Release Notes for NBAR2 Protocol Pack 15.0.0

Overview

NBAR2 Protocol Pack 15.0.0 contains the Enhanced Web Classification feature that supports multi-transactions export of URLs. For more information on this feature, see Classifying Network Traffic Using NBAR

Supported Platforms

NBAR2 Protocol Pack 15.0.0 is supported on the following platforms:

  • Cisco ASR 1000 Series Aggregation Services Routers (ASR1000)

  • Cisco 4000 Series Integrated Services Routers (ISR4000)

  • Cisco Integrated Services Routers Generation 2 (ISRG2)

Supported Releases

NBAR Protocol Pack 15.0.0 is supported on the following releases:

Built-in

Supported on Maintenance Releases

Cisco IOS XE 3.17S Version 15.6(1)S

Cisco IOS-XE 3.13.2S Version 15.4(3)S2 and later

Cisco IOS Version 15.4(3)M2 and later

Cisco IOS XE 3.16.1S Version 15.5(3)S1and later

Cisco IOS Version 15.5(3)M1 and later

New Protocols in NBAR2 Protocol Pack 15.0.0

The table below lists the new protocols for NBAR2 Protocol Pack 15.0.0.

Protocol Name

Common Name

Long Description

wifi-calling

Wi-Fi Calling

Wi-Fi Calling uses WiFi to provide better mobile phone coverage for a mobile carrier.

ms-services

Microsoft Services

Microsoft Services is a set of tools, APIs and web services used by Microsoft applications.

Updated Protocols in NBAR2 Protocol Pack 15.0.0

The table below lists the protocols updated in NBAR2 Protocol Pack 15.0.0.

Protocol

Updates

dropbox

Updated signatures

itunes

Updated signatures

ms-live-accounts

Updated signatures

ms-lync

Signatures were updated to support the Skype business client

ms-lync-audio

Signatures were updated to support the Skype business client

ms-lync-video

Signatures were updated to support the Skype business client

telepresence-media

Signatures were updated to support Cisco Telepresence MX300

Deprecated Protocols in NBAR2 Protocol Pack 15.0.0

None

Protocols Not Applicable for Cisco IOS XE 3.13.x

NBAR2 Protocol Pack 15.0.0 can operate on platforms using Cisco IOS XE 3.13.2 and later. On these platforms, the following protocols are not applicable.

