Unleashing Application Visibility and Control by Keeping Up-to-date on Your NBAR2 Protocol Packs!
One of the most common questions I’ve been asked from my LiveAction customers is, “How can I achieve greater application visibility and control in my network?” I’m always happy to point out that by enabling NBAR2 on their ISR4k, ASR1k, ISRG2, CSR or WLC they will gain deep packet application visibility for over 1,000 applications within the traffic flow across their own devices. As the cloud grows and more applications come to life, Cisco identifies those applications by signatures and publishes what is called “protocol packs.” This means that to keep up-to-date with those latest applications my customers also need to keep up-to-date on their devices’ protocol packs. How would you go about this you may ask? Let me show you!
I would first recommend verifying what version of protocol pack you are running. You can do this by going to your device in question and issuing the command: “show IP NBAR protocol-pack active,” or on your WLC it could look like this: “show AVC protocol-pack version.”
Example of the output on my ASR1k:
Hmm, Version 14 seems a little old—let me check out what the latest protocol packs are. First, I would go to: https://software.cisco.com/download/navigator.html and find my ASR1001 model in the navigator. After selecting my device, I’m prompted to “Select a Software Type:”
Here is where I would want to choose “NBAR2 Protocol Packs.”
Here, I can find and download the latest protocol packs. Let me take a look at the latest, Protocol Pack 19.0.1.
Notice above that the version is “15.5(3).” This version needs to match the IOS-XE version on my ASR1k. Let me check my ASR first by issuing “sho ver” on my ASR.
Great, the version matches. I’m good to download the 19.1.0 Protocol Pack! If not, I would have needed to upgrade the IOS-XE code on my ASR.
Once I’ve transferred the downloaded protocol pack to my ASR1k, I can instantly start using it by issuing the command “IP NBAR protocol-pack bootflash:rp-adv-asr1k-155-3.s2-23-10.1.0.pack force” from configuration terminal mode. Once the command is set, I am able to verify the version by executing “do show IP NBAR protocol-pack active.”
You can read about what’s included in Protocol Pack 19.0.1 here: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_nbar/prot_lib/config_library/pp1910/nbar-prot-pack1910/rel-notes-protocol-pack-19-1-0.html, or you can always search Cisco’s database for other NBAR2 protocol packs.
“NBAR2 (Next Generation NBAR) Protocol Pack FAQ.” Cisco Engineers. 25 February 2013. http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/network-based-application-recognition-nbar/qa_C67-723689.html
June 6, 2016
Author: Alex Cameron