Enabling Protocol Discovery

Network-Based Application Recognition (NBAR) includes a feature called Protocol Discovery. Protocol Discovery provides an easy way to discover the application protocols that are operating on an interface. When you configure NBAR, the first task is to enable Protocol Discovery.

This module contains concepts and tasks for enabling the Protocol Discovery feature.

Prerequisites for Enabling Protocol Discovery

Before enabling Protocol Discovery, read the information in the "Classifying Network Traffic Using NBAR" module.

Information About Protocol Discovery

Protocol Discovery Functionality

NBAR determines which protocols and applications are currently running on your network. NBAR includes a feature called Protocol Discovery. Protocol Discovery provides an easy way of discovering the application protocols that are operating on an interface so that appropriate quality of service (QoS) features can be applied. With Protocol Discovery, you can discover any protocol traffic that is supported by NBAR and obtain statistics that are associated with that protocol.

Protocol Discovery maintains the following per-protocol statistics for enabled interfaces:

  • Total number of input packets and bytes

  • Total number of output packets and bytes

  • Input bit rates

  • Output bit rates

The statistics can then be used when you later define classes and traffic policies (sometimes known as policy maps) for each traffic class. The traffic policies (policy maps) are used to apply specific QoS features and functionality to the traffic classes.

How to Configure Protocol Discovery

Enabling Protocol Discovery on an Interface

The ip nbar protocol-discovery command is used to enable Protocol Discovery on an interface. With Cisco IOS Release 12.2(18)ZYA, intended for use on the Cisco 6500 series switch that is equipped with a Supervisor 32/PISA, the ip nbar protocol-discovery command is supported on both Layer 2 and Layer 3 Etherchannels.

To enable Protocol Discovery on an interface, perform the following steps.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. interface type number [name-tag ]
  4. ip nbar protocol-discovery
  5. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:


Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Router# configure terminal

Enters global configuration mode.

Step 3

interface type number [name-tag ]

Example:


Router(config)# interface ethernet 2/4

Configures an interface type and enters interface configuration mode.

  • Enter the interface type and the interface number.

Step 4

ip nbar protocol-discovery

Example:


Router(config-if)# ip nbar protocol-discovery

Configures NBAR to discover traffic for all protocols known to NBAR on a particular interface.

Step 5

end

Example:


Router(config-if)# end

(Optional) Exits interface configuration mode.

Reporting Protocol Discovery Statistics

To display a report of the Protocol Discovery statistics per interface, perform the following steps.

SUMMARY STEPS

  1. enable
  2. show policy-map interface type number
  3. show ip nbar protocol-discovery [interface type number ] [stats {byte-count | bit-rate | packet-count | max-bit-rate }] [protocol protocol-name | top-n number ]
  4. exit

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:


Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

show policy-map interface type number

Example:


Router# show policy-map interface Fastethernet 6/0

(Optional) Displays the packet and class statistics for all policy maps on the specified interface.

  • Enter the interface type and the interface number.

Step 3

show ip nbar protocol-discovery [interface type number ] [stats {byte-count | bit-rate | packet-count | max-bit-rate }] [protocol protocol-name | top-n number ]

Example:


Router# show ip nbar protocol-discovery interface Fastethernet 6/0

Displays the statistics gathered by the NBAR Protocol Discovery feature.

  • (Optional) Enter keywords and arguments to fine-tune the statistics displayed.

Step 4

exit

Example:


Router# exit

(Optional) Exits privileged EXEC mode.

Configuration Examples for Enabling Protocol Discovery

Example Enabling Protocol Discovery on an Interface

In the following sample configuration, Protocol Discovery is enabled on Ethernet interface 2/4. 


Router> enable 

Router# configure terminal 

Router(config)# interface ethernet 2/4  

Router(config-if)# ip nbar protocol-discovery 

Router(config-if)# end

Example Reporting Protocol Discovery Statistics

The following example displays output from the show ip nbar protocol-discovery command for the five most active protocols on an Ethernet interface: 


Router# show ip nbar protocol-discovery top-n 5
 
 Ethernet2/0 
                            Input                    Output                  
                            -----                    ------                  
  Protocol                  Packet Count             Packet Count            
                            Byte Count               Byte Count              
                            30sec Bit Rate (bps)     30sec Bit Rate (bps)    
                            30sec Max Bit Rate (bps) 30sec Max Bit Rate (bps)
--------------------------- ------------------------ ------------------------
   rtp                      3272685                  3272685                           
                                             242050604                242050604                         
                            768000                   768000                            
                            2002000                  2002000                           
   gnutella                 513574                   513574                            
                            118779716                118779716                         
                            383000                   383000                            
                            987000                   987000                            
   ftp                      482183                   482183                            
                            37606237                 37606237                          
                            121000                   121000                            
                            312000                   312000                            
   http                     144709                   144709                            
                            32351383                 32351383                          
                            105000                   105000                            
                            269000                   269000                            
   netbios                  96606                    96606                             
                            10627650                 10627650                          
                            36000                    36000                             
                            88000                    88000                             
   unknown                  1724428                  1724428                           
                            534038683                534038683                         
                            2754000                  2754000                           
                            4405000                  4405000                           
   Total                    6298724                  6298724                           
                            989303872                989303872                         
                            4213000                  4213000                           
                            8177000                  8177000

Where to Go Next

After you enable Protocol Discovery, you have the option to configure NBAR using the Modular Quality of Service (QoS) Command-Line Interface (CLI) (MQC). To configure NBAR using the MQC, see the "Configuring NBAR Using the MQC" module.

Additional References

The following sections provide references related to enabling Protocol Discovery.

Related Documents

Related Topic

Document Title

QoS commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples

Cisco IOS Quality of Service Solutions Command Reference

Concepts and information about NBAR

"Classifying Network Traffic Using NBAR" module

Configuring NBAR using the MQC

"Configuring NBAR Using the MQC" module

Adding application recognition modules (also known as PDLMs)

"Adding Application Recognition Modules" module

Creating a custom protocol

"Creating a Custom Protocol" module

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for Enabling Protocol Discovery

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1. Feature Information for Enabling Protocol Discovery

Feature Name

Releases

Feature Information

NBAR--Network-Based Application Recognition

12.2(18)ZYA

Integrates NBAR and Firewall Service Module (FWSM) functionality on the Catalyst 6500 series switch that is equipped with a Supervisor 32/programmable intelligent services accelerator (PISA).

The following commands were modified: ip nbar protocol-discovery, show ip nbar protocol-discovery .