enhancing application performance with pfr techadvantage webinar
DESCRIPTION
This webinar explains Cisco Performance Routing (PfR) technology as well as the latest enhancements and includes real case studies. PfR allows network administrators to minimize bandwidth costs, enable intelligent load distribution, improve application performance, and deploy dynamic failure detection at the WAN access edge. Whereas other routing mechanisms can provide both load sharing and failure mitigation, Cisco IOS PfR makes real-time routing adjustments based on criteria other than static routing metrics such as response time, packet loss, jitter, path availability, traffic load distribution, and cost minimization. This session is for anyone who wants to understand and deploy Cisco IOS Performance Routing.TRANSCRIPT
Cisco Confidential © 2012 Cisco and/or its affiliates. All rights reserved. 1
Enhancing Application Performance Performance Routing (PfR)
Jean-Marc Barozet ([email protected]) Sumanth Kakaraparthi ([email protected])
The Cisco TechAdvantage Webinars – January 9, 2013
Network Operating Systems Technology Group
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Register for a Technical Seminar with our Cisco Software SMEs: http://www.ciscolive.com/london/registration-packages/
Session Title Session Number
Advanced LISP Techtorial TECIPM-3191 Advanced Network Automation TECNMS-3601
Application Awareness in the Network; the Route to Application Visibility and Control TECRST-2672
Converged Access: Wired/Wireless System Architecture, Design and Operations TECCRS-2678
Enterprise QoS Design Strategy TECRST-2501
IP Mobility Deep Dive TECSPG-3668
IPv6 for Dummies: An Introduction to IPv6 TECMPL-2192
IPv6 Security TECRST-2680
Scaling the IP NGN with Unified MPLS TECNMS-3601
Software Defined Networking and Use Cases TECSPG-2667
Understanding and Deploying IP Multicast Networks TECIMP-1008
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Panelists Speakers
Sumanth Kakaraparthi Product Manager
Shabaz Yousaf Technical Marketing Engineer
Jean-Marc Barozet Technical Leader
Scott Van de Houten Distinguished Architect [email protected]
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
• Submit questions in Q&A panel and send to “All Panelists” Avoid CHAT window for better access to panelists
• Please complete the post-event survey
• For WebEx audio, select COMMUNICATE > Join Audio Broadcast
• Where can I get the presentation? Or send email to: [email protected]
• Join us February 13th for our next TechAdvantage Webinar: Unleash the Power of Your Network with One Platform Kit (onePK) www.cisco.com/go/techadvantage
• For WebEx call back, click ALLOW phone button at the bottom of participants side panel
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
• Positioning Key Customer Challenges PfR Benefits
• Performance Routing 101
• Use cases: Internet Edge Enterprise WAN
• Reporting Tools – NetFlow export, SNMP
• Conclusion
Cisco Confidential © 2012 Cisco and/or its affiliates. All rights reserved. 6
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7 How Application Are Consumed
Drastic Change in Application Consumption, Delivery, Type
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8 How Applications Are Delivered
Drastic Change in Application Consumption, Delivery, Type
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9 Type of Applications
Drastic Change in Application Consumption, Delivery, Type
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
37% 50% Percent of CIO’s
who say the majority of their apps will be in the Cloud by
2015
Consider Cloud ready WAN to be the Most Critical Infrastructure
for Cloud 28% : Virtualized DC
21% - SP SLA
* 1300+ Global IT professionals across 13 countries www.cisco.com/go/cloudsurvey
Expectation
Key Findings—Cisco Global Cloud Networking Survey, April 2012*
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
37% 60% 66% 60% 50% Percent of CIO’s
who say the majority of their apps will be in the Cloud by
2015
Consider Cloud ready WAN to be the Most Critical Infrastructure
for Cloud 28% : Virtualized DC
21% - SP SLA
Cited Performance
as a Key Challenge for Cloud
Cited Security and Policy as
a Key Challenge for Cloud
Cited Management
as a Key Challenge for Cloud
* 1300+ Global IT professionals across 13 countries www.cisco.com/go/cloudsurvey
Expectation Reality: Top Network Challenges
Key Findings—Cisco Global Cloud Networking Survey, April 2012*
vs.
