Re: MCQ from Sergey Khalavchuk on 2009-05-01 (Ccielab archives 05/2009)

From: Sergey Khalavchuk <ratio+groupstudy_at_invalid.org.ua>
Date: Fri, 1 May 2009 16:56:17 +0300

yes, to enable NBAR, you just use 'match protocol XXX' in class-map.
and this works fine without enabling protocol-discovery :)

On Fri, May 1, 2009 at 4:51 PM, David Prall <dcp_at_dcptech.com> wrote:
> Sergey,
> So when you do "match protocol http" without any additional information, protocol-discovery is not required?
>
> The documentation isn't clear to me on this. I've always pinned match protocol to NBAR, my mistake.
> http://www.cisco.com/en/US/docs/ios/12_2/qos/command/reference/qrfcmd5.html#wp1066747
> match protocol http
>
> To configure Network-Based Application Recognition (NBAR) to match Hypertext Transfer Protocol (HTTP) traffic by URL, HOST, or Multipurpose Internet Mail Extension (MIME)-type, use the match protocol http class-map configuration command. To disable NBAR from matching HTTP traffic by URL, HOST, or MIME-type, use the no form of this command.
>
> match protocol http [url url-string | host hostname-string | mime MIME-type]
>
> no match protocol http [url url-string | host hostname-string | mime MIME-type]
>
> David
>
> --
> http://dcp.dcptech.com
>
>
>> -----Original Message-----
>> From: Sergey Khalavchuk [mailto:ratio+groupstudy_at_invalid.org.ua]
>> Sent: Friday, May 01, 2009 9:35 AM
>> To: David Prall
>> Cc: Mohamed Tandou; ccielab_at_groupstudy.com
>> Subject: Re: MCQ
>>
>> protocol discovery is not needed for NBAR operation.
>> it is useful only for watching statistics or nice graphics in SDM.
>>
>> On Fri, May 1, 2009 at 4:16 PM, David Prall <dcp_at_dcptech.com> wrote:
>> > The first requires that you configure NBAR and let it do protocol
>> discovery.
>> >
>> > David
>> >
>> > --
>> > http://dcp.dcptech.com
>> >
>> >
>> >> -----Original Message-----
>> >> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf
>> Of
>> >> Mohamed Tandou
>> >> Sent: Friday, May 01, 2009 7:47 AM
>> >> To: ccielab_at_groupstudy.com
>> >> Subject: MCQ
>> >>
>> >> Hello GS,
>> >> is there any difference using the following or both will give the
>> same
>> >> result
>> >>
>> >> class-map B WEB
>> >> match protocol http
>> >>
>> >> B and
>> >>
>> >> access-list 101 permit tcp any any eq www
>> >>
>> >> class-map WEB
>> >> match access-group 101
>> >>
>> >> Thanks
>> >>
>> >> Moh
>> >>
>> >>
>> >> Blogs and organic groups at http://www.ccie.net
>> >>
>> >>
>> _______________________________________________________________________
>> >> Subscription information may be found at:
>> >> http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> >
>> _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Fri May 01 2009 - 16:56:17 ART

This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:41 ART