From: CCIE (ccie@gannons.net)
Date: Sun Jun 05 2005 - 13:21:34 GMT-3
Bob
I tried the reboot/cef and discovery, matching just http without the URL
works
a treat. I will try a new image as I am running a 2621XM image on a 2600 to
get OSPFv3 and ISIS for v6 all on the one box.
At least the config looks ok ?
Regards
Kevin
>Tim,
>
>Though I see no documentation claiming this, it seems to be the case on my
>box that protocol-discovery is required, as Munsar suggests. This may be
>version dependent, but a recreation of your test works fine on my box with
>protocol discovery enabled on the interface, and not at all if not.
>
>IOS (tm) 3600 Software (C3620-IK9O3S6-M), Version 12.2(15)T9,
>
>Have you tried rebooting? Is CEF enabled? Tried matching some other
>protocols? Tried applying outbound?
>
>HTH,
>
>Bob Sinclair
>CCIE #10427, CCSI 30427, CISSP
>www.netmasterclass.net
>
> ----- Original Message -----
> From: CCIE
> To: Group Study
> Sent: Sunday, June 05, 2005 9:00 AM
> Subject: NBAR Not matching !
>
>
> Have being reading the NBAR post so I decide to do some
> simple testing. I setup 150.1.7.7 behind router 3 with
> a HTTP server in my case its a router running "ip http server".
>
> I can not get a simple url match to work at all. See the
> config snippets below:
>
> !
> class-map match-all web
> match protocol http url "*test.txt*"
> !
> !
> policy-map web
> class web
> set precedence 7
> !
> interface Serial0/0
> ip address 157.1.123.3 255.255.255.0
> service-policy input web
> !
>
> This is how I generate the HTTP request from a host on
> the other end of the serial link:
>
> Rack1R2#150.1.7.7 80
> Trying 150.1.7.7, 80 ... Open
> GET /test.txt HTTP/1.0
>
> HTTP/1.1 404 Not Found
> Date: Tue, 02 Mar 1993 05:35:36 GMT
> Server: cisco-IOS
> Accept-Ranges: none
>
> 404 Not Found
>
> [Connection to 150.1.7.7 closed by foreign host]
> Rack1R2#
>
>
> However when I check the service policy it is not matching:
>
> Rack1R3#show policy-map in s 0/0
>
> Serial0/0
>
> Service-policy input: web
>
> Class-map: web (match-all)
> 0 packets, 0 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol http url "*test.txt*"
> QoS Set
> precedence 7
> Packets marked 0
>
> Class-map: class-default (match-any)
> 32 packets, 3668 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: any
> Rack1R3#
> !
>
>
> Any ideas, I can see HTTP is being recognised by NBAR
> by looking at the protocol discovery stats. Also if I
> change the class map to only look for the protocol HTTP
> I get hits. I have cef enabled ;-) .
>
> Regards,
> Kevin
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Wed Jul 06 2005 - 14:43:41 GMT-3