- Release Notes for NBAR2 Protocol Pack 4.0.0
- 3COM-AMP3 through AYIYA-IPV6-TUNNELED
- BABELGUM through BR-SAT-MON
- CABLEPORT through CYCLESERV2
- DASP through DWR
- ECHO through EXEC
- FACEBOOK through FUJITSU-DEV
- GAME-SPY through GURUGURU
- H323 through HYPERWAVE-ISP
- IAFDBASE through JARGON
- KALI through LWAPP
- MAC-SRVR-ADMIN through MYSQL
- NAME through NXEDIT
- OBEX through OSU-NMS
- P10 through PWDGEN
- QBIKGDP through RXE
- SAFT through SYSTAT
- TACACS through TWITTER
- UAAC through VSLMP
- WAP-PUSH through ZSERV
Release Notes for NBAR2 Protocol Pack 4.0.0
Supported Platforms
Network Based Application Recognition (NBAR) Protocol Pack 4.0.0 is supported on Cisco ASR 1000 Series Aggregation Services Routers and Cisco ISR G2 Series Integrated Service Routers.
New Protocols in NBAR2 Protocol Pack 4.0.0
The following protocols are added to NBAR2 Protocol Pack 4.0.0:
| Common Name |
Syntax Name |
Description |
|---|---|---|
| Border Gateway Protocol |
bgp |
Border Gateway Protocol (BGP) is a protocol designed to share network information (for example, network reachability) between autonomous systems (AS). According to the information, the BGP routers build/modify their routing tables. The BGP protocol was designed to replace the Exterior Gateway Protocol (EGP). |
| DameWare Mini Remote Control |
dameware-mrc |
DameWare Mini Remote Control provides powerful remote control software for connecting to remote desktops, laptops, and server, to troubleshoot and solve issues. MRC allows users to control Mac OS X, Windows and Linux systems remotely, either by using the proprietary MRC protocol, or using other protocol such as Microsoft RDP, VNC, and Intel AMT KVM. |
| Layer 2 Tunneling Protocol |
l2tp |
Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as a part of the delivery of services by ISPs. L2TP does not provide any encryption or confidentiality by itself; L2TP relies on an encryption protocol that it passes within the tunnel to provide privacy. |
| SHOUTcast Internet Radio |
shoutcast |
SHOUTcast is cross-platform proprietary software for streaming media over the Internet. The software, developed by Nullsoft (purchased by AOL on June 1, 1999) allows digital audio content, primarily in MP3 or HE-AAC format, to be broadcast to and from media player software, enabling the creation of Internet radio stations. SHOUTcast Radio is a related website which provides a directory of SHOUTcast stations. The SHOUTcast protocol supports the traffic of listening to a radio channel on different platforms. The traffic of broadcasting a radio channel is not included. |
| Webex Application Sharing |
webex-app-sharing |
WebEx-App-Sharing is granular classification of WebEx protocol application sharing traffic, configured with HTTP-proxy. |
| Webex Media |
webex-media |
WebEx-Media is granular classification of WebEx protocol video, audio, and file sharing traffic, configured with HTTP-proxy. |
| Xunlei Kankan |
xunlei-kankan |
Xunlei Kankan is a Chinese video sharing website and a desktop application. Xunlei Kankan enables users to watch high quality video content that is available on windows android and iOS. |
Updated Protocols in NBAR2 Protocol Pack 4.0.0
The following protocols are updated in NBAR2 Protocol Pack 4.0.0:
| Protocol |
Updates |
|---|---|
| citrix |
Updated signatures to support the iDevices and android apps. |
| netflix |
Updated signatures to support the iPad app. |
Caveats in NBAR2 Protocol Pack 4.0.0
 Note |
If you have an account on Cisco.com, you can also use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and go to http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. (If the defect that you have requested cannot be displayed, this may be due to one or more of the following reasons: the defect number does not exist, the defect does not have a customer-visible description yet, or the defect has been marked Cisco Confidential.) |
Resolved Caveats in NBAR2 Protocol Pack 4.0.0
The following table lists the resolved caveats in NBAR2 Protocol Pack 4.0.0:
| Resolved Caveat |
Description |
|---|---|
| CSCuc31791 |
Oracle-sqlnet traffic misclassified as Ncube-lm. |
| CSCud50646 |
Traffic generated by the Netflix iPad app might be misclassified as http. |
| CSCud60751 |
Login traffic generated by xunlei client might be misclassified as unknown. |
Known Caveats in NBAR2 Protocol Pack 4.0.0
The following table lists the known caveats in NBAR2 Protocol Pack 4.0.0:
| Known Caveat |
Description |
|---|---|
| CSCtx65481 |
Traffic generated by pcAnywhere for mac and pcAnywhere mobile app might be misclassified as unknown |
| CSCub62860 |
gtalk-video might be misclassified as rtp |
| CSCub89835 |
gbridge pc client might not be blocked |
| CSCuc43505 |
Traffic generated by AIM Pro might be misclassified as unknown and webex-meeting |
| CSCuc57822 |
NBAR classification granularity may not work or some protocols may be classified as unknown. The CSCuc57822 caveat is specific to Cisco IOS XE Release 3.7S on Cisco ASR 1000 Series Aggregation Services Routers. |
| Cscud99705 |
In rare situations, HTTP traffic may be classified as QQlive |
| CSCue08462 |
Some Xunlei-KanKan traffic may be misclassified as Xunlei |
| CSCue47354 |
HTTP field-extraction is not working as expected |
Restrictions and Limitations in NBAR2 Protocol Pack 4.0.0
| Protocol |
Limitation/Restriction |
|---|---|
| bittorrent |
http traffic generated by the bitcomet bittorrent client might be classified as http |
| livemeeting |
Application is discontinued and replaced with ms-lync, traffic generated by livemeeting may be classified as ms-lync |
| hulu |
Encrypted video streaming generated by hulu might be classified as its underlying protocol rtmpe |
| logmein |
Traffic generated by the logmein android app might be misclassified as ssl |
| ms-lync |
Login and chat traffic generated by the ms-lync client might be misclassified as ssl |
| secondlife |
Voice traffic generated by secondlife might be misclassified as ssl |
Downloading NBAR2 Protocol Packs
NBAR2 Protocol Packs are available for download as Software Type 'NBAR2 Protocol Pack' on cisco.com software download page (http://www.cisco.com/cisco/software/navigator.html).
Additional References
Related Documents
| Related Topic |
Document Title |
|---|---|
| Application Visibility and Control |
|
| Classifying Network Traffic Using NBAR |
|
| NBAR Protocol Pack |
NBAR Protocol Pack module |
| QoS: NBAR Configuration Guide |
|
| QoS Command Reference |
Quality of Service Solutions Command Reference |
Feedback