From: Greg Wendel (gwendel@gmail.com)
Date: Mon Mar 03 2008 - 01:16:53 ARST
http://www.groupstudy.com/archives/ccielab/200705/msg01578.html
Here is the original post from Mark:
I observed a useful way of doing this in the InternetworkExpert labs.
Telnet to port 80 and send a HTTP Request String, checking that packets
are matched on the interface your qos policy is applied to.
i.e. Suppose you have a policy that dictates that traffic which included
.xml in the URL is marked with DSCP=CS3 on an ingress interface from
your service provider.
class-map match-all TEST
match protocol http url "*.xml*"
policy-map HTTP
class TEST
set dscp cs3
Int fa0/0
service-policy input HTTP
The input interface fa0/0 now looks like this:
R6#show policy-map int fa0/0
FastEthernet0/0
Service-policy input: HTTP
Class-map: TEST (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: protocol http url "*.xml*"
QoS Set
dscp cs3
Packets marked 0
Class-map: class-default (match-any)
2 packets, 684 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Now go to a router on the other side and generate a http request towards
the interface as follows:
R1#telnet 155.1.46.3 80
Trying 155.1.46.3, 80 ... Open
GET /request.xml HTTP/1.1
HTTP/1.1 400 Bad Request
Date: Sun, 27 May 2007 12:37:47 GMT
Server: cisco-IOS
Connection: close
Accept-Ranges: none
400 Bad Request
[Connection to 155.1.46.3 closed by foreign host]
And now go back and take a look at your policy map on the fast ethernet
interface:
R6#show policy-map int fa0/0
FastEthernet0/0
Service-policy input: HTTP
Class-map: TEST (match-all)
6 packets, 374 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: protocol http url "*.xml*"
QoS Set
dscp cs3
Packets marked 6
Class-map: class-default (match-any)
54 packets, 3827 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
As you can see, the http requests hit the QOS Policy as there have been
6 packets marked. Im not sure of the intricies of HTTP requests but im
pretty sure you can create lots of different types of request to test
the matching of other parameters. If anybody else has any futher
information about the different types of request you can send id be
interested to hear it.
Mark
-----Original Message-----
From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx
<nobody@xxxxxxxxxxxxxx>] On Behalf Of
Peter Svidler
Sent: 27 May 2007 14:05
To: ccielab@xxxxxxxxxxxxxx; security@xxxxxxxxxxxxxx
Subject: Debuging Qos
Folks ;
is there a way to check the effectiveness of the service-policy
command on an interface ?
I m trying to drop http traffic matching certain URL criteria when it
come to the http server of the router , I am using MQC configuration.
I wonder if there is any debug command will show if the criteria is
matching and getting dropped or not ?
thanks in advance
-- Gregory Wendel Springfield VA, 22153
This archive was generated by hypermail 2.1.4 : Tue Apr 01 2008 - 07:53:52 ART