release notes for nbar2 protocol pack 8.0 - cisco.com · known caveat description cscub89835...
TRANSCRIPT
Release Notes for NBAR2 Protocol Pack 8.0.0
• Release Notes for NBAR2 Protocol Pack 8.0.0, page 1
Release Notes for NBAR2 Protocol Pack 8.0.0
OverviewNBAR2 Protocol Pack 8.0.0 contains the EnhancedWeb Classification feature that supports multi-transactionsexport of URLs. For more information on this feature, see Classifying Network Traffic Using NBAR.
Supported PlatformsNetwork Based Application Recognition (NBAR) Protocol Pack 8.0.0 is supported on Cisco ASR 1000 SeriesAggregation Services Routers and Cisco ISR G2 Series Integrated Services Routers.
Supported ReleasesNetwork Based Application Recognition (NBAR) Protocol Pack 8.0.0 is supported on the following releases:
• Cisco IOS XE Release 3.10.0S Version 15.3(3)S
• Cisco IOS XE Release 3.11.0S Version 15.4(1)S
• Cisco IOS Release Version 15.3(3)M2 - loading NBAR2 Protocol Pack 8.0.0 on previous releases ofthis train may result in unexpected behavior and possibly crash (CSCuj40124).
New Protocols in NBAR2 Protocol Pack 8.0.0The following protocols are added to NBAR2 Protocol Pack 8.0.0:
NBAR2 Protocol Pack 8.0.0 1
DescriptionSyntax NameCommon Name
Ares is a P2P network which was originally operating onthe Gnutella network. After that, it switched to its ownnetwork with a leaves-and-super nodes architecture. AresGalaxy, which is an open source P2P software, is themain client which makes use of Ares network.
aresAres
iCloud is Apple's cloud computing and storage service.It provides data storage (such as music, files and iOSapplications) over remote computer servers and enablesdownloading stored data to multiple devices.
icloudiCloud
NetBIOS's datagram distribution service is the part of theNetBIOS-over-TCP/UDPprotocol suite for connectionlesscommunication. NetBIOS provides services related tothe session layer of the OSI model allowing applicationson separate computers to communicate over a local areanetwork. NetBIOS's datagram distribution serviceprovides a connectionless service which means that theerror detection and recovery are the applicationresponsibility.
netbios-dgmNetBIOS's DatagramDistribution Service
NetBIOS's session service is the part of theNetBIOS-over-TCP/UDP protocol suite for connectionoriented communication. NetBIOS provides servicesrelated to the session layer of the OSI model allowingapplications on separate computers to communicate overa local area network. NetBIOS's session service allowstwomachines to form a connection, mechanisms for errordetection and recovery and multiple packets messages.
netbios-ssnNetBIOS's SessionService
Orbix is a CORBA ORB (Object Request Broker) fromMicro Focus which helps programmers build distributedapplications. Orbix cfg (config) works over SSL typicallyon port 3078.
orbix-cfg-sslOrbix 2000 Config overSSL
Simple Mail Transfer Protocol (SMTP) is an Internetstandard for electronicmail transmission across networks.Secure-smtp refers to a method for securing SMTP withtransport layer security, typically works on TCP port 461.
secure-smtpSecure Simple MailTransfer Protocol
Updated Protocols in NBAR2 Protocol Pack 8.0.0The following protocols are updated in NBAR2 Protocol Pack 8.0.0:
UpdatesProtocol
Updated signatures.corba-iiop-ssl
NBAR2 Protocol Pack 8.0.02
Release Notes for NBAR2 Protocol Pack 8.0.0Updated Protocols in NBAR2 Protocol Pack 8.0.0
UpdatesProtocol
Updated signatures.ddm-ssl
Updated signatures to support encrypted exchange traffic.Exchange
Updated signatures.ftps-data
Updated signatures.h323
Updated signatures.ieee-mms-ssl
Updated signatures.msft-gc-ssl
Updated signatures to support Netflix in set-top-boxes, media streamers, gameconsoles and latest Windows, Apple and Android OSs.
Netflix
Updated signatures.nsiiops
Updated signatures.orbix-loc-ssl
Updated signatures.secure-ftp
Updated signatures.secure-imap
Updated signatures.secure-irc
Updated signatures.secure-ldap
Updated signatures.secure-nntp
Updated signatures.secure-pop3
Updated signatures.secure-telnet
Updated signatures.sshell
Deprecated Protocols in NBAR2 Protocol Pack 8.0.0The predefined custom protocols (named custom-01, custom-02…custom-10) have been deprecated in thisprotocol pack. In order to define custom protocols, users are advised to use the user-defined custom protocols.Note that in Cisco IOS Release 15.3(3)S and Cisco IOS Release 15.3(3)M, the ip nbar port-map commandhas been deprecated and therefore, users cannot use the predefined custom protocols anyway. For moreinformation about custom protocols see:http://www.cisco.com/en/US/docs/ios-xml/ios/qos_nbar/configuration/xe-3s/asr1000/clsfy-traffic-nbar.html.
NBAR2 Protocol Pack 8.0.0 3
Release Notes for NBAR2 Protocol Pack 8.0.0Deprecated Protocols in NBAR2 Protocol Pack 8.0.0
Caveats in NBAR2 Protocol Pack 8.0.0
If you have an account on Cisco.com, you can also use the Bug Toolkit to find select caveats of anyseverity. To reach the Bug Toolkit, log in to Cisco.com and go to http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. (If the defect that you have requested cannot be displayed, this may be dueto one or more of the following reasons: the defect number does not exist, the defect does not have acustomer-visible description yet, or the defect has been marked Cisco Confidential.)