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
WAN Internet
Branch with no direct Internet access
Branch with direct Internet access
Public SaaS Data Centers
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
• I don’t know, if I am getting my SLA
• I don’t know, the applications running in my network
• I don’t know, how to isolate performance problems
• I don’t know, how much non-business traffic is consuming
WAN Internet
Branch with no direct Internet access
Branch with direct Internet access
Public SaaS Data Centers
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
• I don’t know, if I am getting my SLA
• I don’t know, the applications running in my network
• I don’t know, how to isolate performance problems
• I don’t know, how much non-business traffic is consuming
WAN Internet
Branch with no direct Internet access
Branch with direct Internet access
Public SaaS Data Centers
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
• I don’t know, if I am getting my SLA
• I don’t know, the applications running in my network
• I don’t know, how to isolate performance problems
• I don’t know, how much non-business traffic is consuming
WAN Internet
Branch with no direct Internet access
Branch with direct Internet access
Public SaaS Data Centers
• I can’t do, anything about poor and inconsistent performance
• I can’t do, anything about my Network outages
• I can’t do, anything about under utilization of my Expensive WAN links
• I can’t do, anything about unreliability for my WAN links
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
• I don’t know, if I am getting my SLA
• I don’t know, the applications running in my network
• I don’t know, how to isolate performance problems
• I don’t know, how much non-business traffic is consuming
WAN Internet
Branch with no direct Internet access
Branch with direct Internet access
Public SaaS Data Centers
• I can’t do, anything about poor and inconsistent performance
• I can’t do, anything about my Network outages
• I can’t do, anything about under utilization of my Expensive WAN links
• I can’t do, anything about unreliability for my WAN links
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
• I don’t know, if I am getting my SLA
• I don’t know, the applications running in my network
• I don’t know, how to isolate performance problems
• I don’t know, how much non-business traffic is consuming
WAN Internet
Branch with no direct Internet access
Branch with direct Internet access
Public SaaS Data Centers
• I can’t do, anything about poor and inconsistent performance
• I can’t do, anything about my Network outages
• I can’t do, anything about under utilization of my Expensive WAN links
• I can’t do, anything about unreliability for my WAN links
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Visibility Control Report
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Save 40% operational cost by smart load balancing
Increase WAN reliability with out increase in $ cost
Avoid service outages
Improve application performance
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
SP-‐A
SP-‐B
BR
MC/BR
BR
BR
HQ
MC
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
SP-‐A
SP-‐B
BR
MC/BR
BR
BR
HQ
MC
Network Outage Network
Outage
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
SP-‐A
SP-‐B
BR
MC/BR
BR
BR
HQ
MC
Network Outage
Network Outage
Pfr enabled
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Expensive SP-‐A
SP-‐B
BR
MC/BR
BR
BR
HQ
MC
Voice and Video
Bussiness Critical
Rest of traffic
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Expensive SP-‐A
SP-‐B
BR
MC/BR
BR
BR
HQ
MC
Pfr enabled Voice and Video
Bussiness Critical
Rest of traffic
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
SP-‐A
SP-‐B BR
MC/BR
BR
BR
HQ
MC
Voice and Video
Business Critical
Rest of traffic
SP-‐C BR
BR
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
SP-‐A
SP-‐B BR
MC/BR
BR
BR
HQ
MC
Pfr enabled Voice and Video
Business Critical
Rest of traffic
SP-‐C BR
BR
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
SP-‐A
SP-‐B BR
MC/BR
BR
BR
HQ
MC
Pfr enabled Voice and Video
Business Critical
Rest of traffic
SP-‐C BR
BR
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
SP-‐A
SP-‐B BR
MC/BR
BR
BR
HQ
MC
Pfr enabled Voice and Video
Business Critical
Rest of traffic
SP-‐C BR
BR
Ready for Business Critical
Ready for Voice and Video
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
SP-‐A
SP-‐B
BR
MC/BR
BR
BR
HQ
MC
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
SP-‐A
SP-‐B
BR
MC/BR
BR
BR
HQ
MC
Service outage
Service Outage
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
SP-‐A
SP-‐B
BR
MC/BR
BR
BR
HQ
MC
Service outage
Service Outage
Pfr enabled
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
• Maximize all ISP bandwidth by load sharing other Internet traffic
• Protect business Cloud applications from network brownout
Loss > 10%
• Cloud Service preferred path – ISP1
Cloud Service & Load Balancing Policy
ISP-1 (Primary) ISP-2 (Secondary)
Detect loss > 10%
Cloud Service
Best Effort traffic
Internet • Internet Access with Multiple ISPs
• Optimization policies based on Prefixes
• Egress and Ingress Optimization
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
• Internet Access with Multiple ISPs
• Optimization policies based on Prefixes
• Egress and Ingress Optimization
• Protect business Cloud applications from network brownout
Loss > 10%
• Cloud Service preferred path – ISP1 • Maximize all ISP bandwidth by load sharing other
Internet traffic
Cloud Service & Load Balancing Policy
ISP-1 (Primary) ISP-2 (Secondary)
Detect loss > 10%
Cloud Service
Best Effort traffic
Internet
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
• Protect voice and video quality Latency > 200ms; Jitter > 30ms
• Protect Critical applications from brownouts Loss > 5%
• Voice & Video preferred path SP-A • Critical Apps preferred path SP-A • Maximize utilization by load sharing
Multimedia & Critical Data Policy
SP-A (MPLS VPN) SP-B (DMVPN)
Critical Apps
Best Effort traffic
WAN Detect high jitter
Voice - Video
• Enterprise WAN
• Optimization policies based on Applications
• Egress Optimization only
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
• Enterprise WAN
• Optimization policies based on Applications
• Egress Optimization only
• Protect voice and video quality Latency > 200ms; Jitter > 30ms
• Protect Critical applications from brownouts Loss > 5%
• Voice & Video preferred path SP-A • Critical Apps preferred path SP-A • Maximize utilization by load sharing
Multimedia & Critical Data Policy
SP-A (MPLS VPN) SP-B (DMVPN)
Critical Apps
Best Effort traffic
WAN
Voice - Video
Detect high jitter
Cisco Confidential © 2012 Cisco and/or its affiliates. All rights reserved. 36
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
• The Decision Maker: Master Controller (MC) Apply policy, verification, reporting No packet forwarding/ inspection required
MC
• The Forwarding Path: Border Router (BR) Learn, measure, enforcement
• Optimize by: Reachability, Delay, Loss, Jitter, MOS, Throughput, Load, and/or $Cost
BR BR
WAN1 WAN2
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
WAN1 (IP-‐VPN)
WAN2 (IPVPN, DMVPN)
MC/BR
MC/BR
BR
MC/BR
BR
BR
HQ
MC
BR BR
MC
Enterprise WAN ISP1 ISP2
Internet Edge
Branch
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
• Multisite MC Peering Framework • MC to MC Peering Framework can be used to
exchange policies, services and feedback • Remote Site Discovery
Automatic discovery of branch routers
Simplifies Configuration – prefix and target discovery Probing Efficiency – sharing of probe data across policies Enhance PfR – remote site bandwidth discovery
BR BR
HQ
MC
MC/BR MC/BR BR MC/BR
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
• Each MC announces its site name, inside prefixes, probe target address and remote bandwidth
BR BR
HQ
MC
MC/BR
MC/BR
BR MC/BR
Site HQ Publish
Prefix H1, H2, H3 Responder H
Site 1 Publish
Prefix A Responder 1
Site 2 Publish
Prefix B Responder 2
Site 3 Publish
Prefix C, D, E Responder 3, 4
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
• Mapping table built on each site • Allows automatic jitter probe configuration • Allows automatic probe generation
BR BR
HQ
MC
MC/BR MC/BR BR MC/BR
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
Prefixes Responders Sites Prefix A Prefix B Prefix C, D, E
Responder1 Responder2
Responder3, 4
Site 1 Site 2 Site 3
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
Learning
Monitoring (Passive – Active)
Choosing Your Policies
Enforcing the Path
Get the Traffic Classes in the MC database
Get the Traffic Classes Performance Metrics
Check Delay, loss, threshold, Bandwidth and more …
Use a good performing path per Traffic Class
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
Traffic Classes
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
The Rest of the Traffic
Voice, Video, Critical
10.1.1.0/24 10.1.2.0/24
10.2.1.0/24 … 10.2.9.0/24
