Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

PEM Policy Rule Classification Didnt Match

hasmadihadi
Altostratus
Altostratus

‎21-Mar-2023 20:49

i run PEM POC in my lab and managed to control bandwidth or drop traffic for selected subscriber with any application.

when trying to limit YouTube traffic, it seems the policy didnt match the youtube traffic even with custom URL category.

below is my configuration

where else can i take a look?

pem policy 15mbps_policy {

    rules {

        youtube_block {

            classification-filters {

                filter0 {

                    category Video

                }

            }

            precedence 2

            qos-rate-pir-downlink OneFiveMbps_Limiter

            qos-rate-pir-uplink OneFiveMbps_Limiter

            url-categorization-filters {

                url_category0 {

                    url-category AA_Custom_URL

                }

            }

        }

    }

}

pem policy Drop {

    rules {

        Drop_Rule {

            gate-status disabled

            precedence 1

        }

    }

}

 

Labels:
0 Kudos
5 REPLIES 5

Nikoolayy1
MVP
MVP

‎22-Mar-2023 04:28 - edited ‎22-Mar-2023 04:33

What about using only url filter without ''category Video'' app filter as you may not have licensed this or you may need to configure it with iRules as below. Probaly you have checked if changing " precedence " or the rules if it changes something like making rule 1 with precedence 1 and rule 2 (the drop rule) with precedence 2.

 

https://techdocs.f5.com/kb/en-us/products/big-ip-pem/manuals/product/pem-implementations-13-0-0/23.h...

 

Also check if the url database is correctly been pulled. Maybe with irule to see if youtube is corectly checked:

 

https://clouddocs.f5.com/api/irules/CLASSIFICATION__urlcat.html

 

 

 

Outside of that I can't give you more suggestions as this is also a hard topic for me 🙂

0 Kudos

hasmadihadi
Altostratus
Altostratus
In response to Nikoolayy1

‎22-Mar-2023 21:47

i have tried select url filter only but still didnt match.
let me try iRule if it works..

Nikoolayy1
MVP
MVP
In response to hasmadihadi

‎23-Mar-2023 00:54

Also it is interesting if you can check if the subscriber is matching the default second policy as mentioned in https://techdocs.f5.com/kb/en-us/products/big-ip-pem/manuals/product/pem-implementations-13-1-0/30.h...

That are my final ideas as this could be a lab related issue as PEM is usually not available for LAB VM and maybe with the URL DB not licensed even the custom URL categories could having issues but I can't confirm this.

0 Kudos

hasmadihadi
Altostratus
Altostratus
In response to Nikoolayy1

‎24-Mar-2023 00:21

i didnt find the second policy in the link you provided. maybe you can point any quotes so can find it.

i am quite sure the static subcriber match the policy  and it just didnt match rule even with higher precedence than any rule in the same policy.

if i enable URL filtering and PEM URL filtering license, is there any conflict?

 

0 Kudos

Nikoolayy1
MVP
MVP
In response to hasmadihadi

‎24-Mar-2023 00:24

I meant second rule not second policy, my mistake.

 

About "if i enable URL filtering and PEM URL filtering license, is there any conflict?" I have not enabled them at the same time to give you an answer to that question. Better check with the sales/solutions engineer that probably is helping you for the PoC.

0 Kudos
Copyright © 2023 Khoros, LLC