05-27-2008 10:22 AM - edited 03-05-2019 11:15 PM
Folks:
Am I missing something or is it indeed the case that Cisco switches -- not routers -- do NOT support NBAR?
I cant seem to find one switch/software platform that supports NBAR...
Anyone?
Thank you ahead of time....
Victor
Solved! Go to Solution.
05-27-2008 10:00 PM
We all do feel that NBAR should be supported on Cisco swicthes but the reality is that NBAR is very CPU intensive feature and it can severely degrade the network performance if done in software. All the LAN device carry a huge traffic across the network and any device that is doing the software based NBAR classification in the middle can impact the LAN peformance.
Sup32 with PISA has a dedicated hardware engine for NBAR classifcation and matching it with the policies in QOS. Sup 720 might be on the way with PISA card on it. Unless we have the dedicated hardware engine for this, I dont see it to be avialable in near future.
My thougths..
-amit singh
05-27-2008 03:39 PM
Within the 6500/7600 series, a couple of the WAN boards support NBAR, e.g. FlexWAN and SIP-200 I believe. Even with those boards, NBAR can't be applied to other interfaces not on the board. The Sup32-PISA supports NBAR (and FPM).
PS:
Suspect underlying issue is performance. Note the Sup32-PISA is only rated for 2 Gbps when doing deep packet inspection to support NBAR or FPM.
05-27-2008 03:42 PM
Lamav,
I don't believe that full scale NBAR is supported on any catalyst switch. The only documentation that I have found says that NBAR can only be implemented on an MSFC2 with Supervisor Engine 1 or Supervisor Engine 2 on the 6500 series switches. Other than that it appears you need a router. Here are a few helpful links.
http://www.cisco.com/en/US/docs/ios/12_4/qos/configuration/guide/hdtnbara.html#wp1050810
HTH,
Mark
05-27-2008 04:54 PM
Joseph:
How the hell have ya been, man?? Long time. The last time we communicated we argued -- again! LOL..
Im really glad you answered my post, buddy. I know you're THE man when it comes to QoS and related topics. I was hoping you would contribute...
I'll investigate the 6500 with the PISA...that sounds familiar, actually.
Mark:
Im going to check out those links. Thank you kindly for the info.
I do think its weird that switches dont support NBAR fully. You would think that application recognition is something you would want right at the first network hop on the LAN....but what do I know? :-)
Victor
05-27-2008 05:51 PM
Victor,
I totally agree! NBAR should be fully supported on all core, and distribution layer switches, as well as the higher end access layer switches. Thanks for the rating! I hope the posted info helps.
Mark
05-27-2008 10:00 PM
We all do feel that NBAR should be supported on Cisco swicthes but the reality is that NBAR is very CPU intensive feature and it can severely degrade the network performance if done in software. All the LAN device carry a huge traffic across the network and any device that is doing the software based NBAR classification in the middle can impact the LAN peformance.
Sup32 with PISA has a dedicated hardware engine for NBAR classifcation and matching it with the policies in QOS. Sup 720 might be on the way with PISA card on it. Unless we have the dedicated hardware engine for this, I dont see it to be avialable in near future.
My thougths..
-amit singh
05-28-2008 01:20 AM
Thanks for that explanation, Amit. That really clears things up.
Victor
07-15-2008 06:03 PM
Can anyone shed any light on exactly how autoqos is supported on catalyst switches but NBAR is not? According to all the Cisco documentation that I have read on autoqos it uses NBAR for traffic classification.
Also, I don't understand the explanation that NBAR is not supported because it is too cpu intensive when a 2610 router can run nbar. I understand that the classification process would require some extra brain power but if a 2610 can do it how hard could it be really?
07-15-2008 09:28 PM
with auto Qos in cisco switches the clasiffication mostly based on COS and DSPs values not NBAR and also auto qos do wrr for input and out queues on switch ports
while nbar used with router auto qos
if helpful rate
07-16-2008 05:47 AM
thank you and thank you.
07-16-2008 05:59 PM
then rate the helpful post : )
07-16-2008 03:18 AM
". . . how hard could it be really?"
Consider that the sup32-PISA offers a 15 Mpps forwarding rate but bandwidth thoughtput can drop to 2 Gbps when using NBAR/FPM functions.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: