Re: Policy based routing question.

From: Nadeem Ansari (nadeem.ansari574@gmail.com)
Date: Wed Feb 25 2009 - 10:46:34 ARST

• Next message: operator sid: "RE: Dynamic NAT vs Static NAT."
• Previous message: Shahnawaz Khot: "Policy based routing question."
• Maybe in reply to: Shahnawaz Khot: "Policy based routing question."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Shahnawaz,

its is seen that you are not observing any matches on your defined class,
actually NBAR matches url and host based on HTTP GET request contents, pls
check wether HTTP method of accessing site should be GET, Also ensure you
have CEF enabled on the interface

Regards
Nadeem

On Wed, Feb 25, 2009 at 5:23 PM, Shahnawaz Khot <shahnawaz4ccie@gmail.com>wrote:

> Hello expert,
>
> What is wrong with my following policy if I am applying this in input
> direction on a vlan interface.
>
> One class(XYZ) matches url string "/home/xyz" which a user is using to
> upload some huge bandwidth files. The idea is to limit him on 32 Kbps.
>
> Another class(XYZ2) is used to limit the bandwidth to access
> www.xyz.com website.
>
>
> class-map match-all XYZ
> match protocol http url "/home/xyz*"
> class-map match-all XYZ2
> match protocol http host "http://www.xyz.com*"
> !
> !
> policy-map XYZ
> class XYZ
> police cir 32000
> class XYZ2
> police cir 32000
>
>
>
> With this double matching, I did not find any packets matched under this
> class whereas users are browsing the site frequently.
>
> CORE-II#show policy-map interface vlan 102
> Vlan102
> Service-policy input: XYZ
> Class-map: XYZ (match-all)
> 0 packets, 0 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol http url "/home/xyz*"
> Class-map: XYZ2 (match-all)
> 0 packets, 0 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol http host "http://www.xyz.com*"
> Class-map: class-default (match-any)
> 475483 packets, 93943800 bytes
> 5 minute offered rate 285000 bps, drop rate 0 bps
> Match: any
>
> XYZ is a keyword use to hide the original website address. Please suggest.
>
>
> Thank you,
> Shahnawaz
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net

• Next message: operator sid: "RE: Dynamic NAT vs Static NAT."
• Previous message: Shahnawaz Khot: "Policy based routing question."
• Maybe in reply to: Shahnawaz Khot: "Policy based routing question."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:12 ARST