- Release Notes for NBAR2 Protocol Pack 9.0.0
- 3COM-AMP3 through AYIYA-IPV6-TUNNELED
- BABELGUM through BR-SAT-MON
- CABLEPORT through CYCLESERV2
- DASP through DWR
- ECHO through EXEC
- FACEBOOK through FUJITSU-DEV
- GACP through GTP-USER
- H323 through HYPERWAVE-ISP
- IAFDBASE through JARGON
- KALI through LWAPP
- MAC-SRVR-ADMIN through MYSQL
- NAME through NXEDIT
- OBEX through OSU-NMS
- P10 through PWDGEN
- QBIKGDP through RXE
- SAFT through SYSTAT
- TACACS through TWITTER
- UAAC through VSLMP
- WAP-PUSH through ZSERV
- Index
- Release Notes for NBAR2 Protocol Pack 9.0.0
- Overview
- Supported Platforms
- Supported Releases
- New Protocols in NBAR2 Protocol Pack 9.0.0
- New Categories and Sub-categories for QoS and Reporting in NBAR2 Protocol Pack 9.0.0
- Examples: Mapping Traffic to a Class
- Updated Protocols in NBAR2 Protocol Pack 9.0.0
- Deprecated Protocols in NBAR2 Protocol Pack 9.0.0
- Caveats in NBAR2 Protocol Pack 9.0.0
- Restrictions and Limitations in NBAR2 Protocol Pack 9.0.0
- Downloading NBAR2 Protocol Packs
- Additional References
Sub-categories Supported in NBAR2 Protocol Pack 9.0.0
Release Notes for NBAR2 Protocol Pack 9.0.0
Network Based Application Recognition (NBAR) Protocol Pack 9.0.0 is supported on the following release:
Release Notes for NBAR2 Protocol Pack 9.0.0
- Overview
- Supported Platforms
- Supported Releases
- New Protocols in NBAR2 Protocol Pack 9.0.0
- New Categories and Sub-categories for QoS and Reporting in NBAR2 Protocol Pack 9.0.0
- Examples: Mapping Traffic to a Class
- Categories and Sub-categories Supported in NBAR2 Protocol Pack 9.0.0
- Updated Protocols in NBAR2 Protocol Pack 9.0.0
- Deprecated Protocols in NBAR2 Protocol Pack 9.0.0
- Caveats in NBAR2 Protocol Pack 9.0.0
- Restrictions and Limitations in NBAR2 Protocol Pack 9.0.0
- Downloading NBAR2 Protocol Packs
- Additional References
Overview
NBAR2 Protocol Pack 9.0.0 contains the Enhanced Web Classification feature that supports multi-transactions export of URLs. For more information on this feature, see Classifying Network Traffic Using NBAR.
NBAR2 Protocol Pack 9.0.0 also contains new categories and sub-categories that make QoS configuration easier and allow more granularity in AVC reports.
Supported Platforms
Network Based Application Recognition (NBAR) Protocol Pack 9.0.0 is supported on Cisco ASR 1000 Series Aggregation Services Routers.
Supported Releases
New Protocols in NBAR2 Protocol Pack 9.0.0
The following protocols are added to NBAR2 Protocol Pack 9.0.0:
|
Common Name |
Syntax Name |
Description |
|---|---|---|
|
Apple services |
apple-services |
apple-services is a set of tools and APIs, such as AppStore and apple website, used by Apple applications. |
Internet Audio Streaming Web Apps |
internet-audio-streaming |
The internet audio streaming protocol gathers the top websites and web applications such as SoundCloud and Grooveshark for audio streaming on the internet . |
|
Internet Video Streaming Web Apps |
Internet-video-streaming |
The internet video streaming protocol gathers the top websites and web applications such as Ustream and DailyMotion for video streaming on the internet. |
|
iTunes-Audio |
itunes-audio |
iTunes is a media player and media library application developed by Apple Inc. It is used to play, download, and organize digital audio and video on personal computers running the OS X and Microsoft Windows operating systems. Through the iTunes Store, users can purchase and download music, music videos, television shows, audiobooks, podcasts, movies, etc. on their MAC/Win PC/iDevices running iTunes. iTunes-audio refers to all audio streaming media services generated by iTunes such as play music, podcasts, and audiobooks. |
|
iTunes-Video |
itunes-video |
iTunes is a media player and media library application developed by Apple Inc. It is used to play, download, and organize digital audio and video on personal computers running the OS X and Microsoft Windows operating systems. Through the iTunes Store, users can purchase and download music, music videos, television shows, audiobooks, podcasts, movies, etc. on their MAC/Win PC/iDevices running iTunes. iTunes-video refers to all video streaming media services generated by iTunes such as play movies, TV shows, videocasts and videos. |
Naver Line |
naver-line |
Naver-line is a Japanese proprietary application for instant messaging on smartphones and PCs. Naver-Line users exchange text messages, graphics, video and audio media, make free VoIP calls, and hold free audio or video conferences. |
QQ Instant Messenger |
qq-im |
QQ instant messenger is the most popular IM software service in China. QQ IM was developed by Tencent Holding LTD. and has clients for Windows, Mac, Android, and iPhone. A Chinese version is available as well as an English version (QQ International). |
Share |
share |