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
• PfR determines the traffic classes from the traffic flowing through the border routers
• Subsets of the total traffic must be identified, and these traffic subsets are named traffic classes
Dest. IP DSCP Delay Loss Jitter BW
10.2.2.0/24 - 0 … …
… … … … …
Dest. IP DSCP AppID Delay Loss Jitter BW
10.2.2.0/24 EF 0 … …
… … … … …
Dest. IP DSCP AppID Delay Loss Jitter BW
10.2.2.0/24 AF31 0 … …
… … … … …
Global
Application Groups
or
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
Prefixes
Prefixes + DSCP
Applications
Traffic Classes
Definition
Traffic Classes
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
The Rest of the Traffic
Voice, Video, Critical
• Check Prefixes and application/DSCP per branch ‒ This will give an idea of the
number of Traffic Classes
‒ Tune Aggregation Mask as needed
Rest of the Traffic
Voice - Video
Critical Application
10.10.1.0/24 10.10.2.0/24
10.20.1.0/24 … 10.20.9.0/24
EXAMPLE Critical Apps – DSCP AF31 • Mask 24 – 11 TCs • Mask 16 – 2 TCs
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
Traffic Classes
Destination Prefix DSCP
App Id
Delay Loss Ingress
BW Egress
BW BR Exit
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
NetFlow Cache
NetFlow Cache
§ MC commands BRs to learn Traffic Classes WAN2
(IPVPN, DMVPN) WAN1 (IP-‐VPN)
Traffic Classes
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Traffic Classes
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
Destination Prefix DSCP
App Id
Delay Loss Ingress
BW Egress
BW BR Exit
10.1.1.1/32 EF BR1 E0/0
20.2.1.0/24 AF31 BR2 E0/0 30.1.1.0/24 0 BR1 E0/0
NetFlow Cache
NetFlow Cache
§ BRs use their NetFlow cache ‒ Top Talkers based on throughput
§ BRs aggregate based on the configured destination mask
§ Send the reports to the MC every minute
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
Traffic Classes
Learning
Monitoring (Passive – Active)
Choosing Your Policies
Enforcing the Path
Passive
§ PfR Netflow Monitoring § Flows Need not be symmetrical
Delay Loss
Egress BW
Reachability
Ingress BW
Passive Performance
Metrics BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
NetFlow Cache
NetFlow Cache
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
BR Links Ingress Egress
BR1 Gig1/1
BR2 Gig1/2
Destination Prefix DSCP
App Id
Delay Loss Ingress
BW Egress
BW BR Exit
10.1.1.1/32 0 BR1 Gi1/1
10.1.10.0/24 AF11 BR1 Gi1/2 … 0 BR2 Gi1/1
§ PfR uses NetFlow to collect and aggregate passive monitoring statistics on a per traffic class basis.
§ MC Instructs BRs to monitor the performance
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
Traffic Classes
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
BR Links Ingress Egress
BR1 Gig1/1 200 40
BR2 Gig1/2 130 60
Destination Prefix DSCP
App Id
Delay Loss Ingress
BW Egress
BW BR Exit
10.1.1.1/32 0 60 0 20 40 BR1 Gi1/1
10.1.10.0/24 AF11 110 0 52 60 BR1 Gi1/2 … 0 89 1 34 10 BR2 Gi1/1
BR BR
HQ
MC/BR MC/BR BR MC/BR
NetFlow Cache
MC
NetFlow Cache
§ Border routers collect and report passive monitoring statistics to the master controller approximately once per minute.
§ BRs gather performance measurements using Netflow § BRs report Performance Metrics for Traffic Classes to
the Master Controller
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
Traffic Classes
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
Learning
Monitoring (Passive - Active)
Choosing Your Policies
Enforcing the Path
Active
§ PfR enables IP SLA feature § Probes sourced from BR § ICMP probes learned or configured § TCP, UDP, JITTER need ip sla
responder
Delay Loss
Jitter
Reachability
MOS BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
Active Performance
Metrics
Traffic Classes
WAN1 (IP-‐VPN)
WAN2 (IPVPN, DMVPN)
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
Fast
Active Throughput
§ Active probes on all path all the time § Passive to measure BW only
§ Passive to measure BW only § Active probing on current exit
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC Traffic
Classes
§ Fast Mode is used when fast failover is needed
WAN1 (IP-‐VPN)
WAN2 (IPVPN, DMVPN)
Active Performance
Metrics
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
Destination Prefix DSCP
App Id
Delay Jitter Loss Ingress
BW Egress
BW BR Exit
10.1.1.1/32 EF BR1 Gi1/1
10.1.10.0/24 AF31 BR1 Gi1/2 … 0 BR2 Gi1/1
§ Active monitoring involves creating a stream of synthetic traffic (IP SLA probes) that replicates a traffic class as closely as possible.
§ MC Instructs BRs to send probes and monitor the performance
WAN1 (IP-‐VPN)
WAN2 (IPVPN, DMVPN)
Traffic Classes
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
BR BR
HQ
MC/BR MC/BR BR MC/BR
Destination Prefix DSCP
App Id
Delay Jitter Loss Ingress
BW Egress
BW BR Exit
10.1.1.1/32 EF 60 10 0 20 40 BR1 Gi1/1
10.1.10.0/24 AF31 110 15 0 52 60 BR1 Gi1/2 … 0 89 26 1 34 10 BR2 Gi1/1
MC
§ BRs gather performance measurements using IP SLA probes ‒ The performance metrics of the synthetic traffic
are collected ‒ BRs report Performance Metrics for Traffic
Classes to the MC § The MC applies results to the traffic class entry in the
Master Controller database
WAN1 (IP-‐VPN)
WAN2 (IPVPN, DMVPN)
Traffic Classes
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
Traffic Classes
Learning
Monitoring (Passive – Active)
Choosing Your Policies
Enforcing the Path
Link § Load balancing § Max utilization § Link grouping § $Cost
Application Performance § Reachability § Delay § Loss § MOS § Jitter
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
Voice, Video, Critical
The Rest of the Traffic
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
Voice, Video, Critical
BR BR
HQ
MC/BR MC/BR BR MC/BR
2. Loss
The Rest of the Traffic
3. Jitter 4. Delay
Load-Balancing Rest of the Traffic
Voice - Video
Critical Application
MC 1. Link-Group
2. Loss
4. Delay
1. Link-Group
§ Multiple resolvers can be assigned § Set of Policies per Application Group § Resolver Priority
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56
Voice, Video, Critical
Learning
Choosing Your Policies
Enforcing the Path
Monitoring (Passive – Active)
Destination Prefix § BGP
- Egress: route injection or Modifying the BGP Local Preference attribute
- Ingress: BGP AS-PATH Prepend or AS Community
§ EIGRP Route Control § Static Route Injection § PIRO
Application § Dynamic PBR § NBAR/CCE BR BR
HQ
MC/BR MC/BR BR MC/BR
The Rest of the Traffic
MC
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
Cisco Confidential © 2012 Cisco and/or its affiliates. All rights reserved. 57
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58
WAN1 (IP-‐VPN)
WAN2 (IPVPN, DMVPN)
MC/BR
MC/BR
BR
MC/BR
BR
BR
HQ
MC
BR BR
MC
ISP1 ISP2
Internet Edge
Branch
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59
• Problem Statement Ingress/Egress path are under/over utilized Maximize bandwidth utilization (uplinks with different BW
• Manual Solution Consider The Traffic Patterns of the Enterprise.
Does the Enterprise Host Content?
Does the Enterprise Access Content?
Not Sure? Graph Interface Byte Count
Use NetFlow
Even better, use Flexible NetFlow
• In General, sites have a 80:20 traffic volume (in bytes) mix. Fix only the 80% Direction.
20% direction doesn’t matter unless links are widely varying speeds.
