Solved: Layer7 LB policy misses

FRANCISCO JAVIER COPETE AGUADO · ‎07-01-2011

Hi All,

I have a L7 policy-map to filter by URI, only the websites listed in the "class-map type http" are allowed. The next step is to monitor which connections were dropped because a wrong host value in the header host field of HTTP packet was received.

This is possible throught the CLI with the command "show stats loadbalance", in the counter "Total Layer7 LB policy misses":

# show stats loadbalance

+------------------------------------------+

+------- Loadbalance statistics -----------+

+------------------------------------------+

Total version mismatch : 0

Total Layer4 decisions : 0

Total Layer4 rejections : 0

Total Layer7 decisions : 42

Total Layer7 rejections : 7

Total Layer4 LB policy misses : 0

Total Layer7 LB policy misses : 7

My question is: Can I get this value through SNMP?

I have been browsing througn the CISCO-SLB-MIB, but I haven't found the object that contains this information.

If anyone knows this information, would be helpful.

Thank you in advance.

Javier.

Fabrizio Pedracini · ‎07-04-2011

Hi Francisco,

try under CISCO-SLB-EXT-MIB. I believe what you're looking is cslbxStatsDroppedL7PolicyConns.

let me know if that helps.

cheers,

Fabrizio

View solution in original post

Fabrizio Pedracini · ‎07-04-2011

Hi Francisco,

try under CISCO-SLB-EXT-MIB. I believe what you're looking is cslbxStatsDroppedL7PolicyConns.

let me know if that helps.

cheers,

Fabrizio

FRANCISCO JAVIER COPETE AGUADO · ‎07-06-2011

Hi Fabrizio,

The object cslbxStatsDroppedL7PolicyConns match with "Total Layer7 rejections" output in "show stats loadbalance" command. I have found the object cslbxStatsNoMatchPolicyRejects match exactly with "Total Layer7 LB policy misses", that it is I was looking for.

Thank you very much for give me the good clue.

Best regards,

Javier Copete.