Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Performance Routing
(PfR)
EDCS-728322
BRKIPM-2362
BRKIPM-2362
Cisco Public
Housekeeping
We value your feedback- don't forget to complete your online
session evaluations after each session & complete the Overall
Conference Evaluation which will be available online from
Thursday
Visit the World of Solutions
Please remember this is a 'non-smoking' venue!
Please switch off your mobile phones
Please make use of the recycling bins provided
Please remember to wear your badge at all times including the
Party
Related Sessions:
LABNMS-2002 Deploying and Operating Performance Routing (lab)
BRKIPM-2362
Cisco Public
Agenda
PfR Overview
Deployment
Performance
Conclusion
Q and A
Backup SlidesTroubleshooting
BRKIPM-2362
Cisco Public
What Is Performance
Routing (PfR)?
Cisco Public
Headquarters
SP C
SP B
SP A
Remote
Office
SP D
SP E
Telecommuter
Cisco Public
SP C
SP B
Headquarters
MC/BR
Remote
Office
BR
BR
MC
Bottlenecks
BR
SP D
SP E
MC/BR
Optimize by:
Reachability, Delay, Loss, Jitter*, MOS*,
Throughput, Load, and/or $Cost
Telecommuter
PfR Components
BRBorder Router
MCMaster Controller (decision maker)
BRKIPM-2362
Cisco Public
PfR
Prefix
Applications
WAN edge
Private IP (MPLS)
Network selection
Path selection
Exit routing
Networkwide
BRKIPM-2362
Cisco Public
Overview
BRKIPM-2362
Cisco Public
MC
Headquarters
MPLS
ATM
FR
BR
BR
BR
Remote
Office
MC/BR
BR
BR
Internet VPN
MC/BR
PfR Components
Telecommuter
Cisco Public
Learn Applications
on the Network
Reroute Traffic
Measure
Application
Performance
Cisco Public
10
Component Description
BR External (WAN)
Interfaces
BR
ISP1/WAN1
MC
ISP2/WAN2
BR
BR Internal (LAN)
Interfaces
Cisco Public
11
Information Flow
MC controls all operation
Response
BR1
Reports events
Command
Reports measurements
Makes policy decisions
BR2
BR responds to MC commands
Sends responses to MC
Uses NetFlow, IP SLA, BGP, static, PBR
Measures traffic class performance
Measures link performance
Enforces performance-based routing
BRKIPM-2362
Cisco Public
12
Example
Destination Prefix
(Mandatory)
ACL
Application
(Optional)
Well-Known
NBAR
10.0.0.0/8
20.1.1.0/24
10.1.1.0/24 dscp ef
10.1.1.0/24 dst-port 50
10.1.1.0/24 telnet
20.1.0.0/16 ssh
10.1.1.0/24 nbar RTP
20.1.1.0/24 nbar citrix
Cisco Public
13
Delay
Loss
Active
Reachability
Egress BW
Ingress BW
Delay
Reachability
Jitter 12.4T
MOS 12.4T
Both mode
Attempts to measure performance
passively with NetFlow and only
launches IP SLA probes as needed
Loss 12.4(15)T
BR
Fast mode
Probes all path all the time
BRKIPM-2362
Cisco Public
14
PfR Policy
Traffic Class
Performance
Link
Security
Delay
Sinkhole
Loss
Blackhole
Reachability
Performance
Administrative
Load
balancing
Link
grouping
Max
utilization
$Cost
MOS
Jitter
Scope
BRKIPM-2362
Cisco Public
15
Best
Path
Winner?