R1 R2
Egr
ess
Ingr
ess
Internet
ISP B ISP A
1000 Mbps
20 Mbps
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60
• “Direction Applied”, works together with Route Maps
Tool/Attribute Direction of Traffic Flow Affected Implementation
Longest Match
Local Preference
AS_Path
Inbound and Outbound
Outbound
Static or Redistribution / Received
Direction Applied: Inbound
Direction Applied: Outbound Inbound
Communities Inbound Direction Applied: Outbound
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61
• PfR used to load balance the traffic Distributes traffic based upon Link Utilization (Load) Links can have different bandwidths New default policies based on load-balancing
• Cisco ASR1k is typical BR/MC with BR terminating Internet connections
• BGP routing BRs must be iBGP peers Default routing or Partial routes or Full routes
• PfR can actively manage up to 20k Prefixes concurrently (with ASR1000)
12.4T/15.0.1M IOS-XE 3.3.0
eBGP eBGP
R5 R4
HQ
R3
iBGP
ISP1 ISP2 ISP3
ISP4 ISP5
ISP6
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62
Dest Prefixes (NetFlow) Learning
Monitoring Passive – Global
Policies
Path Enforcement BGP
Egress BW Utilization
Load-Balancing (range)
Inject BGP Route
BGP Local Pref
R5 R4
HQ
R3
55% 45% eBGP eBGP
iBGP
ISP1 ISP2 ISP3
ISP4 ISP5
ISP6
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 63
Inside Prefixes (BGP) Learning
Monitoring Passive – Global
Policies
Path Enforcement BGP
Ingress BW Utilization
Load-Balancing (range)
BGP AS-PATH Prepend
BGP Community
R5 R4
HQ
R3
20% 17% eBGP eBGP
iBGP
ISP1 ISP2 ISP3
ISP4 ISP5
ISP6
Cisco Confidential © 2012 Cisco and/or its affiliates. All rights reserved. 64
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 65
WAN1 (IP-‐VPN)
WAN2 (IPVPN, DMVPN)
MC/BR
MC/BR
BR
MC/BR
BR
BR
HQ
MC
BR BR
MC
Enterprise WAN ISP1 ISP2
Branch
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 66
• Problem Statement: Recent carrier routing problem cause a network outage (Blackout). Fluctuating performance over the WAN is causing intermittent application problems (Brownout) Secondary/Backup WAN path under utilized
• Solution: PfR Application based optimization Protect Voice and Video traffic:
primary path, check delay, loss, jitter – fallback secondary
Protect Business Applications: primary path, check loss, utilization – fallback secondary
Best effort Applications – Maximize bandwidth utilization: load balanced across SPs or use the secondary path
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
Voice, Video, Critical
The Rest of the Traffic
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
Rest of the Traffic
Voice - Video
Critical Application
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 67
Prefixes
Prefixes + DSCP
Applications
Learning
Traffic Classes
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
Voice, Video, Critical
The Rest of the Traffic
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN) Rest of the Traffic
Voice - Video
Critical Application Classes of Applications
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 68
Monitoring Fast – Voice/Video
Passive – Rest
Active – Critical Apps NetFlow NetFlow
Destination Prefix DSCP
App Id
Delay Jitter Loss Ingress
BW Egress
BW BR Exit
10.1.1.1/32 EF 60 10 0 20 40 BR1 Gi1/1
10.1.10.0/24 AF31 110 20 0 52 60 BR1 Gi1/2 … EF 89 35 1 34 10 BR2 Gi1/1
Destination Prefix DSCP
App Id
Delay Loss Ingress
BW Egress
BW BR Exit
10.1.1.1/32 0 60 0 20 40 BR1 Gi1/1
10.1.10.0/24 AF11 110 0 52 60 BR1 Gi1/2 … 0 89 1 34 10 BR2 Gi1/1
Probes Probes
Traffic Classes
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 69
2. Loss
3. Jitter 4. Delay
Load-Balancing Rest of the Traffic
Voice - Video
Critical Application
1. Link-Group
2. Loss
4. Delay
1. Link-Group
Policies
BR BR
HQ
MC/BR MC/BR BR MC/BR
MC
Voice, Video, Critical
The Rest of the Traffic
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
Cisco Confidential © 2012 Cisco and/or its affiliates. All rights reserved. 70
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 71
• Standard based
• PfR NetFlow v9 Export The PfR NetFlow v9 Exporter resides on the PfR Master Controller Exports Passive Metrics, Active Metrics, Events, Configuration
• PfR SNMP MIB TC as a row of cpfrTrafficClassTable TC Status as a row of cpfrTrafficClassStatusTable performance metrics as a row of cpfrTrafficClassMetricsTable Traps
• NMS application vendors engaged!
• Cisco Prime Assurance engaged!
