The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The NBAR Protocol Pack feature provides an easy method to load a protocol pack, which is a single compressed file that contains multiple Protocol Description Language (PDL) files and a manifest file. Before this feature was introduced, PDLs had to be loaded separately. With the Network-Based Application Recognition (NBAR) protocol pack, a set of required protocols can be loaded on the device, helping NBAR recognize additional protocols for classification on your network.
The protocol pack manifest file contains a description of the protocol pack. Protocol Description Language Modules (PDLMs) are used to add support for a protocol that is currently not available as part of the Cisco software.
The protocol pack must be copied to your local disk to avoid any errors after rebooting.
 Note |
It is strongly recommended to load the NBAR protocol pack that is the exact match for the NBAR engine, and also load the latest rebuild of Cisco software. |
Only one protocol pack is supported per device.
NBAR protocol packs are software packages that update the NBAR protocol support on a device without replacing the Cisco software on the device. An NBAR protocol pack contains a set of signatures that is supported by NBAR.
Protocol packs have the following characteristics:
They are easy to load.
They are easy to upgrade to a higher version protocol pack or revert to a lower version protocol pack.
They provide only the required set of protocols.
Cisco provides users with two different protocol packs—the Standard Protocol Pack and the Advanced Protocol Pack—depending on whether they are using an unlicensed or licensed Cisco image.
Cisco provides a specific identity number for the organization (also known as the “publisher”) that creates the protocol packs and uses Cisco tools and processes to create new protocol packs. The organization that creates the protocol pack owns the pack.
Cisco provides the Advanced Protocol Pack as the base protocol pack with a licensed Cisco image on a device. The Advanced Protocol Pack has the complete set of Protocol Description Language (PDL) files available for a release. On the Advanced Protocol Pack, only a PDLM with the NAME field as Advanced Protocol Pack can be loaded.
Cisco provides the Standard Protocol Pack as the base protocol pack with an unlicensed Cisco image on a device. The Standard Protocol Pack has limited features and functionality. Some of the features, such as Category and Attributes, Field Extraction, and Tunneled Classification, are not supported. On the Standard Protocol Pack, only a PDLM with the NAME field as Standard Protocol Pack can be loaded.
To view the list of protocols supported in a protocol pack, see NBAR Protocol Library.
The NBAR taxonomy file contains the information such as common name, description, underlying protocol, for every protocol that is available in the protocol pack. Use the show ip nbar protocol-pack active taxonomy , show ip nbar protocol-pack inactive taxonomy , and show ip nbar protocol-pack loaded taxonomy commands to view the taxonomy file for an active, inactive, and all loaded protocol-packs respectively.
The nbar taxonomy file generally contains the information for more than 1000 protocols, and the taxonomy file size is ~2 MB. It is recommended to redirect the output from the show ip nbar protocol-pack [ active | inactive | loaded] taxonomy command to a file by using the redirect output modifier, for example, show ip nbar protocol-pack active taxonomy | redirect harddisk:nbar_taxonomy.xml .
Loading a new Protocol Pack requires an advanced license.
| Command or Action | Purpose | |
|---|---|---|
| Step 1 |
enable Example: |
Enables privileged EXEC mode.
|
| Step 2 |
configure terminal Example: |
Enters global configuration mode. |
| Step 3 |
ip nbar protocol-pack protocol-pack [force ] Example: |
Loads the protocol pack.
|
| Step 4 |
exit Example: |
Returns to privileged EXEC mode. |
| Step 5 |
show ip nbar protocol-pack {protocol-pack | active } [detail ] Example: |
Displays the protocol pack information.
|
The following example shows how to load an NBAR protocol pack named defProtoPack from the hard disk:
Device> enable
Device# configure terminal
Device(config)# ip nbar protocol-pack harddisk:defProtoPack
Device(config)# exit
The following example shows how to revert to the base image version of the NBAR protocol pack:
Device> enable
Device# configure terminal
Device(config)# default ip nbar protocol-pack
Device(config)# exit
The following example shows how to use the force keyword to load a protocol pack of a lower version:
Device> enable
Device# configure terminal
Device(config)# ip nbar protocol-pack harddisk:olddefProtoPack force
Device(config)# exit
The following sample output from the show ip nbar protocol-pack command shows information about the active protocol pack with a licensed Cisco image on a device:
Device# show ip nbar protocol-pack active
ACTIVE protocol pack:
Name: Advanced Protocol Pack
Version: 1.0
Publisher: Cisco Systems Inc.The following sample output from the show ip nbar protocol-pack command shows detailed information about the active protocol pack with a licensed Cisco image on a device:
Device# show ip nbar protocol-pack active detail
ACTIVE protocol pack:
Name: Advanced Protocol Pack
Version: 1.0
Publisher: Cisco Systems Inc.
Protocols:
base Mv: 4
ftp Mv: 5
http Mv: 18
static Mv: 6
socks Mv: 2
nntp Mv: 2
tftp Mv: 2
exchange Mv: 3
vdolive Mv: 1
sqlnet Mv: 2
netshow Mv: 3
sunrpc Mv: 3
streamwork Mv: 2
citrix Mv: 11
fasttrack Mv: 3
gnutella Mv: 7
kazaa2 Mv: 11
The following sample output from the show ip nbar protocol-pack command shows the protocol pack information of a licensed Cisco image present at the specified device location:
Device# show ip nbar protocol-pack disk:0ppsmall_higherversion
Name: Advanced Protocol Pack
Version: 2.0
Publisher: Cisco Systems Inc.
