- Release Notes for NBAR2 Protocol Pack 7.1.0
- 3COM-AMP3 through AYIYA-IPV6-TUNNELED
- BABELGUM through BR-SAT-MON
- CABLEPORT through CYCLESERV2
- DASP through DWR
- ECHO through EXEC
- FACEBOOK through FUJITSU-DEV
- GACP through GTP-USER
- H323 through HYPERWAVE-ISP
- IAFDBASE through JARGON
- KALI through LWAPP
- MAC-SRVR-ADMIN through MYSQL
- NAME through NXEDIT
- OBEX through OSU-NMS
- P10 through PWDGEN
- QBIKGDP through RXE
- SAFT through SYSTAT
- TACACS through TWITTER
- UAAC through VSLMP
- WAP-PUSH through ZSERV
- Index
Release Notes for NBAR2 Protocol Pack 7.1.0
Release Notes for NBAR2 Protocol Pack 7.1.0
Overview
NBAR2 Protocol Pack 7.1.0 contains the Enhanced Web Classification feature that supports multi-transactions export of URLs. For more information on this feature, see Classifying Network Traffic Using NBAR.
Supported Platforms
Network Based Application Recognition (NBAR) Protocol Pack 7.1.0 is supported on Cisco ASR 1000 Series Aggregation Services Routers.
Updated Protocols in NBAR2 Protocol Pack 7.1.0
The following protocols are updated in NBAR2 Protocol Pack 7.1.0:
| Protocol |
Updates |
|---|---|
| ms-lync |
Updated signatures to support Microsoft Lync 2013. |
| netflix |
Updated signatures. |
sip |
Updated signatures. |
sling |
Updated signatures to support mac client. |
ssl |
Updated signatures. |
youtube |
Updated signatures. |
Caveats in NBAR2 Protocol Pack 7.1.0
 Note |
If you have an account on Cisco.com, you can also use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and go to http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. (If the defect that you have requested cannot be displayed, this may be due to one or more of the following reasons: the defect number does not exist, the defect does not have a customer-visible description yet, or the defect has been marked Cisco Confidential.) |
Resolved Caveats in NBAR2 Protocol Pack 7.1.0
The following table lists the resolved caveats in NBAR2 Protocol Pack 7.1.0:
| Resolved Caveat |
Description |
|---|---|
| CSCuh95182 |
Some qqlive traffic may be misclassified as qq-accounts when qqlive is configured under a class-map |
| CSCui53625 |
SSL sub classification will not be matched if a built-in protocol was matched in the SSL client-hello message |
CSCui58918 |
SIP related protocols classification and RTP sub-classification may fail when compact headers are used |
CSCui58922 |
SIP related protocols classification and RTP sub-classification may fail when field extraction is activated and the 'contact' or 'from' fields do not contain '@'. |
CSCui76906 |
The drop policy may not work for ms-office-web-apps protocol |
CSCui84201 |
The drop policy may not work for sky-drive protocol |
CSCui85573 |
Cisco-jabber-video and cisco-phone might be misclassified when configured under a class-map |
CSCui85652 |
Cisco-jabber-video for windows may not be classified correctly |
| CSCuj07892 |
Microsoft Lync might be misclassified in certain scenarios |
Known Caveats in NBAR2 Protocol Pack 7.1.0
The following table lists the known caveats in NBAR2 Protocol Pack 7.1.0:
| Known Caveat |
Description |
|---|---|
| CSCub62860 |
gtalk-video might be misclassified as rtp |
| CSCub89835 |
gbridge pc client might not be blocked |
| CSCuc43505 |
Traffic generated by AIM Pro might be misclassified as unknown and webex-meeting |
CSCug12174 |
Under heavy SSL traffic, the following error message my appear: ": %STILE_CLIENT-4-MAX_LINK_TOUCH_WARN: F0: cpp_cp: NBAR number of flow-slinks threshold is reached, can't allocate more memory for flow-slinks" |
CSCuh49380 |
PCoIP session-priority configuration limitation |
CSCuh53623 |
Segmented packets are not classified when using NBAR sub classification |
CSCui50424 |
When using Microsoft Lync in Office-365, the traffic might be misclassified as rtp or SSL |
CSCui72228 |
Matching under ms-office-web-apps attributes might be misclassified |
CSCuj58064 |
Field-Extraction of SSL unique-name might not work in particular cases |
Restrictions and Limitations in NBAR2 Protocol Pack 7.1.0
| Protocol |
Limitation/Restriction |
|---|---|
| bittorrent |
http traffic generated by the bitcomet bittorrent client might be classified as http |
| capwap-data |
For capwap-data to be classified correctly, capwap-control must also be enabled |
cisco-jabber |
Encrypted cisco jabber might be classified as unknown. |
ftp |
During configuring QoS class-map with ftp-data, the ftp protocol must be selected. As an alternative, the ftp application group can be selected. |
| hulu |
Encrypted video streaming generated by hulu might be classified as its underlying protocol rtmpe |
| logmein |
Traffic generated by the logmein android app might be misclassified as ssl |
| ms-lync |
Login and chat traffic generated by the ms-lync client might be misclassified as ssl |
ms-lync 2013 |
Traffic generated by the mobile or mac app is not supported. ms-lync 2013 traffic if any, might be misclassified. |
pcanywhere |
Traffic generated by pcanywhere for mac might be classified as unknown. |
qq-accounts |
Login to QQ applications which is not via web may not be classified as qq-accounts |
| secondlife |
Voice traffic generated by secondlife might be misclassified as ssl |
Downloading NBAR2 Protocol Packs
NBAR2 Protocol Packs are available for download as Software Type 'NBAR2 Protocol Pack' on cisco.com software download page (http://www.cisco.com/cisco/software/navigator.html).
Additional References
Related Documents
| Related Topic |
Document Title |
|---|---|
| Application Visibility and Control |
|
| Classifying Network Traffic Using NBAR |
|
| NBAR Protocol Pack |
NBAR Protocol Pack module |
| QoS: NBAR Configuration Guide |
|
| QoS Command Reference |
Quality of Service Solutions Command Reference |
Feedback