NBAR/Traffic Classification and PBR

peterbeck · ‎08-06-2010

Hello,

I was wondering if any one could help me with this one. I have a perimeter router which has 2 Internet connections attached.

I am trying to classify some traffic based on URL/media type and route this non essential traffic out the secondary link.

I have tried a couple of things but they do not seem to work. Here is one of the approximate configs.. Can any one one suggest why this wouldnt work? and if not can any one suggest how i can alternatively achieve routing non essential traffic to a secondary link based on NBAR/Classifications and not hard ACLS

Router(config)# class-map match-any mediaCM
Router(config-cmap)# match protocol http url "*.youtube.com*"
Router(config)# policy-map MediaPM
Router(config-pmap)# class MEDIACM
Router(config-pmap-c)# set ip dscp 10
Router(config-pmac-c)# exit
Router(config)# interface ethernet1
Router(config-if)# service-policy input MediaPM
Router(config-if)# exit
Router(config)# ip access-list MarkedTraffic
Router(config-ext-nacl)# permit ip any any dscp 10
Router(config-ext-nacl)# exit
Router(config)# route-map ToSecondaryLink 10
Router(config-route-map)# match ip address MarkedTraffic
Router(config-route-map)# set interface Dialer1
Router(config-route-map)# exit
Router(config)# interface ethernet1 (-FACES our Network)
Router(config-if)# ip policy route-map ToSecondaryLink

Thanks Folks.

Tharak Abraham · ‎08-06-2010

Andrew,

The service policy for your non essential traffic should be set outbound.

i.e service-policy output MediaPM

Could you try with local policy routing for the second link ?

fedya · ‎11-29-2010

Interesting idea! Did it work?

(I don't have answer to your question though)

Thanks,

--fedya

cadet alain · ‎11-29-2010

Hi,

show policy-map interface while surfing this site will show you if your packets are matching.

Regards.

Don't forget to rate helpful posts.