In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-02-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
1. Classification & tag parsing
Classification method: ACL or NBAR
ACL can only classify according to source and destination IP, port and MAC address, while NBAR can classify traffic according to the content in the quantity based on the application layer identification of the network.
Global configuration mode: ip nbar pdlm flash://bt.pdlm load
API configuration mode: ip nbar protocol-discovery is enabled
Marking method: PBR or CBMarking
PBR can only be used in the in direction, while CBMarking can be applied in both the in and out directions.
2. Experimental topology
3. Basic configuration
Enable password cisco
Username cisco password cisco
Interface FastEthernet0/0
Ip address 192.168.5.254 255.255.255.0
No shutdown
Ip http server
Ip http authentication enable
Line vty 0 4
Login local
4. Classification and tag configuration
Classify Telnet and Web traffic, mark Telnet traffic priority 2 and Web traffic priority 3
ACL combined with PBR
Ip access-list extended Telnet
Permit tcp any any eq telnet
Ip access-list extended Web
Permit tcp any any eq www
Route-map PBR permit 10
Match ip address Telnet
Set ip precedence 2
Route-map PBR permit 20
Match ip address Web
Set ip precedence 3
Interface FastEthernet0/0
Ip policy route-map PBR
ACL combined with CBMaking
Ip access-list extended Telnet
Permit tcp any any eq telnet
Ip access-list extended Web
Permit tcp any any eq www
Class-map match-all Telnet
Match access-group name Telnet
Class-map match-all Web
Match access-group name Web
Policy-map CBMARK
Class Telnet
Set ip precedence 2
Class Web
Set ip precedence 3
Interface FastEthernet0/0
Service-policy input CBMARK
Check the match
Show ip access-lists
Show policy-map interface f0/0
NBAR combined with CBMarking
Ip nbar port-map http tcp 80 8080
Class-map match-all Telnet
Match protocol telnet
Class-map match-all Web
Match protocol http
Policy-map NBAR
Class Telnet
Set ip precedence 2
Class Web
Set ip precedence 3
Interface FastEthernet0/0
Service-policy input NBAR
Check the match
Show ip access-lists
Show policy-map interface f0/0
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
