From: simon hart (simon.hart@btinternet.com)
Date: Fri Jun 17 2005 - 18:02:51 GMT-3
Tim
The default behaviour of NBAR is to look at both directions i.e. source and
destination. I believe that on all the match protocol commands you cannot
specify a direction, however if you create a custom nbar you can stipulate
the direction of the traffic. If you do not stipulate the direction then it
will default to both way
http://www.cisco.com/en/US/products/sw/iosswrel/ps1833/products_feature_guid
e09186a0080087cd0.html#wp1085738
HTH
Simon
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
ccie2be
Sent: 17 June 2005 21:34
To: Group Study
Subject: match protocol
Hi guys,
Let's say I have this config:
class-map WWW
match protocol http
In terms of source or destination port, which is the above config equivalent
to?
access-list 100 permit tcp any eq www any <-- matches responses from a
web server
or
access-list 100 permit tcp any any eq www <--- matches requests to a web
server
or does it depend on in which direction I apply the service-policy?
While at first glance this might seem like a trivial issue, if the MQC
syntax is only equivalent to one of those acl statements, we better know
which one if we want to use the MQC construct and still make all our points
on the lab.
Any thoughts or comments?
TIA, Tim
This archive was generated by hypermail 2.1.4 : Wed Jul 06 2005 - 14:43:41 GMT-3