If you need to "tune"something in the protocol use the L7 class/policy maps..If you just need to inspect some protocol use the normal L3 policy map.
Thanks and regards Yogesh --- On Sun, 6/27/10, Tolulope Ogunsina <[email protected]> wrote: From: Tolulope Ogunsina <[email protected]> Subject: Re: [OSL | CCIE_Security] L3/L4 classmap or L7 classmap ? " how to get the feel of it in exam question" To: "Kamran Shakil" <[email protected]> Cc: [email protected] Date: Sunday, June 27, 2010, 12:33 AM Basically, the answer is always in the question. What can you match with a layer3/4 class-map? What can you match with a layer 7 class-map. If they ask for application specifics...like stuff in the request header of the HTTP packet, then you know its layer 7, else if you can match the criteria with a L3/4 class-map then go ahead. HTH, On 6/26/10, Kamran Shakil <[email protected]> wrote: > > Dear Guys, > > I know that this question might seem a bit ridiculous but i still wanna ask > it so that i may get a clarification from the experts of trade ;) > > my query is : > > "In CCIE LAB Sec , how will i know wether i have to use regular L3/L4 > classmap or is it a L7 classmap with inspect keyword ? I am sure question > will not put it to me to use l7 classmap since it will be very easy and > direct, but what clues can we gather from the question to understand exactly > what they mean ? " > > > I hope this question might linger in minds of some other fellows, so posted > it on the mailing list to get it resolved and make it crystal clear ! thanks > in advance... > > regards, > > Kamran Shakil > ITA NDC Operations Engineer > Cisco - IT Advance Services Team > MidEast Data Systems LLC Oman > Cell: + 968 95804126 > Office: + 968 24576640 > > Confidentiality Warning: "This message and any attachments are intended only > for the use of the intended recipient(s), are confidential, and may be > privileged. If you are not the intended recipient, you are hereby notified > that any review, retransmission, conversion to hard copy, copying, > circulation or other use of all or any portion of this message and any > attachments is strictly prohibited. If you are not the intended recipient, > please notify the sender immediately by return e-mail, and delete this > message and any attachments from your system." > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > -- Best Regards, Tolulope. _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
