R2511-HP MSR Router Series ACL and QoS Configuration Guide(V5)
96
Because HTTP URL match criteria are for matching request packets, make sure that you are applying the
QoS policy to the direction where HTTP URL request packets are present.
HTTP host-based DAR configuration example
Network requirements
As shown in Figure 36, configure the router to prohibit Client from accessing the webpage
http://www.abcd.com:8080/news/index.html on the Web server.
Figure 36 Network diagram
Configuration procedure
# Configure the HTTP Host as the match criterion.
<Router> system-view
[Router] traffic classifier httphost
[Router-classifier-httphost] if-match protocol http host www.abcd.com:8080
[Router-classifier-httphost] quit
# Configure a packet filtering behavior.
[Router] traffic behavior deny
[Router-behavior-deny] filter deny
[Router-behavior-deny] quit
# Configure a QoS policy.
[Router] qos policy httphost
[Router-qospolicy-httphost] classifier httphost behavior deny
[Router-qospolicy-httphost] quit
# Enable DAR for traffic recognition, and apply the QoS policy to the incoming traffic of Ethernet 1/1.
[Router] interface ethernet 1/1
[Router-Ethernet1/1] dar enable
[Router-Ethernet1/1] qos apply policy httphost inbound
After the configurations, Client cannot access the webpage
http://www.abcd.com:8080/news/index.html on Web server.
The hostname-string criterion matches the host name and port number in request packets. For example,
the hostname-string in this example matches just the www.abcd.com:8080 part of the webpage at
http://www.abcd.com:8080/news/index.html.
Because HTTP host match criteria are for matching request packets, make sure that you are applying the
QoS policy to the direction where HTTP URL request packets are present.