Cisco ACE-4710-K9 Administration Guide - Page 122
class-default, in the ACE load balancing the request to the SFBACKUP server farm.
View all Cisco ACE-4710-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 122 highlights
Class Map and Policy Map Overview Chapter 4 Configuring Class Maps and Policy Maps If none of the classifications specified in policy maps match, then the ACE executes the default actions specified against the class map configured with the class-default keyword (if one is specified). All traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. The class map configure with the class-default keyword has an implicit match-any match statement in it and is used to match any traffic classification. For example, with the following classifications for a specific request, the ACE attempts to match the incoming content request with the classification defined in class maps C1, C2, and C3: host1/Admin(config)# policy-map type loadbalance first-match SLB_L7_POLICY host1/Admin(config-pmap-lb)# class C1 host1/Admin(config-pmap-lb-c)# serverfarm SF1 host1/Admin(config-pmap-lb-c)# exit host1/Admin(config-pmap-lb)# class C2 host1/Admin(config-pmap-lb-c)# serverfarm SF2 host1/Admin(config-pmap-lb-c)# exit host1/Admin(config-pmap-lb)# class C3 host1/Admin(config-pmap-lb-c)# serverfarm SF3 host1/Admin(config-pmap-lb-c)# exit host1/Admin(config-pmap-lb-c)# class class-default host1/Admin(config-pmap-lb-c)# serverfarm SFBACKUP If the match criteria satisfies, the ACE load balances a content request to serverfarm SF1; if not, the ACE evaluates the match criteria in class map C2 and class map C3. If the request does not match any of the classifications in class maps C1, C2, or C3, then the class defined with the class-default keyword is guaranteed to match because it contains a match-any match statement in it. This action results in the ACE load balancing the request to the SFBACKUP server farm. The ACE supports flexible class map ordering within a policy map. The ACE executes only the actions for the first matching traffic classification, so the order of class maps within a policy map is very important. The policy lookup order is based on the security features of the ACE. The policy lookup order is implicit, irrespective of the order in which you configure policies on the interface. The policy lookup order of the ACE is as follows: 1. Access control (permit or deny a packet) 2. Permit or deny management traffic 3. TCP/UDP connection parameters 4. Load balancing based on a virtual IP (VIP) Cisco 4700 Series Application Control Engine Appliance Administration Guide 4-8 OL-11157-01