Hour 157: Leveraging QoS DPI features with PBR

One of the most powerful features that the MQC (Modular QoS CLI) offers is NBAR (Network Based Application Recognition) or also called DPI (Deep Packet Inspection). Today, I will be showing you how to manipulate routing based on upper layer levels of data packet.

What’s so powerful with MQC is that by using NBAR, you can inspect any part of a L4+ data packet and do whatever you like with it. In this example, I will be using the MQC to classify and mark web traffic such as youtube.com or facebook.com and then routing it to null0 (the bit bucket). This will result in black-holing traffic for anyone trying to reach those webpages.

  1. Lets start by identifying our traffic using the class-map feature of the MQC:
class-map match-any http-bad-traffic
match protocol http host “*youtube.com*”
match protocol http host “*myspace*”
match protocol http host “*facebook*”

 

Continue reading

Advertisements