If Tie, Select
Current, Random
M
BRKIPM-2362
Cisco Public
16
Link
Utilization
Serial1
89%
100
30
Serial2
50%
113
30
Serial3
60%
119
32
Serial4
40%
150
20
BRKIPM-2362
Cisco Public
17
A
BGP/Static Redis
BR1
Route Commands
ISP or MPLS
Master
B
BGP/Static Redis
BR2
ISP or MPLS
Cisco Public
18
MC
BRKIPM-2362
Cisco Public
19
A
eBGP Advert
BR1
Route Commands
ISP or MPLS
Master
eBGP Advert
BR2
ISP or MPLS
Modifying eBGP
Prepend AS hop(s)
Append BGP downgrade community
BRKIPM-2362
Cisco Public
20
Remote
Office
Headquarters
Telecommuter
BRKIPM-2362
Cisco Public
21
Cisco
3800 ISR
Cisco
2800 ISR
Cisco
1800 ISR
Cisco
7200-NPE-G2
Current Highest
Performing PfR
Device**
Cisco
6500***
Cisco 7600
12.2(33)SRB
12.2(33)SXH
12.4, 12.4T
3640*/3660*/37
00*
12.4, 12.4T
2600*
12.4, 12.4T
1700*
12.4, 12.4T
Cisco Public
22
Troubleshooting analysis
Fully Web-based
BRKIPM-2362
Cisco Public
23
Agenda
PfR Overview
Deployment
Performance
Conclusion
Q and A
Backup SlidesTroubleshooting
BRKIPM-2362
Cisco Public
24
Design Questions
1. Do I have redundant WAN connections?
Internet, IPSEC/GRE, MPLS, ATM, Frame Relay
Configure as PfR external interfaces
Cisco Public
25
Design Questions
5. What policy is important?
Exit performance
Delay, loss, reachability, throughput
Jitter, MOS
Entrance performance12.4T
Delay, loss, reachability, throughput
Load distribution
Cost minimization ($cost)
Primary/backup link groups
Path discovery (for troubleshooting)
Security 12.4T
Default priority is performance then load
BRKIPM-2362
Cisco Public
26
Design Questions
6. Determine interesting traffic class by:
Configure prefix
Configure application
Configure full ACL
Learn interesting prefixes
Learn interesting traffic classes
Learn eBGP advertised prefixes (inbound optimization)
