TP).
attribute provides the option to indicate whether or not a
protocol uses p2p technology.
Attribute-based protocol match configurations do not impact the granularity of classification either in reporting or in the Protocol Discovery information.
You can create custom values for the attributes application-group,
category, and sub-category. The custom values enable you to name the attributes
based on grouping of protocols. Use the
ip nbar attribute application-group custom
ip nbar attribute category custom
ip nbar attribute sub-category custom
sub-category-name commands to add custom values for the
attributes application-group, category, and sub-category, respectively.
The dynamically created custom attribute values can be used for
attribute-map creation when using the
ip nbar attribute-map command, and for
configuring the match criterion for a class-map when using the
match protocol attribute command.
The output from the
show ip nbar attribute-custom command displays
the number of custom values that can be defined for attributes, and the custom
values that are currently defined. The
show ip nbar attribute command displays all the
attributes including the custom attributes used by NBAR.
To remove the custom values, use the
no ip nbar attribute command.