Re: nbar problem

Hi bob, y tryed with both, and with s-headers, and c-headers, and it
didnt work. I just worked with math protocol http alone.

2010/8/31 Bob Sinclair <bob_at_bobsinclair.net>

> Hi,
>
> Looks like you want to match hostname, not URL:
>
> <quote>
>
> When matching by URL is performed, NBAR recognizes the HTTP GET packets
> containing the URL, and then matches all packets that are part of the HTTP
> GET request. When specifying a URL for classification, include only the
> portion of the URL following www.hostname.domain in the match statement.
> For
> example, in the URL www.anydomain.com/latest/whatsnew.html, include only
> /latest/whatsnew.html.
>
> To match the www.anydomain.com portion, use the host name matching
> feature.
> The URL or host specification strings can take the form of a regular
> expression with options shown in Table 8.
>
> </quote>
>
> from:
>
> http://www.cisco.com/en/US/docs/ios/12_2/qos/command/reference/qrfcmd5.html#
> wp1070757
>
>
> Try "match protocol http host tenfieldigital*
>
> HTH,
>
> Bob Sinclair CCIE 10427 CCSI 30427
> CIERS2 Online Instructor
> www.tinyurl.com/ciers2online
>
> > -----Original Message-----
> > From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> > CCIE UY
> > Sent: Tuesday, August 31, 2010 10:36 AM
> > To: Cisco certification
> > Subject: nbar problem
> >
> > Hi people, im playing with nbar and i have problems to classify
> > traffic
> > with match protocol http url command.
> >
> > I dont see matches in the policies, i tryed with inbound and outbound
> > policies, and i cant make it work when i use strings to match:
> >
> > this is my config:
> > !
> > class-map match-all HTTP
> > match protocol http
> > class-map match-all HTTP-PERMITIDOS
> > match protocol http url "www.tenfieldigital.com.uy"
> >
> > policy-map R1-INPUT
> > class HTTP-PERMITIDOS
> > police 128000
> > class HTTP
> >
> >
> > show policy-map interface fas0/1
> >
> > FastEthernet0/1
> > Service-policy input: R1-INPUT
> > Class-map: HTTP-PERMITIDOS (match-all)
> > 0 packets, 0 bytes
> > 5 minute offered rate 0 bps, drop rate 0 bps
> > Match: protocol http url "www.tenfieldigital.com.uy"
> > police:
> > cir 128000 bps, bc 4000 bytes
> > conformed 0 packets, 0 bytes; actions:
> > transmit
> > exceeded 0 packets, 0 bytes; actions:
> > drop
> > conformed 0 bps, exceed 0 bps
> > Class-map: HTTP (match-all)
> > 493 packets, 245134 bytes
> > 5 minute offered rate 0 bps
> > Match: protocol http
> > Class-map: class-default (match-any)
> > 96575 packets, 95336011 bytes
> > 5 minute offered rate 866000 bps, drop rate 0 bps
> > Match: any
> >
> > Router Cisco 2811
> > Cisco IOS Software, 2800 Software (C2800NM-ADVSECURITYK9-M), Version
> > 15.0(1)M,
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
> > No virus found in this incoming message.
> > Checked by AVG - www.avg.com
> > Version: 9.0.851 / Virus Database: 271.1.1/3104 - Release Date:
> > 08/31/10 02:34:00

Blogs and organic groups at http://www.ccie.net
Received on Tue Aug 31 2010 - 12:12:40 ART