Learn application
Cisco Public
27
Solution Topologies
2. Remote Office
1. SOHO/Broadband
ISP1/WAN1
BR
MC/BR
ISP2/WAN2
MC/BR
3. Headquarters/Content/Hosting/Data Centers
ISP1/WAN1
BR
MC
ISP2/WAN2
BR
Cisco Public
28
SOHO/Broadband Deployment
1. Cable and DSL WAN interfaces
Eth8/0OER Internal
Eth9/0OER External
Ser12/0OER External
Eth9/0 Cable
Eth8/0
ISR is OER BR
MC/BR
Ser12/0 DSL
ISR is also MC
12.4
Cisco Public
29
SOHO/Broadband Configuration
key chain key1
key 1
key-string oer
oer master
logging
mode route control
max prefix total 100
Enable Logging
Enforce Routing
Changes
Authentication
Required
Ser12/0 DSL
Cisco Public
30
IM
E-Mail
BRKIPM-2362
ISP1
Internet
BR
Web
ISPD
ISPA
ISPE
ISPB
MC
ISP2
BR
ISPF
ISPG
ISPC
Internet voice
Application hosting
DNS
Online music
Online video
BRBorder Router, MCMaster Controller
2009 Cisco Systems, Inc. All rights reserved.
Cisco Public
31
IM
Web
E-mail
BR
MC
BR
Cisco Public
BRBorder Router,
MCMaster Controller
32
MC 10.1.1.1
key-string oer
oer master
logging
key 1
key-string oer
oer border
periodic 600
Revaluate Exit
10 Minutes
BR 10.10.10.3
logging
BR 10.10.10.2
local loopback 1
master 10.10.10.1 key-chain key1
interface ser12/0
load-interval 30
interface ser13/0
load-interval 30
IM
Web
BR
MC
learn
throughput
BR
Learn 500
Prefixes
delay
monitor-period 1
periodic-interval 0
prefixes 500
expire after time 240
BRKIPM-2362
Cisco Public
33
MC 10.1.1.1
IM
Web
E-Mail
BR
MC
BR
no periodic
resolve utilization priority 1 variance 5
resolve range priority 2
no resolve delay
no resolve loss
max-range-utilization percent 50
border 10.1.1.2
Link OOP if :%
util > Lowest
+ 50
% util > 90
BRKIPM-2362
Cisco Public
34
MC 10.1.1.1
100
10,000$
75%
8000$
40
4000$
No
OER
no resolve utilization
border 10.1.1.2
interface Serial12/0 external
cost-minimization tier 100 fee
cost-minimization tier 75 fee
cost-minimization tier
10000
8000
40 fee
10,000$
4000
75%
8000$
OER
4000$
Fixed Tiered
BRKIPM-2362
Cisco Public
35
BGP
Advertisement
Enterprise
BR
ISP1
Internet
MC
BR/CE
ISP2
BGP Community
Oer master
border 10.1.1.1 key-chain oer
interface ethernet1/0 external
downgrade bgp community 3:2
BRKIPM-2362
Cisco Public
36
MC/BR
Telecommuter
MPLS
Headquarters
BR
MC
ATM
BR
Remote
Office
Frame Relay
MC/BR
BR
Cisco Public
37
2.
OER External
Interfaces
Remote
Office
match tag 10
route-map block-def permit 30
MC/BR
Cisco Public
38
OER External
Interfaces
BRKIPM-2362
Cisco Public
39
Tunnel0
Tunnel1
MC/BR
Tunnel0
Headquarters
Telecommuter
oer master
BR
MC
Tunnel1
Tunnel0
BR/CE
border 10.10.10.1
Internet
Tunnel1
Tunnel0
MC/BR
Remote
Office
border 10.1.1.2
interface Tunnel 0 external
interface Tunnel 1 external
Tunnel0
BR/CE
border 10.1.1.3
interface Tunnel 0 external
interface Tunnel 1 external
Cisco Public
40
Tunnel0
Headquarters
Internet
Serial1
BR
Remote
Office
MC
Tunnel2
MC/BR
BR/CE
Serial3
MPLS
VPN
BR/CE
Cisco Public
41
oer master
oer-map MAP 10
match Appl1
set delay threshold 100
set link-group RED fallback BLUE
oer-map MAP 20
match Appl2
set link-group BLUE
link-group BLUE
interface eth1/1 internal
border 1.1.1.2 key-chain key2
interface Serial3 external
Tunnel0
link-group RED
interface Tu2 external
link-group BLUE
BR1
MC
Serial1
Tunnel2
BR2
Serial3
Cisco Public
42
MC/BR
Serial0
BR
Remote
Office
MPLS
MC
BR/CE
BR/CE
Serial0
Oer master
max-range-utilization percent 10
learn
list sequence 10 refname REM_OFC
traffic-class prefix-list REM_OFC_LIST
throughput
Ip prefix-lst REM_OFC_LIST permit 10.1.0.0/16
Ip prefix-lst REM_OFC_LIST deny 0.0.0.0/0
oer-map MAP 10
match oer learn list REM_OFC
set mode monitor fast
set unreachable threshold 5
set active-probe echo 10.1.1.1
set active-probe echo 10.1.1.2
set probe frequency 2
