match protocol http uses NBAR for recognizing http traffic, and
possible will match on traffic on ports 8080, 80, and user-defined.
but only http.
match access-group 101 doesn't use any complex techniques, and only
matches on address/port.
NBAR have higher fidelity, but often is software-only.
ACL have low fidelity, but often are hardware-based.
On Fri, May 1, 2009 at 2:47 PM, Mohamed Tandou <dtandou_at_gmail.com> wrote:
> Hello GS,
> is there any difference using the following or both will give the same
> result
>
> class-map B WEB
> match protocol http
>
> B and
>
> access-list 101 permit tcp any any eq www
>
> class-map WEB
> match access-group 101
>
> Thanks
>
> Moh
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Fri May 01 2009 - 14:58:16 ART
This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:41 ART