Re: need help on NBAR from muhammad adnan on 2009-06-02 (Ccielab archives 06/2009)

From: muhammad adnan <taurusadnan19_at_gmail.com>
Date: Tue, 2 Jun 2009 20:51:27 +0500

can you post sh run with the concerned commands.this can be helpful to us

thank

On Tue, Jun 2, 2009 at 6:57 PM, Abdul Muhammed <abdulmuri_at_gmail.com> wrote:

> Hi,
>
> I initially configure the class- map matching all the url and the protocols
> and define the my policy-map with action drop and applied it for both
> inbound and outbound on the WAN interface. still, it matches and and their
> was no drop action,
>
> Then I decided to implement policing to drop all the packet, but is still
> the same thing.
>
> I hope policy based Routing do not have effect on NBAR as I have policy
> base
> routing on the interface
>
>
> Thanks
>
> On Tue, Jun 2, 2009 at 1:49 PM, Ryan West <rwest_at_zyedge.com> wrote:
>
> > Abdul,
> >
> > Without reference to which direction your flow is, I would say that
> you're
> > policing your requests and not the return traffic from those sites. If
> you
> > want an atomic drop of the outgoing request to that site, you should use
> > drop in favor of policing or apply a mark to the packet and drop it with
> an
> > egress ACL.
> >
> > -ryan
> >
> > -----Original Message-----
> > From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> > Abdul Muhammed
> > Sent: Tuesday, June 02, 2009 3:49 AM
> > To: Cisco certification
> > Subject: need help on NBAR
> >
> > Hi,
> >
> > I configured NBAR on 7200 series router to drop some unwanted traffic
> from
> > sites like rapidshare, mediafire and others, but it matches the traffic,
> > but
> > drop ratio is zero( no dropping).
> > below is a result of my show policy-map int g0/2
> >
> > please why is it not dropping the packets.
> >
> > sh policy-map int g0/2
> > GigabitEthernet0/2
> >
> > Service-policy input: policy1
> >
> > Class-map: downloader (match-any)
> > 31 packets, 6418 bytes
> > 5 minute offered rate 0 bps, drop rate 0 bps
> > Match: protocol http url "*.4shared"
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol http url "*youtube*"
> > 31 packets, 6418 bytes
> > 5 minute rate 0 bps
> > Match: protocol http url "*.googlevideo.*"
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol http url "*googlevideo*"
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol http url "*.mediafire.*"
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol http url "*mediafire*"
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol http url "*rapidshare*"
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol http url "*.rapidshare.*"
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol http url "*.tube8.*"
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol http url "*tube8*"
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > police:
> > cir 8000 bps, bc 1500 bytes
> > conformed 13 packets, 790 bytes; actions:
> > drop
> > exceeded 0 packets, 0 bytes; actions:
> > drop
> > conformed 0 bps, exceed 0 bps
> >
> > Class-map: p2p (match-any)
> > 5 packets, 5798 bytes
> > 5 minute offered rate 0 bps, drop rate 0 bps
> > Match: protocol edonkey
> > 5 packets, 5798 bytes
> > 5 minute rate 0 bps
> > Match: protocol fasttrack
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol finger
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol kazaa2
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol bittorrent
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol gnutella
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol napster
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > Match: protocol vdolive
> > 0 packets, 0 bytes
> > 5 minute rate 0 bps
> > police:
> > cir 8000 bps, bc 1500 bytes
> > conformed 1 packets, 1434 bytes; actions:
> > drop
> > exceeded 0 packets, 0 bytes; actions:
> > drop
> > conformed 0 bps, exceed 0 bps
> >
> > Class-map: class-default (match-any)
> > 413369 packets, 396012906 bytes
> > 5 minute offered rate 1786000 bps, drop rate 0 bps
> > Match: any
> >
> > --
> > Cherish your visions and your dreams as they are the children of your
> soul,
> > the blueprints of your ultimate achievements. "Napoleon Hill"
> >
> > There are no limitations to the mind except those we acknowledge; both
> > poverty and riches are the offspring of thought. "Napoleon Hill"
> >
> > Abdul Muhammed Murtala
> > American University of Nigeria
> > Lamido Zubairu way, Yola
> > Adamawa
> > +2348052001153, +2348056201237
> >
> > Network Manager
> > MCSE,MCDBA,MCSA,OCPDBA,CCNA,CCIE Written.
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
> >
>
>
> --
> Cherish your visions and your dreams as they are the children of your soul,
> the blueprints of your ultimate achievements. "Napoleon Hill"
>
> There are no limitations to the mind except those we acknowledge; both
> poverty and riches are the offspring of thought. "Napoleon Hill"
>
> Abdul Muhammed Murtala
> American University of Nigeria
> Lamido Zubairu way, Yola
> Adamawa
> +2348052001153, +2348056201237
>
> Network Manager
> MCSE,MCDBA,MCSA,OCPDBA,CCNA,CCIE Written.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Tue Jun 02 2009 - 20:51:27 ART

This archive was generated by hypermail 2.2.0 : Wed Jul 01 2009 - 20:02:36 ART