Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Blue

NBAR Support

Folks:

Am I missing something or is it indeed the case that Cisco switches -- not routers -- do NOT support NBAR?

I cant seem to find one switch/software platform that supports NBAR...

Anyone?

Thank you ahead of time....

Victor

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: NBAR Support

We all do feel that NBAR should be supported on Cisco swicthes but the reality is that NBAR is very CPU intensive feature and it can severely degrade the network performance if done in software. All the LAN device carry a huge traffic across the network and any device that is doing the software based NBAR classification in the middle can impact the LAN peformance.

Sup32 with PISA has a dedicated hardware engine for NBAR classifcation and matching it with the policies in QOS. Sup 720 might be on the way with PISA card on it. Unless we have the dedicated hardware engine for this, I dont see it to be avialable in near future.

My thougths..

-amit singh

11 REPLIES
Super Bronze

Re: NBAR Support

Within the 6500/7600 series, a couple of the WAN boards support NBAR, e.g. FlexWAN and SIP-200 I believe. Even with those boards, NBAR can't be applied to other interfaces not on the board. The Sup32-PISA supports NBAR (and FPM).

PS:

Suspect underlying issue is performance. Note the Sup32-PISA is only rated for 2 Gbps when doing deep packet inspection to support NBAR or FPM.

Re: NBAR Support

Lamav,

I don't believe that full scale NBAR is supported on any catalyst switch. The only documentation that I have found says that NBAR can only be implemented on an MSFC2 with Supervisor Engine 1 or Supervisor Engine 2 on the 6500 series switches. Other than that it appears you need a router. Here are a few helpful links.

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6558/ps6612/ps6653/prod_qas09186a00800a3ded_ps6616_Products_Q_and_A_Item.html

http://www.cisco.com/en/US/docs/ios/12_4/qos/configuration/guide/hdtnbara.html#wp1050810

HTH,

Mark

Blue

Re: NBAR Support

Joseph:

How the hell have ya been, man?? Long time. The last time we communicated we argued -- again! LOL..

Im really glad you answered my post, buddy. I know you're THE man when it comes to QoS and related topics. I was hoping you would contribute...

I'll investigate the 6500 with the PISA...that sounds familiar, actually.

Mark:

Im going to check out those links. Thank you kindly for the info.

I do think its weird that switches dont support NBAR fully. You would think that application recognition is something you would want right at the first network hop on the LAN....but what do I know? :-)

Victor

Re: NBAR Support

Victor,

I totally agree! NBAR should be fully supported on all core, and distribution layer switches, as well as the higher end access layer switches. Thanks for the rating! I hope the posted info helps.

Mark

Cisco Employee

Re: NBAR Support

We all do feel that NBAR should be supported on Cisco swicthes but the reality is that NBAR is very CPU intensive feature and it can severely degrade the network performance if done in software. All the LAN device carry a huge traffic across the network and any device that is doing the software based NBAR classification in the middle can impact the LAN peformance.

Sup32 with PISA has a dedicated hardware engine for NBAR classifcation and matching it with the policies in QOS. Sup 720 might be on the way with PISA card on it. Unless we have the dedicated hardware engine for this, I dont see it to be avialable in near future.

My thougths..

-amit singh

Blue

Re: NBAR Support

Thanks for that explanation, Amit. That really clears things up.

Victor

New Member

Re: NBAR Support

Can anyone shed any light on exactly how autoqos is supported on catalyst switches but NBAR is not? According to all the Cisco documentation that I have read on autoqos it uses NBAR for traffic classification.

Also, I don't understand the explanation that NBAR is not supported because it is too cpu intensive when a 2610 router can run nbar. I understand that the classification process would require some extra brain power but if a 2610 can do it how hard could it be really?

Re: NBAR Support

with auto Qos in cisco switches the clasiffication mostly based on COS and DSPs values not NBAR and also auto qos do wrr for input and out queues on switch ports

while nbar used with router auto qos

if helpful rate

New Member

Re: NBAR Support

thank you and thank you.

Re: NBAR Support

then rate the helpful post : )

Super Bronze

Re: NBAR Support

". . . how hard could it be really?"

Consider that the sup32-PISA offers a 15 Mpps forwarding rate but bandwidth thoughtput can drop to 2 Gbps when using NBAR/FPM functions.

534
Views
20
Helpful
11
Replies
CreatePlease to create content