set resolve range priority 1
Cisco Public
43
Jitter 20 ms
IP SLA Responder
Tunnel0
Headquarters
BR
Tunnel0
ISP1
MC
Internet
BR/CE
Tunnel1
ISP2
Remote
Office
MC/BR
Tunnel1
BR/CE
Jitter 5 ms
Cisco Public
44
Or
UDP port range
ip access-list extended VOICE-LIST
permit udp any 10.1.1.0 0.0.0.255
range x y
Jitter 20 ms
IP SLA Responder
10.1.1.1
oer-map MAP 20
set active-probe jitter 10.1.1.1
target-port 2000 codec g729a
set probe frequency 2
Headquarters
Tunnel0
1
BR
MC
Tunnel0
Internet
BR/CE
Tunnel1
Remote
Office
MC/BR
Tunnel1
2
BR/CE
Configure
Responder on remote router
Ip
sla responder
Jitter 5 ms
BRKIPM-2362
Cisco Public
45
Headquarters
Tunnel0
1
BR
Internet
MC
Latency tolerantother
BR/CE
Tunnel1
Telnet or ssh
Other
Tunnel0
Tunnel1
Configure Policy
oer-map MAP 10
match oer learn list BRANCH_APPL
set delay threshold 100
set resolve delay priority 1 variance 5
BRKIPM-2362
Cisco Public
oer-map MAP 20
match oer learn list BRANCH_PFX
set delay threshold 400
set resolve utilization priority 1
variance 5
46
Oer master
application define APPL1 access-list APPL1_DEF
application define APPL2 access-list APPL2_DEF
BR
oer-map MAP 10
match traffic-class learn list LISTA
set resolve delay priority 1 variance 5
oer-map MAP 20
match traffic-class learn list LISTB
set resolve range priority 1
BR
BRKIPM-2362
Cisco Public
47
MC
BR
Cisco Public
48
Apply Policy
oer master
policy-rules SECURITY
oer-map SECURITY 10
match ip address prefix-list BLACKHOLE
set interface Null0
oer-map SECURITY 40
match ip address access-list SINKHOLE
set next-hop 10.10.10.4
BRKIPM-2362
Cisco Public
49
ISP1
ISP2
Avoids problems if
ISP is performing RPF
checking
MC/BR
CSS11500
NAT Translation
Occurs Here
ISP1
ISP2
interface virtual-template 1
ip nat inside source <x> interface Virtual-Template 1 overload oer
BRKIPM-2362
BR
Cisco Public
MC
50
interface Eth3/0
ip nat inside
interface Se1/0
ip nat outside
interface Se2/0
ip nat outside
OER Internal
Interface
OER External
Interface
Single IP
Se1/0ISP1
interface virtual-template 1
ip nat inside source route-map isp-1 interface
Virtual-Template1 overload oer
Single IP
ISP1
IP Pool
ip nat pool ISP-2 <min-ip-addr> <max-ip-addr>
prefix-length <len>
ip nat inside source route-map isp-2 pool ISP-2
oer
10.1.0.0
MC/BR
ISP2
Eth3/0
Se2/0ISP2
IP Pool
BRKIPM-2362
Cisco Public
51
Security Considerations
Deploy MC behind firewall
Separate private VLAN
for MC and BR
IM
Web
BR
MC
BR
no router
Cisco Public
52
PfR MC Redundancy
What if MC goes down?
Routing defaults to normal
as if PfR was not configured
On roadmap
Stateless redundancy
with synchronized
configuration and stateful
redundancy
BRKIPM-2362
ISP1
Cisco Public
BR
Web
ISP2
BR
E-Mail
MC
53
PfR MC Redundancy
Stateless redundancy using HSRP
On Border Configure HSRP
Group IP as MC IP
oer border
master 10.1.1.100 key-chain oer
ISP1
IM
BR
Web
BR
E-Mail
MC
Active
MC
ISP2
HSRP Group
IP 10.1.1.100
Standby
interface Ethernet0/0
standby 100 ip 10.1.1.100
Duplicate Configuration
on both MC
BRKIPM-2362
Cisco Public
54
Agenda
PfR Overview
Deployment
Performance
Conclusion
Q and A
Backup SlidesTroubleshooting
BRKIPM-2362
Cisco Public
55
28
26
24
22
1min % CPU
20
18
16
14
12
10
8
6
4
2
0
0
10
15
20
25
30
35
40
45
50
55
Time (Minutes)
BRKIPM-2362
Cisco Public
56
PfR BR Learning-Enabled
12.3(11)T CPU Usage Cisco IOS Border Router
12.3(11)T CPU Usage Cisco IOS Border Router
Active + Learning Mode Enabled (2500 Prefixes)
2 Border Routers/1000 Prefixes
2 Border Routers/2500 Prefixes
2 Border Routers/5000 Prefixes
10 Border Routers/1000 Prefixes
10 Border Routers/2500 Prefixes
10 Border Routers/5000 Prefixes
8
7
1min % CPU
6
5
4
3
2
1
0
0
10
15
20
25
30
35
40
45
50
55
Time (Minutes)