Protocol

4chan

58-city

abc-news

accuweather

adcash

addthis

adweek

airbnb

allrecipes

ameba

american-express

ancestry-com

ask-com

asus

atlassian

att-web-services

audible-com

aweber

backpage

badoo

bandcamp-com

bank-of-america

basecamp

bbc

bild-de

bing

bitbucket

bitly

blackboard-com

blaze-news

bleacher-report

bluehost

buffer-com

business-insider

buzzfeed

california-gov

capital-one

cbs

cbs-sports

chase-bank

citi-bank

clickbank

cnbc

cnet

conduit-com

constant-contact-com

coupons-com

coursera

craigslist

csdn

daily-mail

dangdang

daum

discover-com

disney-web-portal

douban

drudge-report-com

e-online

ehow-web-portal

engadget

entertainment-weekly

etsy

european-union-web-portal

eventbrite

evernote

fedex

feedly

fiver

flickr

foodnetwork

foursquare

fox-news

github

gizmodo

gmx-mail

godaddy

goodreads

hollywood-reporter

hootsuite

hostgator

hotels-com

huffingtonpost

imdb

indeed-com

independent-news

indiatimes

indiegogo

infusionsoft

intuit

investopedia

java-web-portal

jimdo

jingdong-360buy

joomla

kayak-com

kickstarter

letv-com

livedoor

liveperson

livestrong-com

mailchimp

major-league-baseball-com

mashable

mint-com

monster-com

mtv

nate-com

national-institute-of-health

national-public-radio

nbc-news

nhl-com

nike

noaa

ny-daily-news

nytimes

okcupid

outbrain

patch-com

paypal

pbs-web-portal

people-web

pinterest

playstation-store

playstation-web-portal

pocket

prezi

priceline-com

publishers-clearing-house

rakuten

realtor-com

rediff-com

retailmenot

reuters

rotten-tomatoes

rtp-audio

rtp-video

samsung

scribd

sfgate

shutterstock

sky-news

slate-magazine

slickdeals

sohu-com

southwest-airlines

speedtest

spiegel-online

stack-overflow

statcounter

swagbucks

t-mobile-web-services

tagged-com

taringa

ted

telegraph

tesco

the-atlantic

the-daily-beast

the-pirate-bay

thechive

thefreedictionary-com

tianya

time-news

tinyurl

tmz

torrentz

trulia

tudou

twitch-tv

typepad

unite-airlines

uol

usa-today

usaa

usbank

usps

verizon-web-services

verizon-wireless-web-services

vine

vkontakte

wall-street-journal

warriorforum

washington-post

weather-com

weather-gov-web-portal

webmd

weibo

wells-fargo

wetransfer

whitepages

wifi-calling

wikia

wired-com

wordreference-com

worldstarhiphop

wunderground-com

xbox-web-portal

xda-developers

xinhuanet

yandex

yellowpages-us

youku

zendesk

zillow

zippyshare

zulily

Caveats in NBAR2 Protocol Pack 15.0.0


Note

If you have an account on Cisco.com, you can also use the Bug Search Tool to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and open https:/​/​tools.cisco.com/​bugsearch/​search. (If the defect cannot be displayed, this may be because the defect number does not exist or the defect does not have a description.)

Resolved Caveats in NBAR2 Protocol Pack 15.0.0

The following table lists the resolved caveats in NBAR2 Protocol Pack 15.0.0:

Resolved Caveat

Description

CSCuu61615

Traffic generated by SIP based protocols (such as telepresence) might be classified as RTP

CSCuu99278

Traffic generated by capwap-data protocol might be misclassified

CSCuv56693

Traffic generated by Cisco Telepresence MX300 might be misclassified as RTP

Known Caveats in NBAR2 Protocol Pack 15.0.0

The following table lists the known caveats in NBAR2 Protocol Pack 15.0.0:

Known Caveat

Description

CSCuh49380

PCoIP session-priority configuration limitation

CSCuh53623

Segmented packets are not classified when using NBAR sub classification.

CSCun61772

IPv4 bundles might be used in IPv6 traffic

Downloading NBAR2 Protocol Pack 15.0.0

NBAR2 Protocol Packs are available for download as Software Type 'NBAR2 Protocol Pack' on cisco.com software download page (http:/​/​www.cisco.com/​cisco/​software/​navigator.html).

Special Notes and Limitations

Protocol Name

Special Note or Limitation

apple-app-store

Login and a few encrypted sessions are classified as iTunes

bittorrent

HTTP traffic generated by the bitcomet bittorrent client might be classified as HTTP.

capwap-data

For capwap-data to be classified correctly, capwap-control must also be enabled

ftp

During configuring QoS class-map with ftp-data, the FTP protocol must be selected. As an alternative, the FTP application group can be selected.

hulu

Encrypted video streaming generated by hulu may be classified as its underlying protocol rtmpe

logmein

Traffic generated by the logmein android app may be classified incorrectly as ssl

ms-lync

Login and chat traffic generated by the ms-lync client may be classified incorrectly as ssl

pcanywhere

Traffic generated by pcanywhere for mac may be classified as unknown

perfect-dark

Some perfect-dark sessions may be classified as unknown

qq-accounts

Login to QQ applications which is not via the internet may not be classified as qq-accounts

secondlife

Voice traffic generated by secondlife may be classified incorrectly as ssl

ssl

Sub Classification (SC) mechanism was modified to include search for wildcard.
Note   

SC rule for the part of the Server Name Indication (SNI) or the common name (CN) can now include a wildcard. If a wildcard is not used, the complete SNI or the CN is required.

For example, you can either use, "*.pqr.com" or "abc.pqr.com" to classify abc.pqr.com.

Additional References

Related Documents

Related Topic

Document Title

Application Visibility and Control

Cisco Application Visibility and Control User Guide

Classifying Network Traffic Using NBAR

Classifying Network Traffic Using NBAR module

NBAR Protocol Pack

NBAR Protocol Pack module

QoS: NBAR Configuration Guide

QoS: NBAR Configuration Guide

QoS Command Reference

Quality of Service Solutions Command Reference