Enabling Protocol Discovery

Available Languages

Download Options

  • PDF     (129.3 KB)
    View with Adobe Reader on a variety of devices
Updated:June 1, 2011

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Enabling Protocol Discovery

Contents

Enabling Protocol Discovery

Last Updated: December 1, 2011

Network-Based Application Recognition (NBAR) includes a feature called Protocol Discovery. Protocol discovery provides an easy way to discover the application protocol packets that are passing through an interface. When you configure NBAR, the first task is to enable protocol discovery.

This module contains concepts and tasks for enabling the Protocol Discovery feature.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the Feature Information Table at the end of this document.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Prerequisites for Enabling Protocol Discovery

Before enabling Protocol Discovery, read the information in the "Classifying Network Traffic Using NBAR" module.

Restrictions for Enabling Protocol Discovery

NBAR protocol discovery does not support the following:

  • Asymmetric flows with stateful protocols.

Note
In the NBAR context, asymmetric flows are the flows in which different packets of the flow go through different routers, for reasons such as load balancing implementation or asymmetric routing where packets flow through different routes to different directions.
  • NBAR processing. By design, NBAR processing is temporarily disabled during the In-Service Software Upgrade (ISSU). The following syslog message indicates restart of NBAR classification once ISSU is complete.

"%NBAR_HA-5-NBAR_INFO: NBAR sync DONE!"

  • Multicast packet classification.
  • Multiprotocol Label Switching (MPLS)-labeled packets. NBAR classifies IP packets only. You can, however, use NBAR to classify IP traffic before the traffic is handed over to MPLS. Use the modular quality of service (QoS) CLI (MQC) to set the IP differentiated services code point (DSCP) field on the NBAR-classified packets and make MPLS map the DSCP setting to the MPLS experimental (EXP) setting inside the MPLS header.
  • Non-IP traffic.
  • Packets that originate from or that are destined to the router running NBAR.

NBAR is not supported on the following logical interfaces:

  • Dialer interfaces
  • Fast Etherchannel
  • Interfaces where tunneling or encryption is used
  • Multilink Point-to-Point Protocol (MLPPP)
  • Multiprotocol Label Switching (MPLS) VPN Routing and Forwarding (VRF)
  • Port channel
  • Tunneled interfaces (Generic Router Encapsulation [GRE], IP-IP, Layer 2 Tunneling Protocol [L2TP])

Note
You cannot use NBAR to classify output traffic on a WAN link where tunneling or encryption is used. Therefore, you should configure NBAR on other interfaces of the router (such as a LAN link) to perform input classification before the traffic is switched to the WAN link.

Information About Protocol Discovery

Protocol Discovery Overview

The Protocol Discovery feature of NBAR provides an easy way of discovering the application protocols passing through an interface so that appropriate QoS features can be applied.

NBAR determines which protocols and applications are currently running on your network. Protocol discovery provides an easy way of discovering the application protocols that are operating on an interface so that appropriate QoS features can be applied. With protocol discovery, you can discover any protocol traffic that is supported by NBAR and obtain statistics that are associated with that protocol.

Protocol discovery maintains the following per-protocol statistics for enabled interfaces:

  • Total number of input packets and bytes
  • Total number of output packets and bytes
  • Input bit rates
  • Output bit rates

These statistics can be used when you define classes and traffic policies (sometimes known as policy maps) for each traffic class. The traffic policies (policy maps) are used to apply specific QoS features and functionality to the traffic classes.

Interface Scalability

In Cisco IOS XE Release 2.4 and earlier releases, there is no limit on the number of interfaces on which protocol discovery can be enabled.

The table below provides the details of the protocol discovery supported interface and the release number.

Table 1 Release and Protocol Discovery Interface Support

Release

Number of Interfaces Supported with Protocol Discovery

Cisco IOS XE Release 2.5

128

Cisco IOS XE Release 2.6

256

Cisco IOS XE Release 2.7

32

Cisco IOS XE Release 3.2S

32

Cisco IOS XE Release 3.3S

32

In Cisco IOS XE Release 3.3S and later releases, NBAR supports the following classification:

  • Static port-based classification and IP protocol-based classification for IPv6 packets.
  • IPv4 and IPv6 classification for IPv4 and IPv6 VPN Routing and Forwarding (VRF) interfaces.

Note
The NBAR Protocol Discovery MIB is not supported for the ip nbar protocol-discovery ipv4 and ip nbar protocol-discovery ipv6 commands.

How to Enable Protocol Discovery

Enabling Protocol Discovery on an Interface

Perform this task to enable protocol discovery on an interface.

