RE: Service-Policy and ACL-->SOLVED!

From: Digital Yemeni (digital-yemeni@hotmail.com)
Date: Sun Mar 11 2007 - 01:35:13 ART

• Next message: David Fuller: "Re: Re-Certificaiton Exam"
• Previous message: Digital Yemeni: "Service-Policy and ACL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

OK! Very intersting in a sense that the order of the match inside the
class-map must be logical for it to work correctly ;-) Thanks to me for
solving it for myself! nice catch though!

Best Regards,

Digital
------------------------------------------------------------------------------------------------------------------

***********************************************************************************
*.* You'll NEVER succeed as a "CCIE" until you LOVE Cisco MORE than your
sleep! *.*
***********************************************************************************
I've not slept for the past 5 years and I'm expected to be busy for the next
57 years + The 5 CCIEs preparation adds on that a bit. Therefore, please be
concise on your email. Thank you!

>From: "Digital Yemeni" <digital-yemeni@hotmail.com>
>Reply-To: "Digital Yemeni" <digital-yemeni@hotmail.com>
>To: ccielab@groupstudy.com
>Subject: Service-Policy and ACL
>Date: Sun, 11 Mar 2007 04:14:46 +0000
>
>Hi beloved guys!
>
>I was messing up with QoS and i found something may look strange!
>
>I created a class-map to match some URL using NBAR AND an ACL that matches
>tcp port 80 in a (match-all) class-map fashion.
>
>Puting the class-map in a policy-map and then apply it to an interface
>using the service-policy. When i did a test telnet using port 80 from a
>remote host IP (that's part of the ACL IP range) and view the hits in the
>ACL i can't see anything! However, applying the ACL alone (same direction
>as the service-policy) i can see the hits!!
>
>
>What's going on?!
>
>Is the class-map must be true (that's, the match-all) for the ACL to kick
>in? Theoretically, this won't be the case because the ACL is hit first
>before URL is looked at! right?!
>
>
>
>Best Regards,
>
>Digital
>------------------------------------------------------------------------------------------------------------------
>
>
>***********************************************************************************
>*.* You'll NEVER succeed as a "CCIE" until you LOVE Cisco MORE than your
>sleep! *.*
>***********************************************************************************
>I've not slept for the past 5 years and I'm expected to be busy for the
>next 57 years + The 5 CCIEs preparation adds on that a bit. Therefore,
>please be concise on your email. Thank you!
>
>_________________________________________________________________
>Don't just search. Find. Check out the new MSN Search!
>http://search.msn.com/
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html

• Next message: David Fuller: "Re: Re-Certificaiton Exam"
• Previous message: Digital Yemeni: "Service-Policy and ACL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Apr 01 2007 - 06:35:50 ART