Share is a closed-source P2P application being developed in Japan by an anonymous author. It was developed as the successor of Winny and focuses on higher security. Share uses encrypted caches, file names and IP addresses, and is based on node-organized architecture. |
New Categories and Sub-categories for QoS and Reporting in NBAR2 Protocol Pack 9.0.0
In NBAR2 Protocol Pack 9.0.0, there are new categories and sub-categories which make QOS configuration easier and AVC reports more meaningful. Therefore, the category and sub-category assignments of many protocols have been updated to better reflect their categorization in enterprise networks.
The new categories allow more granularity in reports that are based on Category.
The new sub-categories can be used for generating even more granular reports, and are very useful for implementing QOS policies, following the Cisco SRND QOS model. The new sub-categories divide applications into business and consumer, as well as the different media types so that it is easy to build an MQC class map to map a specific sub-category to the desired SRND class of service and apply QOS. For more information about SRND, see http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSIntro_40.html#wp61104.
It is also easier to customize the QOS definitions, without changing the MQC class map but rather using attribute-maps and reassigning a specific application to a different sub-category than it is assigned by default.
For a complete list of protocols and their mappings, refer to the specific protocols in the protocol book, or use the show ip nbar attribute category or the show ip nbar attribute sub-category command.
Examples: Mapping Traffic to a Class
The following example shows how to map the multimedia conferencing to the MULTIMEDIA-CONFERENCING SRND class:
Device> enable Device# configure terminal Device(config)# class-map match-any MULTIMEDIA-CONFERENCING Device(config-cmap)# match protocol attribute sub-category ent-multimedia-conferencing
The following example shows how to map the control and signaling traffic (SIP, RTSP etc.) to the SIGNALING SRND class:
Device> enable Device# configure terminal Device(config)# class-map match-any SIGNALING Device(config-cmap)# match protocol attribute sub-category control-and-signaling
Categories and Sub-categories Supported in NBAR2 Protocol Pack 9.0.0
The following is the list of Categories supported in NBAR2 Protocol Pack 9.0.0:
- anonymizers
- backup-and-storage
- browsing
- business-and-productivity-tools
- database
- epayment
- file-sharing
- gaming
- industrial-protocols
- instant-messaging
- internet-security
- inter-process-rpc
- layer3-over-ip
- location-based-services
- net-admin
- newsgroup
- other
- social-networking
- software-updates
- trojan
- voice-and-video
The following is the list of Sub-categories supported in NBAR2 Protocol Pack 9.0.0:
- authentication-services
- backup-systems
- consumer-audio-streaming
- consumer-cloud-storage
- consumer-multimedia-messaging
- consumer-video-streaming
- consumer-web-browsing
- control-and-signaling
- desktop-virtualization
- enterprise-cloud-data-storage
- enterprise-data-center-storage
- enterprise-data-center-storage
- enterprise-multimedia-conferencing
- enterprise-realtime-applications
- enterprise-rich-media-content
- enterprise-software-deployment-tools
- enterprise-transactional-applications
- enterprise-video-broadcast
- enterprise-voice-collaboration
- file-transfer
- naming-services
- network-management
- os-updates
- other
- p2p-file-transfer
- p2p-networking
- remote-access-terminal
- routing-protocol
- tunneling-protocols
 Note | In this update, some categories and sub-categories that are not in common use have been removed, or renamed. Some values have moved from sub-category to category to provide better granularity at the category level. Therefore existing class-maps that contain matches based on removed or renamed values would be automatically removed when the protocol is installed, but the command would not be replaced. Refer to the list of removed/renamed values below to verify that none of the existing policies is affected by the change. |
The following categories are removed in NBAR2 Protocol Pack 9.0.0:
The following sub-categories are removed in NBAR2 Protocol Pack 9.0.0:
Updated Protocols in NBAR2 Protocol Pack 9.0.0
The following protocols are updated in NBAR2 Protocol Pack 9.0.0:
|
Protocol |
Updates |
|---|---|
aim |
Updated signatures to support t AIM pro client. |
baidu-movie |
Updated signatures. |
|
gbridge |
Updated signatures. |
google-services |
Updated signatures. |
google-talk |
Updated signatures to support Japanese client. |
itunes |
Updated signatures to support iTunes 11. |
ms-lync |
Updated signatures to support lync in office-365. |
|
oracle-sqlnet |
Updated signatures. |
yahoo-im |
Updated signatures to support Japanese client. |
youtube |
Updated signatures. |
Deprecated Protocols in NBAR2 Protocol Pack 9.0.0
The support for protocol NetBIOS is deprecated.