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    interface type number [name-tag]

4.    ip nbar protocol-discovery [ipv4 | ipv6]

5.    end


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
interface type number [name-tag]


Example:

Router(config)# interface fastethernet1/1/1

 

Configures an interface type and enters interface configuration mode.

  • Enter the interface type and the interface number.
 
Step 4
ip nbar protocol-discovery [ipv4 | ipv6]


Example:

Router(config-if)# ip nbar protocol-discovery

 

Configures NBAR to discover traffic for all protocols that are known to NBAR on a particular interface.

  • (Optional) Enter the ipv4 keyword to enable protocol discovery statistics collection for IPv4 packets, or enter the ipv6 keyword to enable protocol discovery statistics collection for IPv6 packets.
  • Specifying either of these keywords enables the protocol discovery statistics collection for the specified IP version only. If neither keywords is specified, statistics collection is enabled for both IPv4 and IPv6.
  • The no form of this command is not required to disable a keyword because the statistics collection is enabled for the specified keyword only.
 
Step 5
end


Example:

Router(config-if)# end

 

(Optional) Exits interface configuration mode.

 

Reporting Protocol Discovery Statistics

Perform this task to display a report of the protocol discovery statistics per interface.

SUMMARY STEPS

1.    enable

2.    show policy-map interface type number

3.    show ip nbar protocol-discovery [interface type number] [stats {byte-count | bit-rate | packet-count| max-bit-rate}] [protocol protocol-name | top-n number]

4.    exit


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
show policy-map interface type number


Example:

Router# show policy-map interface FastEthernet 1/1/1

 

(Optional) Displays the packet and class statistics for all policy maps on the specified interface.

  • Enter the interface type and interface number.
 
Step 3
show ip nbar protocol-discovery [interface type number] [stats {byte-count | bit-rate | packet-count| max-bit-rate}] [protocol protocol-name | top-n number]


Example:

Router# show ip nbar protocol-discovery interface Fastethernet1/1/1

 

Displays the statistics gathered by the NBAR Protocol Discovery feature.

  • (Optional) Enter keywords and arguments to fine-tune the statistics displayed. For more information on each of the keywords, refer to the show ip nbar protocol-discovery command in Cisco IOS Quality of Service Solutions Command Reference.
 
Step 4
exit


Example:

Router# exit

 

(Optional) Exits privileged EXEC mode.

 

Configuration Examples for Protocol Discovery

Example: Enabling Protocol Discovery on an Interface

In the following sample configuration, protocol discovery is enabled on Fast Ethernet interface 1/1/1: 

Router> enable
Router# configure terminal
Router(config)# interface fastethernet1/1/1
Router(config-if)# ip nbar protocol-discovery
Router(config-if)# end
 
       
 In the following sample configuration, protocol discovery is enabled on Fast Ethernet interface 1/1/2 for IPv6 packets: 
 
       
Router> enable
 
       
Router# configure terminal
 
       
Router(config)# interface fastethernet1/1/2
 
       
Router(config-if)# ip nbar protocol-discovery ipv6
 
       
Router(config-if)# end
 
       
 
       
 In the following sample configuration, protocol discovery is enabled on Fast Ethernet interface 1/1/2 for IPv6 packets. Later, the protocol discovery is enabled for IPv4 packets and this does not require the no form for the ipv6 keyword. 
 
       
Router> enable
 
       
Router# configure terminal
 
       
Router(config)# interface fastethernet1/1/2
 
       
Router(config-if)# ip nbar protocol-discovery ipv6
 
       
Router(config-if)# ip nbar protocol-discovery ipv4
 
       
Router(config-if)# end
 
       
 
      
 
     
 
     
 
      
 
      
 
     
 
    
 
    
 
      
       
     
Example: Reporting Protocol Discovery Statistics
 
     
 
      
 
        
         
       
 The following sample output from the show ip nbar protocol-discovery command displays the five most active protocols on the Fast Ethernet interface 2/0/1: 
 