71
BR BR
HQ
MC
MC/BR MC/BR BR MC/BR
WAN2 (IPVPN, DMVPN)
WAN1 (IP-‐VPN)
NetFlow
SNMP Read
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 72
• Matching ID numbers are the way to associate template to the data records • The header follows the same format as prior NetFlow versions so collectors will be backward compatible • Each data record represents one flow • If exported flows have different fields, they cannot be contained in the same template record (i.e., BGP next hop
cannot be combined with MPLS-aware, NetFlow records)
Data FlowSet Template FlowSet #0 Option Template FlowSet
#1 FlowSet ID #256
Data FlowSet FlowSet ID #257
Template ID 258
(Specific Field Types
and Lengths)
(Version, # Packets,
Sequence #, Source ID)
Flows from Interface A
Flows from Interface B
To Support Technologies Such as MPLS or Multicast, This Export Format Can Be Leveraged to Easily Insert New Fields
FlowSet ID
Option Data Record
(Field Values)
Option Data Record
(Field Values)
Template Record Template ID #257 (Specific Field
Types and Lengths)
Template Record Template ID #254 (Specific Field
Types and Lengths)
Data Record (Field Values)
Data Record
(Field Values)
Option Data FlowSet
Data Record (Field Values)
© 2012 Cisco and/or its affiliates. All rights reserved. 73
Billing Denial of Service
Traffic Analysis
More info: http://www.cisco.com/warp/public/732/Tech/nmp/netflow/partners/commercial/
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 74
MC
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 75
Cisco Confidential © 2012 Cisco and/or its affiliates. All rights reserved. 76
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 77
Cisco 7200-NPE-G2
12.4, 12.4T 15M/T
Cisco 3900 Cisco 3800 12.4, 12.4T
15M/T
Cisco 2900 Cisco 2800 12.4, 12.4T
15M/T
Cisco 1900 Cisco 1800 12.4, 12.4T,
15M/T Cisco 6500 12.2(33)SXH (Deprecated)
Cisco 7600 12.2(33)SRB
(Limited Support)
Cisco ASR 1000
BR in IOS-XE 2.6.1 MC in IOS-XE 3.3.0
77
Cisco 3900 Cisco 3800 12.4, 12.4T
15M/T
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 78 78
PfR
New Cisco ISR G2 Simplified Feature Sets Classic Cisco IOS Software Feature Sets • New ISR-G2 1900, 2900, 3900 • A single IOS Universal Image for all ISR Generation 2
ISR Platforms • PfR is within the DATA package.
• Existing ISR 1800, 2800, 3800, 7200
ASR 1000 Series • ASR1001: Use Universal Image (U or UK9) with Advanced IP Services (AIS) or Advanced Enterprise
Services (AES) technology package license • All other ASR1000 (ASR1002-F, ASR1002, ASR1004, ASR1006, ASR1013): Use Advanced IP
Services (AIS/AISK9) or Advanced Enterprise Services (AES/AESK9) images
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 79
• Docwiki – Performance Routing Home Technology Overview, Solution Guides, Troubleshooting Guides, FAQ
http://docwiki.cisco.com/wiki/PfR:Home Performance Routing Technology Overview
http://docwiki.cisco.com/wiki/PfR:Technology_Overview Performance Routing Solution Guides
http://docwiki.cisco.com/wiki/PfR:Solutions Performance Routing Troubleshooting Guide
http://docwiki.cisco.com/wiki/PfR:Troubleshooting
• Configuration Understanding Performance Routing
http://www.cisco.com/en/US/docs/ios/pfr/configuration/guide/pfr-understand.html Basic Configuration
http://www.cisco.com/en/US/docs/ios/pfr/configuration/guide/pfr-basic.html Advanced Configuration
http://www.cisco.com/en/US/docs/ios/pfr/configuration/guide/pfr-advanced.html
79
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 80
• 2h Session: Deploying PfR Breakout – BRKRST-2362 • 4h Lab: Deploying and Operating PfR – LTRRST-2006 • 9h Techtorial: Application Visibility and Control – TECRST-2672
80
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 81
• Thank you! • Please complete the post-event survey • Join us February 13th for our next webinar:
Unleash the Power of Your Network with One Platform Kit (onePK) Register: www.cisco.com/go/techadvantage Follow us @GetYourBuildOn
Thank you.