From: stephen skinner (stephenski@gmail.com)
Date: Thu Aug 28 2008 - 23:57:10 ART
Thanks for the clarification Huan , that would explain why its not working
!!
Cheers
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Huan
Pham
Sent: 28 August 2008 14:55
To: ccielab@groupstudy.com
Subject: Re: QOS Direction question clarification
Hi Stephen,
As best practice, marking should be used as closed to the traffic source as
possible. R4 would be the best candidate to do marking. However, depending
on the scenario constraints, R3 is also a good option (especially if you
want to enable QoS for the link from R3 to R1 only).
I would do match based on ACL
ip access-list extended WEB_RETURN_TRAFFIC
permit tcp VLAN3 eq www VLAN1
permit tcp VLAN3 eq www VLAN2
class-map match-all WWW
match access-group name WEB_RETURN_TRAFFIC
To match return traffic from Web server, you cannot use match url
"www.groupstudy.com" for the two reasons:
- The URL exists only in the requests from webclients to the server (someone
pls correct me if I am wrong)
- You can match URL for the portion after the domain name. To match the
domain name, you should use match http host
Check the command reference for details. Here's quoted directly from there.
HTTP client request matching supports GET, PUT, HEAD, POST, DELETE, OPTIONS,
and TRACE. When matching by URL, NBAR recognizes the HTTP packets containing
the URL and then matches all packets that are part of the HTTP request. When
specifying a URL for classification, include only the portion of the URL
that follows the www.hostname.domain in the match statement. For example,
for the URL www.cisco.com/latest/whatsnew.html, include only
/latest/whatsnew.html with the match statement (for instance, match protocol
http url /latest/whatsnew.html).
The following example classifies, within class map class1, HTTP packets
based on any URL containing the string whatsnew/latest followed by zero or
more characters:
class-map class1
match protocol http url whatsnew/latest*
The following example classifies, within class map class2, packets based on
any hostname containing the string cisco followed by zero or more
characters:
class-map class2
match protocol http host cisco*
--- On Thu, 8/28/08, stephen skinner <stephenski@gmail.com> wrote:
> From: stephen skinner <stephenski@gmail.com>
> Subject: QOS Direction question clarification
> To: ccielab@groupstudy.com
> Date: Thursday, August 28, 2008, 2:34 PM
> hello,
>
> i have the following question
>
> users in Vlan 1 and 2 connect to a web server in vlan 3
>
> mark all "replies from the web server" as
> "anything"
>
> what i want to make sure of is that i get my DIRECTION the
> right way round
>
> match url " www.groupstudy.com"
>
> VLAN1 - R1 ----R3---R4 VLAN3 FA0/0
> VLAN2 - R1 ----R3---R4 VLAN3 FA0/0
>
> in answering this question i would apply my policy INBOUND
> on the FA0/0 on
> R3 , as the server would send all replies back int the
> fa0/0 , for the
> replies to get sent to the users .
>
> Thats Right , Yes ??
>
> TIA
>
> --
> Only two things are infinite, the universe and human
> stupidity, and I'm not
> sure about the former.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Sep 01 2008 - 08:15:33 ART