       
Router# show ip nbar protocol-discovery top-n 5
 
 FastEthernet2/0/1
                            Input                    Output                  
                            -----                    ------                  
  Protocol                  Packet Count             Packet Count            
                            Byte Count               Byte Count              
                            30sec Bit Rate (bps)     30sec Bit Rate (bps)    
                            30sec Max Bit Rate (bps) 30sec Max Bit Rate (bps)
--------------------------- ------------------------ ------------------------
   rtp                      3272685                  3272685                           
                            242050604                242050604                         
                            768000                   768000                            
                            2002000                  2002000                           
   gnutella                 513574                   513574                            
                            118779716                118779716                         
                            383000                   383000                            
                            987000                   987000                            
   ftp                      482183                   482183                            
                            37606237                 37606237                          
                            121000                   121000                            
                            312000                   312000                            
   http                     144709                   144709                            
                            32351383                 32351383                          
                            105000                   105000                            
                            269000                   269000                            
   netbios                  96606                    96606                             
                            10627650                 10627650                          
                            36000                    36000                             
                            88000                    88000                             
   unknown                  1724428                  1724428                           
                            534038683                534038683                         
                            2754000                  2754000                           
                            4405000                  4405000                           
   Total                    6298724                  6298724                           
                            989303872                989303872                         
                            4213000                  4213000                           
                            8177000                  8177000 
 
      
 
     
 
     
 
      
 
      
 
     
 
    
 
   
 
   
 
     
      
    
Additional References
 
    
 
     
 
       
        
     
 
     
 
       
        
      
Related Documents
 
      
 
        
         
       
 
         
         
 
           
 Related Topic 
 		 
           
 Document Title 
 		 
         
 
         
         
         
 
           
 Cisco IOS commands 
 		 
           
 Cisco IOS Master Commands List, All Releases 
 		 
         
 
         
 
           
 QoS commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples 
 		 
           
Cisco IOS Quality of Service Solutions Command Reference 
 		 
         
 
         
 
           
 Concepts and information about NBAR 
 		 
           
 "Classifying Network Traffic Using NBAR"    module 
 		 
         
 
         
 
           
 MQC 
 		 
           
 "Applying QoS Features Using the MQC" module 
 		 
         
 
         
       
 
      
 
     
 
     
 
       
        
      
Standards
 
      
 
        
         
       
 
         
         
 
           
 Standard 
 		 
           
 Title 
 		 
         
 
         
         
         
 
           
 No new or modified standards are supported, and support for existing standards has not been modified. 
 		 
           
 -- 
 		 
         
 
         
       
 
      
 
     
 
     
 
       
        
      
MIBs
 
      
 
        
         
       
 
         
         
 
           
 MIB 
 		 
           
 MIBs Link 
 		 
         
 
         
         
         
 
           
 No new or modified MIBs are supported, and support for existing MIBs has not been modified. 
 		 
           
 To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL: 
 
 http://www.cisco.com/go/mibs 
 		 
         
 
         
       
 
      
 
     
 
     
 
       
        
      
Technical Assistance
 
      
 
        
         
       
 
         
         
 
           
 Description 
 		 
           
 Link 
 		 
         
 
         
         
         
 
           
 The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. 
 		 
           
 http://www.cisco.com/cisco/web/support/index.html 
 		 
         
 
         
       
 
      
 
     
 
    
 
    
 
     
 
     
 
    
 
   
 
   
 
     
      
    
Feature Information for Enabling Protocol Discovery
 
    
 
     
 
       
        
      
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature. 
 
      
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required. 
 
     
 
     
 
       
        
      
 
        
         
       
 
         
         
 
          Table 2 
          Feature Information for Enabling Protocol Discovery  
         
 
         
       
 
       
 
         
         
 
           
 Feature Name 
 		 
           
 Releases 
 		 
           
 Feature Information 
 		 
         
 
         
         
         
 
           
 Protocol Discovery 
 		 
           
 Cisco IOS XE 2.1 Cisco IOS XE 3.3S 
 		 
           
 This feature was introduced on Cisco ASR 1000 Series Routers. 
 
 The following sections provide information about this feature: 
 
 The following commands were introduced: ip nbar protocol discovery, show ip nbar protocol discovery. 
 		 
         
 
         
       
 
      
 
     
 
    
 
    
 
     
 
     
 
    
 
   
 
   
 
     
      
    
 
 
    
 
     
 
       
        
      
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) 
 
      
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. 
 
     
 
    
 
    
 
     
 
     
 
     
 
     
 
     
 
     
 
    
 
   
 
  
 
  

    © 2011 Cisco Systems, Inc. All rights reserved. 
  
 
  
  
 


    
    


















     

     
    
    








	




    


    

        





































    

    

        

    

    
    
     
			
            

























    
    
    
    









            

                

















  
  

  
    
    
    
    
  






            

        
            
            




















  
Was this Document Helpful?

  
    
    
  
  
    
      
      FeedbackFeedback
    
  







            

                

















  
    
  



            


            

                
















    
Contact Cisco