EasyManua.ls Logo

Cisco ACE-4710-K9

Cisco ACE-4710-K9
418 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
4-51
Cisco 4700 Series Application Control Engine Appliance Administration Guide
OL-11157-01
Chapter 4 Configuring Class Maps and Policy Maps
Configuring a Layer 7 Policy Map
You associate the Layer 7 policy map within the appropriate Layer 3 and Layer 4
policy map to provide an entry point for the traffic classification. Layer 7 policy
maps are considered to be child policies and can only be associated within a Layer
3 and Layer 4 policy map. Only a Layer 3 and Layer 4 policy map can be activated
on a VLAN interface; a Layer 7 policy map cannot be directly applied on an
interface.
For more information about the role of polic
y maps in the ACE, see the “Class
Map and Policy Map Overview” section.
This section describes how to configure a
Layer 7 traffic policy and contains the
following topics:
Creating a Layer 7 Policy Map
Adding a Layer 7 Policy Map Description
Including Inline Match Statements in a Layer 7 Policy Map
Specifying a Layer 7 Traffic Class with the Traffic Policy
Specifying Layer 7 Policy Actions
Associating the Layer 7 Policy Map with a Layer 3 and Layer 4 Policy Map
Creating a Layer 7 Policy Map
To specify the type of Layer 7 traffic policy map, use the policy-map type
command in configuration mode. The syntax of this command is:
policy-map type {loadbalance f
irst-match | inspect http all-match |
inspect ftp first-match | optimization http first-match} map_name
The keywords and arguments are:
loadbalance first-match—Defines Layer 7 server load-balancing decisions.
You will enter policy map load balancing configuration mode. The ACE
executes the specified action only for traffic that meets the first matching
load-balancing classification with a policy map. The ACE does not execute
any additional actions.
inspect http all-match—Defines the deep inspection of HTTP traffic. You
will enter policy map HTTP inspection configuration mode. The ACE
attempts to match a packet against all classes in the policy map and executes
the actions of all matching classes associated with the policy map.

Table of Contents

Related product manuals