Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

source ip filtering with class map on cisco ace30

Hello ,

I would like to know if it is  possible to filter source ips connecting to a virtual ip  within a class map configuration ( or something else  ) ?

access-list S_IP_FILTERING line 8 extended permit ip host 1.1.1.1 any

 

class-map match-all S_IP_FILTERING_XVIP

2 match access-list S_IP_FILTERING

3 match virtual-address 2.2.2.2 any

Error: Only one match access-list is allowed in a match-all class-map and it cannot mix with any other match type

 

thanks for your support

 

Case,

 

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Hi, Yes, it is possible to do

Hi,

 

Yes, it is possible to do this. Use the ACL filter for the source IP address under the policy-map type loadbalance. Then you would call that load balance policy in your multi-match policy under the appropriate class.

for example:

class-map type http loadbalance match-any LOADBALANCE-FILTER

  2 match source-address X.X.X.X 255.255.255.255

 

class-map match-any TEST-CLASSMAP

  2 match virtual-address Y.Y.Y.Y tcp eq www

 

policy-map type loadbalance first-match LOADBALANCE

  class LOADBALANCE-FILTER

    serverfarm TEST-SERVERFARM

 

 

policy-map multi-match UTC-PM

  class TEST-CLASSMAP

    loadbalance policy LOADBALANCE

    loadbalance vip inservice

 

 

-Alex

 

 

2 REPLIES
New Member

Hi, Yes, it is possible to do

Hi,

 

Yes, it is possible to do this. Use the ACL filter for the source IP address under the policy-map type loadbalance. Then you would call that load balance policy in your multi-match policy under the appropriate class.

for example:

class-map type http loadbalance match-any LOADBALANCE-FILTER

  2 match source-address X.X.X.X 255.255.255.255

 

class-map match-any TEST-CLASSMAP

  2 match virtual-address Y.Y.Y.Y tcp eq www

 

policy-map type loadbalance first-match LOADBALANCE

  class LOADBALANCE-FILTER

    serverfarm TEST-SERVERFARM

 

 

policy-map multi-match UTC-PM

  class TEST-CLASSMAP

    loadbalance policy LOADBALANCE

    loadbalance vip inservice

 

 

-Alex

 

 

New Member

Hi Alex,Thanks, it works FD. 

Hi Alex,

Thanks, it works

 

FD.

 

78
Views
0
Helpful
2
Replies
CreatePlease login to create content