Nbar2 Custom Applications - Cisco Catalyst 9500 Manual

Configuring Application Visibility and Control in a Wired Network
Step 2
Step 3
Step 4

NBAR2 Custom Applications

NBAR2 supports the use of custom protocols to identify custom applications. Custom protocols support
protocols and applications that NBAR2 does not currently support.
In every deployment, there are local and specific applications which are not covered by the NBAR2 protocol
pack provided by Cisco. Local applications are mainly categorized as:
• Specific applications to an organization
• Applications specific to a geography
NBAR2 provides a way to manually customize such local applications. You can manually customize
applications using the command ip nbar custom myappname in global configuration mode. Custom
applications take precedence over built-in protocols. For each custom protocol, user can define a selector ID
that can be used for reporting purposes.
There are various types of application customization:
Generic protocol customization
• HTTP
• SSL
• DNS
Composite : Customization based on multiple underlying protocols – server-name
Layer3/Layer4 customization
• IPv4 address
• DSCP values
• TCP/UDP ports
Command or Action
interface interface-id
Example:
Device(config)# interface Gigabitethernet
1/0/1
ip flow monitor monitor-name { input |
output }
Example:
Device(config-if) # ip flow monitor
flow-monitor-1 input
end
Example:
Device(config)# end
System Management Configuration Guide, Cisco IOS XE Amsterdam 17.2.x (Catalyst 9500 Switches)
NBAR2 Custom Applications
Purpose
Enters the interface configuration mode.
Associates a flow monitor to the interface for
input and/or output packets.
Returns to privileged EXEC mode.
Alternatively, you can also press Ctrl-Z to exit
global configuration mode.
145