BRKIPM-2362
Cisco Public
57
MB
130
120
110
100
90
80
70
60
50
40
30
20
10
0
5:5000
5:4000
5:3000
5:2000
5:1000
5:1
4:5000
4:4000
4:3000
4:2000
4:1000
BRKIPM-2362
4:1
3:5000
3:4000
3:3000
3:2000
3:1000
3:1
2:5000
2:4000
2:3000
2:2000
2:1000
2:1
X:Y
Cisco Public
60 Min.
58
MemoryBytes
25,000,000
20,000,000
15,000,000
10,000,000
5,000,000
0
5:5000
5:4000
5:3000
5:2000
5:1000
5:1
4:5000
4:4000
4:3000
4:2000
4:1000
4:1
BRKIPM-2362
3:5000
3:4000
3:3000
3:2000
3:1000
3:1
2:5000
2:4000
2:3000
2:2000
2:1000
2:1
A:B
Cisco Public
60 Min.
59
BR
Avg CPU
Platform: 7200VXR-NPEG2
Mode Monitor: Active
Prefix Count: 20,000*
Prefix Type: Configured
Probe Frequency: 4 Seconds
24% Total
22%Total
5% IP
MC
18%MC
BR
9% IPSLA
5% BR
MC Router
524 MB DRAM
*12.4(15)T image
BRKIPM-2362
Cisco Public
BR Router
120 MB RAM
60
BRKIPM-2362
Cisco Public
61
Deployment Suggestions
Cisco Public
62
Agenda
OER Overview
Deployment
Troubleshooting
Performance
Conclusion
Q and A
BRKIPM-2362
Cisco Public
63
Conclusions
MPLS
ATM
Brownouts
FR
Congestion
ISPA
ISPD
Internet
ISPE
ISPB
ISPC
ISPF
ISPG
Syslog
Show oer master prefix
$ cost management
OER saves $ on usage based pricing links
BRKIPM-2362
Cisco Public
$$$$$$$
64
Agenda
PfR Overview
Deployment
Performance
Conclusion
References
Q and A
Backup SlidesTroubleshooting
BRKIPM-2362
Cisco Public
65
Technical References
PfR CCO
www.cisco.com/go/PfR/
Cisco Public
66
Q and A
BRKIPM-2362
Cisco Public
67
BRKIPM-2362
Cisco Public
68
Recommended Reading
Continue your Cisco Live
learning experience with further
reading from Cisco Press
Check the Recommended
Reading flyer for suggested
books
Cisco Public
69
BRKIPM-2362
Cisco Public
70
Backup Slides
Troubleshooting PfR
BRKIPM-2362
Cisco Public
71
Target: 100.1.1.1
Host
Time(ms) AS
30.30.30.2
24
60.60.60.4
12
100.0.0.2
20
Eth9/0 Cable
Eth8/0
Done or In Progress
BRKIPM-2362
AS Is Unknown
Likely Not Using BGP
Cisco Public
MC/BR
Ser12/0 DSL
72
Target: 100.1.1.1
Host
Time(ms) AS
1
2
40.40.40.2
60.60.60.4
4
4
0
0
100.0.0.2
20
30.30.30.2
60.60.60.4
12
16
0
0
100.0.0.2
32
BRKIPM-2362
Cisco Public
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
73
Learned Top
Throughput
Prefixes,
Discover Path on
Delay OOP
Discover Path on
Loss OOP
Discover Path on
Unreachable OOP
30.30.30.2
24
60.60.60.4
12
100.0.0.2
20
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
BRKIPM-2362
Cisco Public
74
Troubleshooting
1. Verify master to border connection
2. Verify master is operational
3. Verify internal/external interfaces operational
4. Verify traffic class learning
5. Verify traffic class monitoring
6. Verify traffic class control
Eth9/0 Cable
MC/BR
Ser12/0 DSL
Cisco Public
75
Status
UP/DOWN
10.10.10.1
INACTIVE DOWN
AuthFail
0
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
Cisco Public
76
Status
UP/DOWN
INACTIVE UP
00:00:28
AuthFail
0
0 Admin Down
UP/DOWN
UP
00:17:06
AuthFail
0
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
Cisco Public
77
Status
10.10.10.1
Se12/0
ACTIVE
UP
EXTERNAL UP
Et9/0
Et8/0
UP/DOWN
AuthFail
00:10:32
0
Eth9/0 Cable
EXTERNAL UP
INTERNAL UP
Eth8/0
MC/BR
Ser12/0 DSL
External
Interface
--------Se12/0
Et9/0
Capacity
(kbps)
--------
Max BW
(kbps)
------
1544
300
120
300
78
1000
338
3 UP
1000
150
10000
BW Used
Load Status
(kbps)
(%)
------- ------- ------
Exit Id
------
7 UP
3
4
Egress
2
Ingress
Cisco Public
78
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
Cisco Public
79
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
Cisco Public
80
Learning running on BR
Eth8/0
MC/BR
Ser12/0 DSL
SrcPort
Delay
Host3
dport3
DstPort SrcPrefix
Samples
Host4
dport4
Active
Host5
dport5
------------------------------------------------------------------------------10.1.15.0/24
telnet defa
N
N
N 0.0.0.0/0
38
49
0
0
72.7
10.1.15.2
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
1005
0
0
0
0
10.1.15.0/24
84
10.1.15.2
1006
N defa
634
0.0.0.0
N
0
0.0.0.0
N N
0
0.0.0.0
45.2
0.0.0.0
Cisco Public
81
Eth8/0
MC/BR
Ser12/0 DSL
DstPrefix
N defa
INPOLICY*
13
0
12
0
N
0
0
0
N 0.0.0.0/0
10.1.1.2
Et2/0
0
0
14
N
N
U
1
Cisco Public
82
Passive monitoring on BR
Eth8/0
MC/BR
Ser12/0 DSL
OER Passive Prefix Cache, State: enabled, 278544 bytes
DstPrefix
telnet defa
10.1.7.2
0
0
N
27
N
Et0/0
49
N 0.0.0.0/0
Et2/0
1
30.4
0
Cisco Public
83
Eth8/0
MC/BR
Ser12/0 DSL
DstPrefix
N defa
INPOLICY
13
0
12
0
N
0
0
0
N 0.0.0.0/0
10.1.1.2
Et2/0
0
0
14
N
N
BGP
1
Cisco Public
84
Eth8/0
MC/BR
Static or BGP
Ser12/0 DSL
Next Hop
OER
10.1.4.2
CE
Cisco Public
85
Eth8/0
MC/BR
Ser12/0 DSL
Cisco Public
86
Eth8/0
MC/BR
sh log | i 10.1.15.0
Ser12/0 DSL
Cisco Public
87
Eth8/0
MC/BR
Ser12/0 DSL
Prefix: 10.1.15.0/24
State: INPOLICY
Time Remaining: 0
Policy: Default
Interface
*10.10.10.1
10.10.10.1
PasSDly
PasLDly
ActSDly
ActLDly
Et9/0
16
35
35
Se12/0
38
38
Target
echo
100.1.1.1
DSum
Min
Max
Dly
88
40
48
44
Cisco Public
88
Eth9/0 Cable
MC/BR
Ser12/0 DSL
Policy: Default
No Probes Responding
Most recent data per exit
Border
*10.10.10.1
10.10.10.1
BRKIPM-2362
Interface
PasSDly
PasLDly
ActSDly
ActLDly
Et9/0
Se12/0
Cisco Public
89
Prefix
Type
Target
Assigned
10.1.15.0/24
echo
10.1.15.9
TPort
How
Codec
Cfgd
tcp-conn
or
udp-echo
probes
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
Cisco Public
90
No TCP traffic
Passive delay, loss, and reachability rely on TCP traffic
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
BRKIPM-2362
Cisco Public
91
BRKIPM-2362
Cisco Public
92