Showing results for 
Search instead for 
Did you mean: 

CISCO NBAR with Citrix priority tag (ICA or CGP)

Level 1
Level 1


We're using Citrix 4.5 on MPLS network with 170 branch offices for one big centralized business application. We're are already using QoS to differentiate Citrix packet traffic (ICA and CGP). We're facing some problems when keyboard/screen refresh packets are competing with citrix printer mapping packets or drive mapping packets.

We're now rolling out a network with a new provider and CISCO routers. We would like to use NBAR (latest version) technology to differentiate Citrix packets based on ICA / CGA priority tags and allocate them to different Class of Services. This would help to increase user experience.

We've made some tests but only (around) half of the packets are recognized and classified in the right class. The remaining 50% packets are classified as Citrix packets by CiSCO NBAR. Neither Citrix nor Cisco experts can give me clear explanation on what is going wrong... Is CISCO NBAR Technology not working as designed or is there something to do with Citrix parameters ?

I would be grateful if someone could tell me if this technology has been used succesfully by customers in such a configuration or if you any idea on what happens


1 Reply 1

Joseph W. Doherty
Hall of Fame
Hall of Fame

I use NBAR for Citrix packet type classification (to also distinguish between screen packet and printing or disk copying packets). I have not, though, confirmed that all packets are properly being matched. I've only noticed that NBAR "sees" some different Citrix packets.

I believe I recall, though, that the Citrix subtype was a later addition to their protocol, so if there were any earlier Citrix protocol packets, NBAR would then be unable to distinguish the kind of Citrix traffic. (I'm not current on Citrix platforms, would assume "Citrix 4.5" would use the later Citrix protocol.)

I also recall(?), Citrix NBAR subtype matching is only present in later NBAR variants. If correct, you might want to confirm what NBAR Citrix version is being used. (NB: also recall, there were NBAR PDLMs for earlier IOSs, but shouldn't be necessary in later IOSs.)

So to summarized the last two points, confirm all your Citrix packets do contain the subtype marking and that your using the latest Citrix NBAR protocol matching version.


If you resolve or discover the cause of this issue, please post a follow-up.

Review Cisco Networking for a $25 gift card