Caveats in NBAR2 Protocol Pack 9.0.0
Note | If you have an account on Cisco.com, you can also use the Bug Toolkit to find select caveats of any severity. To reach the Bug Toolkit, log in to Cisco.com and go to http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. (If the defect that you have requested cannot be displayed, this may be due to one or more of the following reasons: the defect number does not exist, the defect does not have a customer-visible description yet, or the defect has been marked Cisco Confidential.) |
Resolved Caveats in NBAR2 Protocol Pack 9.0.0
The following table lists the resolved caveats in NBAR2 Protocol Pack 9.0.0:
|
Resolved Caveat |
Description |
|---|---|
|
CSCub89835 |
gbridge pc client might not be blocked. |
|
CSCuc43505 |
Traffic generated by AIM Pro might be misclassified as unknown and webex-meeting |
|
CSCui50424 |
When using Microsoft Lync in Office-365, the traffic might be misclassified as rtp or SSL |
CSCul22462 |
Loading NBAR2 Protocol Pack 9.0.0 on Cisco IOS Releases 15.3(3)S or 15.3(3)S1 may result in unexpected behavior and possibly crash. |
Known Caveats in NBAR2 Protocol Pack 9.0.0
The following table lists the known caveats in NBAR2 Protocol Pack 9.0.0:
|
Known Caveat |
Description |
|---|---|
|
CSCub62860 |
gtalk-video might be misclassified as rtp |
CSCuh49380 |
PCoIP session-priority configuration limitation |
CSCuh53623 |
Segmented packets are not classified when using NBAR sub classification |
Restrictions and Limitations in NBAR2 Protocol Pack 9.0.0
The following table lists the limitations and restrictions in NBAR2 Protocol Pack 9.0.0:
|
Protocol |
Limitation/Restriction |
|---|---|
|
bittorrent |
http traffic generated by the bitcomet bittorrent client might be classified as http |
|
capwap-data |
For capwap-data to be classified correctly, capwap-control must also be enabled |
cisco-jabber |
Encrypted cisco jabber might be classified as unknown. |
ftp |
During configuring QoS class-map with ftp-data, the ftp protocol must be selected. As an alternative, the ftp application group can be selected. |
|
hulu |
Encrypted video streaming generated by hulu might be classified as its underlying protocol rtmpe |
|
logmein |
Traffic generated by the logmein android app might be misclassified as ssl |
|
ms-lync |
Login and chat traffic generated by the ms-lync client might be misclassified as ssl |
pcanywhere |
Traffic generated by pcanywhere for mac might be classified as unknown. |
qq-accounts |
Login to QQ applications which is not via web may not be classified as qq-accounts |
|
secondlife |
Voice traffic generated by secondlife might be misclassified as ssl |
Downloading NBAR2 Protocol Packs
NBAR2 Protocol Packs are available for download as Software Type 'NBAR2 Protocol Pack' on cisco.com software download page (http://www.cisco.com/cisco/software/navigator.html).
Additional References
Related Documents
|
Related Topic |
Document Title |
|---|---|
|
Application Visibility and Control |
Cisco Application Visibility and Control User Guide for IOS Release 15.4(1)T and IOS XE Release 3.11S Cisco Application Visibility and Control User Guidefor Cisco IOS Release 15.4(2)T and Cisco IOS XE Release 3.12S |
|
Classifying Network Traffic Using NBAR |
|
|
NBAR Protocol Pack |
NBAR Protocol Pack module |
|
QoS: NBAR Configuration Guide |
|
|
QoS Command Reference |
Feedback