Release Notes for NBAR2 Protocol Pack 21.0.0

Overview

NBAR2 Protocol Pack 21.0.0 provides a new solution for mapping media clients and servers. This solution allows NBAR2 to classify hardware clients and servers from the first packet.

This Protocol Pack is available for specific earlier versions of Cisco IOS and IOS XE, as described in Supported Releases.

Supported Platforms

NBAR2 Protocol Pack 21.0.0 is supported on the following platforms:

  • Cisco ASR 1000 Series Aggregation Services Routers (ASR1000)

  • Cisco 4000 Series Integrated Services Routers (ISR4000)

  • Cisco Integrated Services Routers Generation 2 (ISRG2)

Supported Releases

NBAR Protocol Pack 21.0.0 is supported on the following releases:

Built-in

Supported on Maintenance Releases

-

Cisco IOS XE 3.16.2S Version 15.5(3)S2 and later maintenance releases of 3.16.(x)S/15.5(3)S(x)

Cisco IOS Version 15.5(3)M2 and later maintenance releases of 15.5(3)M(x)

New Protocols in NBAR2 Protocol Pack 21.0.0

The table below indicates the new protocols added in NBAR2 Protocol Pack 21.0.0 (protocols added since 20.0.0).

Protocol Name

Common Name

Long Description

cisco-collab-video

Cisco Collaboration Video

Cisco Collaboration Video by various Cisco Unified Communication clients.

cisco-collab-control

Cisco Collaboration Control

Cisco Collaboration Control messages by various Cisco Unified Communication clients.

cisco-phone-control

Cisco Phone Control

Control flow of Cisco IP phone.

Updated Protocols in NBAR2 Protocol Pack 21.0.0

The table below indicates the protocol(s) updated in NBAR2 Protocol Pack 21.0.0 (protocols updated since 20.0.0).

Protocol

Updates

cisco-collaboration

Updated signatures

cisco-phone

Updated signatures, changed attributes

cisco-phone-media

Changed attributes

cisco-phone-video

Changed attributes

conference-server

Updated signatures

conferencing

Updated signatures

rtcp

Updated signatures

rtp-audio

Updated signatures

sip

Updated signatures

telepresence-audio

Updated signatures

telepresence-media

Updated signatures

telnet

Updated signatures

Deprecated Protocols in NBAR2 Protocol Pack 21.0.0

In this release, no protocols have changed status to deprecated.

Caveats in NBAR2 Protocol Pack 21.0.0


Note

If you have an account on Cisco.com, you can view information on select caveats, using the Bug Search Tool (https:/​/​tools.cisco.com/​bugsearch/​search).

Caveats Resolved in NBAR2 Protocol Pack 21.0.0

No caveats were resolved in NBAR2 Protocol Pack 21.0.0 for Cisco IOS Version 15.5(3)M2 and IOS-XE 3.16.2S Version 15.5(3)S2 (since 20.0.0).

Known Caveats in NBAR2 Protocol Pack 21.0.0

The following table lists the known caveats in NBAR2 Protocol Pack 21.0.0 for Cisco IOS Version 15.5(3)M2 and IOS-XE 3.16.2S Version 15.5(3)S2 (since 20.0.0):

Known Caveat

Description

CSCuh49380

PCoIP session-priority configuration limitation.

CSCuh53623

Segmented packets are not classified when using NBAR sub classification.

CSCun61772

IPv4 bundles might be used in IPv6 traffic.

Downloading NBAR2 Protocol Pack 21.0.0

NBAR2 Protocol Packs are available for download on the Cisco.com software download page (http:/​/​www.cisco.com/​cisco/​software/​navigator.html). On the download page, specify a platform model to display software available for download. One software option will be NBAR2 Protocol Packs.

Example

To display protocol packs available for the Cisco ASR 1001 platform, the navigation path is:

Products > Routers > Service Provider Edge Routers > ASR 1000 Series Aggregation Services Routers > ASR 1001 Router

Special Notes and Limitations

Protocol Name

Special Note or Limitation

Applicable to NBAR2 Protocol Pack 21.0.0 for Cisco IOS Version 15.5(3)M2 and IOS-XE 3.16.2S Version 15.5(3)S2

apple-app-store

Login and a few encrypted sessions are classified as iTunes.

Yes

bittorrent

HTTP traffic generated by the bitcomet bittorrent client might be classified as HTTP.

Yes

capwap-data

For capwap-data to be classified correctly, capwap-control must also be enabled.

Yes

ftp

During configuring QoS class-map with ftp-data, the FTP protocol must be selected. As an alternative, the FTP application group can be selected.

Yes

hulu

Encrypted video streaming generated by hulu may be classified as its underlying protocol rtmpe.

Yes

logmein

Traffic generated by the LogMeIn android app may be classified incorrectly as ssl.

Yes

ms-lync

Login and chat traffic generated by the ms-lync client may be classified incorrectly as ssl.

Yes

pcanywhere

Traffic generated by pcAnywhere for Mac may be classified as unknown.

Yes

perfect-dark

Some perfect-dark sessions may be classified as unknown.

Yes

qq-accounts

Login to QQ applications which is not via the internet may not be classified as qq-accounts.

Yes

ssl

The Sub Classification (SC) mechanism was modified to include search for wildcard.

Note   

The SC rule for the part of the Server Name Indication (SNI) or the common name (CN) can now include a wildcard. If a wildcard is not used, the complete SNI or the CN is required.

For example, you can either use, "*.pqr.com" or "abc.pqr.com" to classify abc.pqr.com.

Yes

Additional References

Related Documentation

Related Topic

Document Title

Application Visibility and Control

Cisco Application Visibility and Control User Guide

Classifying Network Traffic Using NBAR

Classifying Network Traffic Using NBAR module

NBAR Protocol Pack

NBAR Protocol Pack module

QoS: NBAR Configuration Guide

QoS: NBAR Configuration Guide, Cisco IOS XE 3S

QoS: NBAR Configuration Guide, Cisco IOS XE 16

QoS Command Reference

Quality of Service Solutions Command Reference