From: Jared Scrivener (jscrivener@ipexpert.com)
Date: Wed Feb 18 2009 - 14:53:16 ARST
Then you can modify the policy slightly.
class-map match-any IMAGES
match protocol http url "*.jpg"
match protocol http url "*.jpeg"
match protocol http url "*.gif"
class-map match-all WEB
match protocol http host "www.abc.com"
Class-map match-all BADWEB
Match class-map IMAGES
Match class-map WEB
policy-map POLICY
class BADWEB
drop
class WEB
bandwidth 32000
int f0/0
service-policy input POLICY
As to whether you want to match on URL or MIME it is up to you - both should
work for your example. The MIME header is just a portion of the HTTP packet
which you can choose to match on.
I actually prefer using the URL method as remembering MIME types is tedious
(hence I changed my selected method above).
Cheers,
Jared Scrivener CCIE3 #16983 (R&S, Security, SP), CISSP
Technical Instructor - IPexpert, Inc.
Telephone: +1.810.326.1444
Fax: +1.810.454.0130
Mailto: <mailto:jscrivener@ipexpert.com> jscrivener@ipexpert.com
From: olumayokun fowowe [mailto:olumayokun@gmail.com]
Sent: Wednesday, 18 February 2009 11:40 AM
To: jscrivener@ipexpert.com
Cc: Henry Ugwuadu; Cisco certification
Subject: Re: QOS with nbar
Hello Jared,
Actually, the image files I want to drop are those that might be contained
in the web site http://www.abc.com. Secondly, why do we need to use mime
for matching and not url?
Thanks for your time.
On 2/18/09, Jared Scrivener <jscrivener@ipexpert.com> wrote:
Policy maps are processed top down. In both answers you'll ignore the mime
type as you are applying the WEB policy first. Try changing it to this:
class-map match-any IMAGES
match protocol http mime "*.jpg"
match protocol http mime "*.jpeg"
match protocol http mime "*.gif"
class-map match-all WEB
match protocol http host "www.abc.com"
Class-map match-all BADWEB
Match class-map IMAGES
Match class-map WEB
policy-map POLICY
class BADWEB
drop
class WEB
bandwidth 32000
int f0/0
service-policy input POLICY
Cheers,
Jared Scrivener CCIE3 #16983 (R&S, Security, SP), CISSP
Technical Instructor - IPexpert, Inc.
Telephone: +1.810.326.1444
Fax: +1.810.454.0130
Mailto: jscrivener@ipexpert.com
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Henry Ugwuadu
Sent: Wednesday, 18 February 2009 7:33 AM
To: olumayokun fowowe
Cc: Cisco certification
Subject: Re: QOS with nbar
Hello mayokun,
You can try this.
class-map match-any IMAGES
match protocol http mime "*.jpg"
match protocol http mime "*.jpeg"
match protocol http mime "*.gif"
class-map match-all WEB
match protocol http host "www.abc.com"
class-map match-all DROP
match class-map WEB
match class-map IMAGES
policy-map POLICY
class WEB
bandwidth 32000
class DROP
drop
int f0/0
ip nbar protocol-discovery
service-policy input POLICY
HTH,
Henro
On 18 Feb 2009, at 13:07, olumayokun fowowe wrote:
> Hello all,
>
> I ve got a scenario here, I want to allocate 32kbps for replies from a
> webserver for address with the url http:// www.abc.com . And I want my
> router to drop any image file of type jpeg, jpg and gif. Is the
> following
> config correct:
>
> class-map match-all WEB
> match protocol http url http://www.abc.com/*
>
> class-map mat-all IMAGES
> match protocol http url http://www.abc.com/*
> match protocol http url *.jpg|*.jpeg|*.gif
>
> policy-map POLICY
> class WEB
> police 32000
> class IMAGES
> drop
>
> int f0/0
> service-policy in POLICY
>
>
> What I'm really concerned about is the IMAGES class where I have a
> match-all. Will my solution still be correct?
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:11 ARST