nbar to match http hostname (IE Vol2 lab8)

From: dampened (cheechew@hotmail.com)
Date: Mon Nov 13 2006 - 04:35:10 ART

• Next message: dampened: "major network and classful"
• Previous message: Udo: "RE: Filter Routing updates with Prefix-List"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

It asked to only allow web traffic to www.internetworkexpert.com/webapp.
Other non web traffic should no be dropped.

My solution is simpler than the given one which is using hierarcical
policy-map.

class-match match-all class1
 match protocol http host www.internetworkexpert.com
 match protocol http url webapp/*

class-match match-all class2
 match protocol http

policy-map policy1
 class class1
 class class2
  drop
 class class-default

My problems are
1) I need opinion of the config shown, is there any problem can be observed.
2) I can never match the part of the http host. As you know, in actual http
traffic, www.internetworkexpert.com will be translated back to IP. I am
totally out of idea how this mechanism work to match the dns host of the
url. Highly appreciate if someone can shed some light here.

• Next message: dampened: "major network and classful"
• Previous message: Udo: "RE: Filter Routing updates with Prefix-List"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Dec 01 2006 - 08:05:46 ART