From: Larry Chuon (lchuon@gmail.com)
Date: Sat Jun 03 2006 - 09:02:53 ART
Hi everyone,
Will I accomplish the task if I changed the class-map to:
class-map match-any IMAGES
match protocol http url "*.jpeg|*.jpg|*.gif|*.png"
TIA,
Larry
On 6/1/06, Petr Lapukhov <petrsoft@gmail.com> wrote:
>
> Koen, I alredy mention that in previous thread.. :)
>
> You apply policy for HTTP INBOUND. At the same time,
> NBAR recognizes OUTGOING URLs with GET requests,
> and classifies return traffic as HTTP stream, relatedto that
> URLs.
>
> (Also, matchig MIME types will work too. But if you see stuff
> like "*.jpeg" you should clearly think of URL matching).
>
> Here is a scenario where you can verify that:
>
> ----------
>
> R1 is downloading images from SW1, which is the HTTP server
> with ip address 151.10.7.7
>
> R3 is in control of data streams. It utilizes policy map
> inbound on interface Fa 0/0.
>
> -----------
>
> (Following text is best viewed with Courier New Font ;))
>
> R1-----R3::Fa0/0----SW1::Lo0(7.7/24)
>
> SW1:
>
> SW1#sh running-config | inc ip http
> ip http server
> ip http path flash:
>
> SW1#dir flash:*.jpeg
> Directory of flash:/*.jpeg
>
> 95 -rwx 2227 Mar 2 1993 00:28:03 +00:00 image.jpeg
>
>
> R3:
> !
> class-map match-any IMAGES
> match protocol http url "*.jpeg"
> match protocol http url "*.jpg"
> match protocol http url "*.gif"
> match protocol http url "*.png"
> !
> policy-map TEST
> class IMAGES
> police 128000
> !
> interface FastEthernet0/0
> ip address 151.10.33.3 255.255.255.0
> ip nbar protocol-discovery
> service-policy input TEST
> end
>
> R1#copy http://151.10.7.7/image.jpeg null:
> Loading http://151.10.7.7/image.jpeg !
> 2227 bytes copied in 0.040 secs (55675 bytes/sec)
>
> R1#copy http://151.10.7.7/image.jpeg null:
> Loading http://151.10.7.7/image.jpeg !
> 2227 bytes copied in 0.040 secs (55675 bytes/sec)
>
> R3#show ip nbar protocol-discovery interface fastEthernet 0/0 protocol
> http
>
> FastEthernet0/0
> Input Output
>
> ----- ------
>
> Protocol Packet Count Packet Count
>
> Byte Count Byte Count
>
> 5min Bit Rate (bps) 5min Bit Rate (bps)
>
> 5min Max Bit Rate (bps) 5min Max Bit Rate
> (bps)
>
> ------------------------ ------------------------
> ------------------------
> http 12 24
>
> 5594 1544
>
> 0 0
>
> 0 0
>
> unknown 4 4
>
> 240 224
>
> 0 0
>
> 0 0
>
> Total 20 33
>
> 6189 2177
>
> 0 0
>
> 0 0
>
>
> R3#show policy-map interface fastEthernet 0/0
> FastEthernet0/0
>
> Service-policy input: TEST
>
> Class-map: IMAGES (match-any)
> 12 packets, 5594 bytes
> 5 minute offered rate 2000 bps, drop rate 0 bps
> Match: protocol http url "*.jpeg"
> 12 packets, 5594 bytes
> 5 minute rate 2000 bps
> Match: protocol http url "*.jpg"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*.gif"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*.png"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> police:
> cir 128000 bps, bc 4000 bytes
> conformed 12 packets, 5594 bytes; actions:
> transmit
> exceeded 0 packets, 0 bytes; actions:
> drop
> conformed 2000 bps, exceed 0 bps
>
> Class-map: class-default (match-any)
> 14 packets, 1236 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: any
>
>
> HTH
> Petr
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Jul 01 2006 - 07:57:31 ART
