NBAR2 is Cisco’s latest generation of NBAR, providing a greater level of traffic classification based on its Deep Packet Inspection (DPI) engine. With over 1000 application signatures, and constantly updated protocol packs, NBAR2 has an added benefit to further identify and match multiple applications based on groups. For example, POP3, SMTP, MS Exchange, IMAP, and Gmail fall under the ‘email’ group. 1
Use of NBAR2 extends to AVC as it provides the application recognition portion of the technology. With NBAR2 we can determine the exact traffic type as it traverses the router. Instead of only showing HTTP or HTTPS traffic, we can peek into the actual nature of the web traffic. The following example displays the current and peak traffic rates of YouTube and Skype, both NBAR2 supported protocols according to:
By opening up the LiveNX Flow Report, we can see the Application Tag used by AVC, derived from the NBAR2 DPI Engine. The following example shows YouTube assigned to 13:82.
LiveNX also allows full NBAR2 QoS control on Cisco routers both on a per-application level and also at the higher group level as we discussed earlier. T he following screenshots show an example where a network engineer is using the “browsing” group in his or her QoS classification. The “browsing” group includes applications such as flash-video, flash myspace, flash yahoo, http, shockwave and others. Taking advantage of Cisco’s NBAR2 grouping feature vastly reduces the complexity and verbosity of the router configuration.