From: Sam (syed_wsu@yahoo.com)
Date: Tue Apr 24 2007 - 03:01:15 ART
Hi Maureen,
Thanks for the reply,
If I understand correctly in that case since we can
use the CB shaping and it has to be done outbound in
that case are you saying that we have have the service
policy applied to the FR interface?
In that case my concern is do we have to have any map
class created for it or can we apply the service
policy directly to the interface. If i remember
correctly we can apply the service poliy to the FR
interface directly only if we dont have the FRTS
command configured and n my case i dont so is that
correct?
Thanks
sam
--- maureen schaar <maureen.schaar@gmail.com> wrote:
> Why can't this be done on a single interface?
> Policing can be done
> both inbound and outbound, so using only one service
> policy on the
> interface for catching the return traffic, would
> suffice. If you had
> to use cb shaping, then you would have to do this
> outbound on the
> other interface.
>
> I think the preferred way to match a url would be to
> split it in two
> parts. For example: http:://www.abc.com/index.html
>
> Results in:
> match protocol http host www.abc.com
> match protocol http url index.html
>
> You can test this in your lab by using response time
> reporter (or
> currently sla monitor).
> Put an image file and html file in the flash of the
> router that
> simulates the web server
> Enable 'http server'
> Now create an rtr (ip sla) monitor to get this image
> and html file
> from the router where your clients are located.
> NOTE: I tested this
> before and you HAVE TO specify http version 1.1. If
> you don't you will
> get strange results for the url match (took me hours
> to finally
> understand why my url match was not working as I
> expected).
>
> HTH
>
> Maureen
>
> On 4/22/07, Sam <syed_wsu@yahoo.com> wrote:
> > Hi All,
> >
> > I have question for doing Policing using NBAR.
> >
> > R1----FR----(S1)R2(F0)----Internet
> > I want configure QOS in such a way that when users
> > sitting behind R1 access internet then the replies
> > from the net should satisfy the following policy
> > 1. answeres from the internet from site abc.com is
> > policed at 128000bps
> > 2. Drop any traffic that contains pics.
> >
> > My proposed solution:
> > This cannot be done on single interface so i tried
> to
> > do policing on S1 and drop traffic with pics on
> F0.
> > Please let me know if this is correct.. If not how
> > should i change it.
> >
> > Also my doubt is since the link between R1 and R2
> is
> > FR so can i apply the service policy directly to
> > serial interface or should i use map
> class(Remember I
> > am not doing any FRTS)
> >
> > class-map match-all pictures
> > match protocol http url "*.jpg*|*.jpeg*|*.gif*"
> > class-map match-all www
> > match protocol http url "http://abc.com*"
> > !
> > !
> > policy-map pictures
> > class pictures
> > drop
> > policy-map www
> > class www
> > police 128000
> >
> > interface FastEthernet0
> > service-policy input pictures
> >
> > interface Serial1
> > encapsulation frame-relay
> > service-policy output www
> >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam? Yahoo! Mail has the best spam
> protection around
> > http://mail.yahoo.com
> >
> >
>
This archive was generated by hypermail 2.1.4 : Tue May 01 2007 - 08:28:37 ART