The following sample output from the show ip nbar protocol-pack command shows detailed protocol pack information of a licensed Cisco image present at the specified disk location on a device:
Device# show ip nbar protocol-pack disk:0ppsmall_higherversion detail
Name: Advanced Protocol Pack
Version: 2.0
Publisher: Cisco Systems Inc.
Protocol Pack contents:
iana Mv: 1
base Mv: 4
tftp Mv: 2
The following sample output from the show ip nbar protocol-pack command shows information about the active protocol pack with an unlicensed Cisco image on a device:
Device# show ip nbar protocol-pack active
ACTIVE protocol pack:
Name: Standard Protocol Pack
Version: 1.0
Publisher: Cisco Systems Inc.
The following sample output from the show ip nbar protocol-pack active taxonomy command shows the information about the protocols in the active Protocol Pack:
Device# show ip nbar protocol-pack active taxonomy
Protocol Pack Taxonomy for Advanced Protocol Pack:
<?xml version="1.0"?>
<NBAR2-Taxonomy>
<protocol>
<name>active-directory</name>
<engine-id>7</engine-id>
<enabled>true</enabled>
<selector-id>473</selector-id>
<help-string>Active Directory Traffic</help-string>
<global-id>L7:473</global-id>
<common-name>Active Directory</common-name>
<static>false</static>
<attributes>
<category>net-admin</category>
<application-group>other</application-group>
<p2p-technology>false</p2p-technology>
<tunnel>false</tunnel>
<encrypted>false</encrypted>
<sub-category>network-management</sub-category>
</attributes>
<ip-version>
<ipv4>true</ipv4>
<ipv6>true</ipv6>
</ip-version>
<references>http://www.microsoft.com/en-us/server-cloud/windows-server/active-directory.aspx</references>
<id>1194</id>
<underlying-protocols>cifs,ldap,ssl,ms-rpc</underlying-protocols>
<long-description-is-final>true</long-description-is-final>
<long-description>a directory service created by Microsoft for Windows domain networks, responsible for authenticating and authorizing all users and computers within a network of Windows domain type, assigning and enforcing security policies for all computers in a network and installing or updating software on network computers</long-description>
<pdl-version>1</pdl-version>
<uses-bundling>false</uses-bundling>
</protocol>
<protocol>
<name>activesync</name>
<engine-id>7</engine-id>
<enabled>true</enabled>
<selector-id>490</selector-id>
<help-string>Microsoft Activesync protocol </help-string>
<global-id>L7:490</global-id>
<common-name>ActiveSync</common-name>
<static>false</static>
<attributes>
<category>business-and-productivity-tools</category>
<application-group>other</application-group>
<p2p-technology>false</p2p-technology>
<tunnel>false</tunnel>
<encrypted>true</encrypted>
<sub-category>client-server</sub-category>
</attributes>
<ip-version>
<ipv4>true</ipv4>
<ipv6>true</ipv6>
</ip-version>
<references>http://msdn.microsoft.com/en-us/library/dd299446(v=exchg.80).aspx</references>
<id>1419</id>
<underlying-protocols>http</underlying-protocols>
<long-description-is-final>true</long-description-is-final>
<long-description>ActiveSync is a mobile data synchronization technology and protocol based on HTTP, developed by Microsoft. There are two implementations of the technology: one which synchronizes data and information with handheld devices with a specific desktop computer, and another technology, commonly known as Exchange ActiveSync (or EAS), which provides push synchronization of contacts, calendars, tasks, and email between ActiveSync-enabled servers and devices.</long-description>
<pdl-version>1</pdl-version>
<uses-bundling>false</uses-bundling>
</protocol>
.
.
.
.
|
Related Topic |
Document Title |
|---|---|
|
Cisco IOS commands |
|
|
Cisco IOS LAN Switching commands |
|
|
Cisco IOS QoS configuration information |
QoS Configuration Guide |
|
Standards/RFCs |
Document Title |
|---|---|
|
RFC 3551 |
RTP Profile for Audio and Video Conferences with Minimal Control |
|
RFC 6101 |
The Secure Sockets Layer (SSL) Protocol Version 3.0 |
|
Description |
Link |
|---|---|
|
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. |
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.|
Feature Name |
Releases |
Feature Information |
|---|---|---|
|
NBAR Protocol Pack |
15.2(2)T |
The NBAR Protocol Pack feature provides an easy method to configure the protocol pack, which is a set of protocols developed and packed together. The following commands were introduced or modified: default ip nbar protocol-pack , ip nbar protocol-pack , and show ip nbar protocol-pack . |
|
NBAR2: Integrate NBAR Taxonomy into the Router |
15.4(1)T |
The NBAR taxonomy contains the information such as common name, description, underlying protocol, for every protocol that is available in the protocol pack. The following section provides information about this feature: NBAR Protocol Pack Overview. The following commands were introduced or modified: show ip nbar protocol-pack . |
Feedback