Cisco, NBAR2 Live Updates

NBAR2 Live Updates

Protocol Pack 30 is now available on CCO!

Please Note: minimal required release for protocol pack 28 and up is now:
IOS XE 3.16.4bS Version 15.5(3)Sb4, IOS 15.5(3)M4a.

So- what is new, you ask?

Brand new protocols support:
Splunk: platform for collecting and analyzing machine-generated big data, Google-Downloads: Google downloads and updates services
Webex-Control: WebEx protocol control and signaling traffic
Web-Analytics: Web and mobile analytics and customer engagement platforms.
Office 365 updates.
For 3.16.4 users: Introduced granular app detection over QUIC.
Added support for Wifi-Calling on specific operators.
Various improvements and identification enhancements– Gmail, Crashplan, Mysql, Microsoft-SMS, NTP, Teamspeak.
A bunch of bug fixes, see full list in documentation page
And obviously all of pp 28.0, 29.0 content we released last months:
Cisco IPA-SLA (Internet Protocol Service Level Agreement) recognition.
IKE version 2 support.
Strengthening of Vmware-vSphere, Webex-meeting, Ms-SMS, Cisco-Spark, Acano, apple cloud apps detection.
For 3.16.4 IOS-XE / 15.5(3)M4a IOS users: integrated SIP and DNS-SRV engines updates. Newer versions of the engines improve media sessions, audio-video separation and services detection significantly.
We want to hear what you think!
Got anything you want to share with us? Let us know. We want to hear what you need, what works great for you and what we could do even better. Reply to this email, we’ll take it from there…

Check it out on Cisco.com software download page

https://software.cisco.com/download/navigator.html

ASR-920 – Netflow

Restrictions for Netflow Monitoring for ASR 920 Series Routers

*         Netflow monitoring supports only the 7 keys-Source IP, Destination IP, Layer 3 protocol type, TOS, source port, destination port and input logical interface to identify or classify the flow for both IPv4 and IPv6 unicast traffic. All other keys are notsupported.

*         MPLS and BGP-based netflow is not supported.

*         Non-key fields supported are packets and bytes (collect counter packets and collect counter bytes)

*         Only routed ports (IP Ethernet, BDI) and EFP are supported.

*         EFP flow monitoring can be configured only after configuring bridge-domain on the EFP service instance.

*         Flow monitoring of multicast traffic is not supported.

*         Maximum of 16K flows can only be learnt due to FPGA limitations. Though, Netflow supports 16K entries, flows monitored are lower due to hash collisions.

*         FPGA monitor only 1Gbps traffic rate (with minimum frame size of 100 byte). The accounting is accurate only when the overall traffic monitored is within 1Gbps.

*         At interface level, MVPN/MLDP/SPAN/PBR feature cannot be enabled on the same interface with Netflow configuration.

*         Permanent and aggregate flow caches are not supported due to FPGA limitations.

Configuration of caches entries number is not supported.

*         SADT/BFD feature cannot co-exist with Netflow configurations for the following routers:

o    ASR-920-12CZ-A

o    ASR-920-12CZ-D

o    ASR-920-4SZ-A

o    ASR-920-4SZ-D

o    ASR-920-12SZ-IM

o    ASR-920-16CZ-IM

2 port 100 gig module – ASR9000

cards will work with A9K-RSP-4G. However, the RSP2 has only 92G fabric (4x23G lines), so you will need 2xRSP to come even close to the line rate of 200G (on Trident it’s 2x23G per FIA per RSP so max. 184G with dual-FIA 8xNP linecard + dual RSP2 vs. on Typhoon it’s 8x23G lines /with RSP2/ or 8x55G /with RSP440+/ from LC fabric resulting in the same 184G with two RSP2).

 

If you lose one RSP, you will get only half the throughput. Luckily with Typhoon you are not tied to 2x23G per FIA to RSP so you can still operate at 92G throughput no matter what port/FIA the traffic comes through (as the Typhoon LC has own fabric connecting FIAs to RSPs fabric) as opposed to Trident, where you are limited to 2x23G per FIA to single RSP2 so if the FIA has two NPs connected, those two NPs can serve only 46G to ports attached to them. For details check BRKSPG-2904 from Xander back from 2013.

 

Another thing you need to watch is what IOS XR you need to run the cards (for A9K-2X100GE-TR/SE it’s min. 4.2.0) but for certain CFP modules higher version will be required – e.g. CFP-100G-ER4 needs XR 5.1.1.

 

http://www.cisco.com/c/en/us/td/docs/interfaces_modules/transceiver_modules/compatibility/matrix/100GE_Tx_Matrix.html#_Toc451495195

ASR920 vs NCS5000

Cisco live on-demand library is a good starting point:
https://www.ciscolive.com/online/connect/search.ww
 – just search for “920” and it will return two presentations (although I was expecting more than just 2 presos on these),  there are some comparisons as well as scaling numbers.

Well there are only 3 branches in ASR900 family tree as far as I know,
900 Series (902 & 903),
920 Series,
901 Series,
but yes I guess it’s fair to say they are very different to each other.

Regarding the NCS5k(or QFX counterpart), the same rule apply as always, there’s a reason why these are so darn cheap compared to high-end platforms(like e.g. NCS6k), there are architectural sacrifices that were made during the platform development resulting in numerous limitations and only once all these are understood the device can be considered for a given environment.

1 2 3 4 5 20