Note
Resolved Caveats in NBAR2 Protocol Pack 8.0.0
The following table lists the resolved caveats in NBAR2 Protocol Pack 8.0.0:
DescriptionResolved Caveat
ASR1k/03.09.00.S NBAR doesn't recognize h323 protocol traffic.CSCuh48686
Matching under ms-office-web-apps attributes might be misclassified.CSCui72228
MS-Lync traffic on Mac and mobile devices may be misclassified.CSCui93597
VNC sub-classification doesn't work when protocol-discovery is enabled.CSCuj14380
Loading NBAR2 Protocol Pack 8.0.0 on Cisco IOS Releases 15.3(3)M or15.3(3)M1 may result in unexpected behavior and possibly crash.
CSCuj40124
PCoIP with no TH signature performance improvement.CSCuj40958
Field-extraction for ssl may not work in some cases.CSCuj58064
Video traffic generated by the webex-meeting iPhone app might be misclassifiedas video-over-http.
CSCuj67799
NetBIOS traffic might be misclassified as unknown.CSCuj76966
Some cisco-jabber traffic might be misclassified as webex-meeting.CSCul02147
Some cisco-jabber traffic might be misclassified as ssl.CSCul02157
Some ms-lync-video traffic via mobile classified as rtp.CSCul18924
Known Caveats in NBAR2 Protocol Pack 8.0.0
The following table lists the known caveats in NBAR2 Protocol Pack 8.0.0:
DescriptionKnown Caveat
gtalk-video might be misclassified as rtp.CSCub62860
NBAR2 Protocol Pack 8.0.04
Release Notes for NBAR2 Protocol Pack 8.0.0Caveats in NBAR2 Protocol Pack 8.0.0
DescriptionKnown Caveat
gbridge pc client might not be blocked.CSCub89835
Traffic generated by AIM Pro might be misclassified as unknown andwebex-meeting.
CSCuc43505
PCoIP session-priority configuration limitation.CSCuh49380
Segmented packets are not classified when using NBAR sub classification.CSCuh53623
When using Microsoft Lync in Office-365, the traffic might be misclassified asrtp or SSL.
CSCui50424
Traffic generated by realmedia might be misclassified as http. The CSCum17899caveat is specific to Cisco ISR G2 series Integrated Services Routers only.
CSCum17899
Traffic generated by Netflix might be misclassified as http. The CSCum95591caveat is specific to Cisco ISR G2 series Integrated Services Routers only.
CSCum95591
Traffic generated by xunlei-kanan might be misclassified as http. TheCSCum97248 caveat is specific to Cisco ISRG2 series Integrated Services Routersonly.
CSCum97248
Traffic generated by gotomypc might be misclassified as http. The CSCum97251caveat is specific to Cisco ISR G2 series Integrated Services Routers only.
CSCum97251
Traffic generated by oracle-e-business-suite might be misclassified. TheCSCum97253 caveat is specific to Cisco ISRG2 series Integrated Services Routersonly.
CSCum97253
Restrictions and Limitations in NBAR2 Protocol Pack 8.0.0The following table lists the limitations and restrictions in NBAR2 Protocol Pack 8.0.0:
Limitation/RestrictionProtocol
http traffic generated by the bitcomet bittorrent client might be classified as httpbittorrent
For capwap-data to be classified correctly, capwap-control must also be enabledcapwap-data
Encrypted cisco jabber might be classified as unknown.cisco-jabber
During configuring QoS class-map with ftp-data, the ftp protocol must be selected.As an alternative, the ftp application group can be selected.
ftp
Encrypted video streaming generated by hulumight be classified as its underlyingprotocol rtmpe
hulu
NBAR2 Protocol Pack 8.0.0 5
Release Notes for NBAR2 Protocol Pack 8.0.0Restrictions and Limitations in NBAR2 Protocol Pack 8.0.0
Limitation/RestrictionProtocol
Traffic generated by the logmein android app might be misclassified as ssllogmein
Login and chat traffic generated by the ms-lync client might be misclassified asssl
ms-lync
Traffic generated by pcanywhere for mac might be classified as unknown.pcanywhere
Login to QQ applications which is not via webmay not be classified as qq-accountsqq-accounts
Voice traffic generated by secondlife might be misclassified as sslsecondlife
Downloading NBAR2 Protocol PacksNBAR2 Protocol Packs are available for download as Software Type 'NBAR2 Protocol Pack' on cisco.comsoftware download page (http://www.cisco.com/cisco/software/navigator.html).
NBAR2 Protocol Pack 8.0.06
Release Notes for NBAR2 Protocol Pack 8.0.0Downloading NBAR2 Protocol Packs
Additional ReferencesRelated Documents
Document TitleRelated Topic
Application Visibility and Control Configuration GuideApplication Visibility and Control
Classifying Network Traffic Using NBAR moduleClassifying Network Traffic Using NBAR
NBAR Protocol Pack moduleNBAR Protocol Pack
QoS: NBAR Configuration GuideQoS: NBAR Configuration Guide
Quality of Service Solutions Command ReferenceQoS Command Reference
NBAR2 Protocol Pack 8.0.0 7
Release Notes for NBAR2 Protocol Pack 8.0.0Additional References
NBAR2 Protocol Pack 8.0.08
Release Notes for NBAR2 Protocol Pack 8.0.0Additional References