Cisco ACE-4710-K9 Administration Guide - Page 165
Creating a Layer 7 Policy Map
View all Cisco ACE-4710-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 165 highlights
Chapter 4 Configuring Class Maps and Policy Maps Configuring a Layer 7 Policy Map You associate the Layer 7 policy map within the appropriate Layer 3 and Layer 4 policy map to provide an entry point for the traffic classification. Layer 7 policy maps are considered to be child policies and can only be associated within a Layer 3 and Layer 4 policy map. Only a Layer 3 and Layer 4 policy map can be activated on a VLAN interface; a Layer 7 policy map cannot be directly applied on an interface. For more information about the role of policy maps in the ACE, see the "Class Map and Policy Map Overview" section. This section describes how to configure a Layer 7 traffic policy and contains the following topics: • Creating a Layer 7 Policy Map • Adding a Layer 7 Policy Map Description • Including Inline Match Statements in a Layer 7 Policy Map • Specifying a Layer 7 Traffic Class with the Traffic Policy • Specifying Layer 7 Policy Actions • Associating the Layer 7 Policy Map with a Layer 3 and Layer 4 Policy Map Creating a Layer 7 Policy Map To specify the type of Layer 7 traffic policy map, use the policy-map type command in configuration mode. The syntax of this command is: policy-map type {loadbalance first-match | inspect http all-match | inspect ftp first-match | optimization http first-match} map_name The keywords and arguments are: • loadbalance first-match-Defines Layer 7 server load-balancing decisions. You will enter policy map load balancing configuration mode. The ACE executes the specified action only for traffic that meets the first matching load-balancing classification with a policy map. The ACE does not execute any additional actions. • inspect http all-match-Defines the deep inspection of HTTP traffic. You will enter policy map HTTP inspection configuration mode. The ACE attempts to match a packet against all classes in the policy map and executes the actions of all matching classes associated with the policy map. OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 4-51