From: Administrator (Administrator@Subfighter.ca)
Date: Tue Nov 18 2008 - 23:00:23 ARST
Here is the config, I have sanitized it a bit ...
!
hostname WOW_1710
memory-size iomem 25
aaa new-model
!
!
aaa session-id common
ip subnet-zero
!
!
no ip domain lookup
!
ip cef
ip audit notify log
ip audit po max-events 100
vpdn enable
!
vpdn-group pppoe
request-dialin
protocol pppoe
!
no ftp-server write-enable
!
!
!
!
!
!
class-map match-all TELNET
match protocol telnet
class-map match-all youtube
match protocol http host "*youtube.com*"
!
!
policy-map BLOCK-youtube
class youtube
drop
class TELNET
drop
!
!
!
interface Ethernet0
no ip address
full-duplex
pppoe enable
pppoe-client dial-pool-number 1
!
interface FastEthernet0
ip address 192.168.1.1 255.255.255.0 secondary
ip address 10.1.200.200 255.255.255.0
ip nat inside
speed auto
full-duplex
!
interface Dialer1
ip address negotiated
ip mtu 1452
ip nat outside
service-policy output BLOCK-youtube
encapsulation ppp
ip tcp adjust-mss 1392
dialer pool 1
dialer-group 1
ppp authentication pap callin
!
ip nat inside source route-map NAT interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
access-list 118 permit ip 192.168.1.0 0.0.0.255 any
access-list 118 permit ip 10.1.200.0 0.0.0.255 any
!
route-map NAT permit 10
match ip address 118
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
WOW_1710#
________________________________
From: Pavel Bykov [mailto:slidersv@gmail.com]
Sent: Tue 11/18/2008 7:42 PM
To: Administrator
Cc: omar parihuana; ccielab@groupstudy.com
Subject: Re: CBWFQ to block Youtube
Please post us your show class-map, show policy-map and show run int x/x
to see how your class-maps are defined, policy-maps and how you are applying
it.
Also, Do you have IP CEF enabled globally? without it it will not work.
P.S.: Brian, is that monkey talking on the microphone? :) I think everybody
gets spam like that at work all the time. we do. I wouldn't quite put it in a
time killer though.
If someone wanted to waste time, there are whole realms dedicated to progress
your boredom. e.g.: bored.com
On Wed, Nov 19, 2008 at 1:16 AM, Administrator <Administrator@subfighter.ca>
wrote:
I have entered this exactly, and still things hit the default-class for some
reason. Is it because I also have nat on the router ? Does that affect the
configuration someway ?
________________________________
From: omar parihuana [mailto:omar.parihuana@gmail.com]
Sent: Tue 11/18/2008 3:43 PM
To: Administrator
Cc: ccielab@groupstudy.com
Subject: Re: CBWFQ to block Youtube
Try this:
Voice_GW_LAB#sh run class-map
Building configuration...
Current configuration : 81 bytes
!
class-map match-all youtube
match protocol http host "*youtube.com*"
!
end
Voice_GW_LAB#sh run policy-map
Building configuration...
Current configuration : 59 bytes
!
policy-map BLOCK-youtube
class youtube
drop
!
end
Voice_GW_LAB#sh run int f0/1
Building configuration...
Current configuration : 234 bytes
!
interface FastEthernet0/1
...
service-policy output BLOCK-youtube
end
Voice_GW_LAB#
Voice_GW_LAB#sh policy-map interface f0/1
FastEthernet0/1
Service-policy output: BLOCK-youtube
Class-map: youtube (match-all)
27 packets, 29642 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: protocol http host "*youtube.com*"
drop
Class-map: class-default (match-any)
15842 packets, 1412490 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Voice_GW_LAB#
On Tue, Nov 18, 2008 at 2:59 PM, Administrator <Administrator@subfighter.ca>
wrote:
Hi there, I was just doing a lab and thought I would try something on
my
test
DSL connection.
My intent was to block www.youtube.com with QOS
Here is what I have ...
!
class-map match-all YOUTUBE
match protocol http url "www.youtube.com"
!
!
policy-map CBWFQ_SHAPE_OUT
class YOUTUBE
drop
!
!
interface Ethernet0
service-policy output CBWFQ_SHAPE_OUT
!
But for some reason, it doesnt work. I have CEF enabled. When I do a
show
policy-map int e0, it shows everything hitting the default
class-default
I am sure I am missing something simple, but my QOS skillz are low and
am
trying to build them. Thanks !
Blogs and organic groups at http://www.ccie.net
_____________________________________________________________________
__
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
--
Omar E.P.T
-----------------
Certified Networking Professionals make better Connections!
Blogs and organic groups at http://www.ccie.net
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
-- Pavel Bykov ------------------------------------------------- Stop the braindumps! http://www.stopbraindumps.com/Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Dec 01 2008 - 08:18:30 ARST