nbar to match http hostname (IE Vol2 lab8)

From: dampened (cheechew@hotmail.com)
Date: Thu Nov 16 2006 - 07:42:26 ART

• Next message: Ivan: "Re: eigrp distance XX setting..."
• Previous message: Frank: "Re: ospf without area 0"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

It asked to only allow web traffic to www.internetworkexpert.com/webapp.
Other non web traffic should no be dropped.

My solution is simpler than the given one which is using hierarcical
policy-map.

class-match match-all class1
 match protocol http host www.internetworkexpert.com
 match protocol http url webapp/*

 class-match match-all class2
 match protocol http

 policy-map policy1
 class class1
 class class2
  drop
 class class-default

 My problems are
1) I need opinion of the config shown, is there any problem can be observed.
2) I can never match the part of the http host. As you know, in actual http
traffic, www.internetworkexpert.com will be translated back to IP. I am
 totally out of idea how this mechanism work to match the dns host of the
url. Highly appreciate if someone can shed some light here.

• Next message: Ivan: "Re: eigrp distance XX setting..."
• Previous message: Frank: "Re: ospf without area 0"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Dec 01 2006 - 08:05:47 ART