PACUG 3/2012
Clayton Daffron Systems Engineer Cisco Systems
Cisco Confidential
Changing Landscape How it Works PfR Use Cases Configuration Details Lab Demo
Cisco Confidential
Cisco Confidential
Public DC
SaaS/Public Internet
be critical
Traffic management and control
Service Provider DC
@
Branch Office
Private DC
connectivity
HQ / Main Site
Cisco Confidential
errors
Hot spots, congestion, delay, suboptimal performance
performance requirements
Time/delay sensitive: voice, video, etc Loss sensitive: video, circuit emulation Data center traffic: SAN extension, Internet ISP load balancing Transactional traffic: e-commerce transactions, automated B2B, ERP
Cisco Confidential
Automatic integration for Routing and Instrumentation provide better service levels The PfR policy can: minimize cost, efficiently distribute traffic load, and/or select the optimum performing path for applications
Central Site
BR1 BR2
MC
MPLS-VPN
High SLA
Internet
DMVPN
Cisco Confidential
Cisco Confidential
Network Management
Plan, configure, monitor, troubleshoot Sessions, endpoints and service infrastructure SLA measurements
Baseline
Provision
Capacity planning Visibility into network and application behavior Dynamic troubleshooting
Optimization
IT Resources
Network Adjustments Optimize Control
Control
Cisco Confidential
Cisco Confidential
MPLS-VPN
High SLA
Internet
VPN
MC/BR MC/BR
Cisco Confidential
11
MC
Route/Application Control
MC commands BRs to learn traffic classes Instruct BR to monitor the performance Verify the Performance If not performing, make a policy decision and instruct the BRs to enforce a new route
Cisco Confidential
12
Example
10.1.1.0/24 dscp ef 10.1.1.0/24 dst-port 50 10.1.1.0/24 telnet 20.1.0.0/16 ssh 10.1.1.0/24 nbar RTP 20.1.1.0/24 nbar citrix
Well-Known
NBAR
PfR has to determine the traffic classes from the traffic flowing through the border
routers Subsets of the total traffic must be identified, and these traffic subsets are named traffic classes Automatically learning or manual configuration
Cisco Confidential
13
Passive
Reachability Egress BW Delay Loss
Active
Reachability Jitter Delay Loss
Ingress BW
MOS
PfR enables IP SLA feature Probes sourced from BR ICMP probes learned or configured TCP, UDP, JITTER need ip sla responder
Hybrid Modes
Both
Passive to measure performance Active probing as needed It is the default
2011 Cisco and/or its affiliates. All rights reserved.
Fast
Active probes on all path all the time Passive to measure BW only
Active Throughput
Passive to measure BW only Active probing on current exit
Cisco Confidential 14
Cisco Confidential
15
MC
10.1.1.0/24 Site #1
BR
10.2.2.0/24 Site #2
PfR optimizes performance of traffic-class and optimizes the usage of the links. Choose the best path for the application If the performance of traffic-class does not meet the requirement then trafficclass is deemed Out of Policy. If the link usage does not meet the requirement then link is deemed Out of Policy.
2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Link
Utilization
Serial1
89%
100
30
Serial2
50%
113
30
Serial3
60%
119
25
Serial2 and serial3 are considered because 113 and 119 are below 132 (which is 120% of 110). Even though serial3 has slightly higher delay it is still chosen as best exit because jitter is lower and has no variance configured.
Serial4
40%
150
20
Cisco Confidential
17
Cisco Confidential
18
IM
Web
Central Site
BR1 BR2
MC
Internet ISP1
Internet
ISP2
Internet ISP3
Internet
ISP4
Cisco Confidential
19
external interfaces
Dual IP-VPN Routing is BGP or static Dedicated MC or MC/BR combo Load-balancing based on external interfaces load (delay unused) PfR Solution used Learn throughput to get prefixes Measurement: monitor both Policies: range/utilization
Central Site
BR1 BR2
MC
SP1 IP-VPN
SP2 IP-VPN
Cisco Confidential
20
Central Site
BR1 BR2
MC
MPLS-VPN
High SLA
Internet
VPN
Critical Traffic
Monitor mode fast If moderate level traffic loss is noticed in MPLS path (>=5%), all traffic is routed to the Public WAN Delay threshold is configured as 300 msec Jitter threshold is configured as 30 ms
MC/BR MC/BR
MC/BR
Cisco Confidential
21
Cisco 6500*
12.2(33)SXH (limited support)
Cisco 7200-NPE-G2
12.4, 12.4T 15M/T
Cisco 3800
12.4, 12.4T 15M/T
Cisco 2800
12.4, 12.4T 15M/T
Cisco Confidential
22
Cisco Confidential
23
Configuration Details
Master Controller Vast majority of configuration is on MC router Identify border routers by IP address, authentication key, and their interfaces Configure learning parameters Many other optional settings traffic types, policy thresholds, timers, out-ofpolicy actions, active probes, etc Border Router Identify MC by IP address and configure authentication key Identify local interface for MC peering (like BGP update-source)
Cisco Confidential
24
BR 0.0.0.0/0
int
10.1.0.0/16
ext
MC / BR
2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Cisco Confidential
26
Configuration
Understanding Performance Routing
http://www.cisco.com/en/US/docs/ios/pfr/configuration/guide/pfr-understand.html
Basic Configuration
http://www.cisco.com/en/US/docs/ios/pfr/configuration/guide/pfr-basic.html
Advanced Configuration
http://www.cisco.com/en/US/docs/ios/pfr/configuration/guide/pfr-advanced.html
Cisco Confidential
27
PFR Lab
Two PFR instances Branch and Campus Branch Site VOIP ncy h e t a L dt Low Bandwi Low Campus Site
Branch MC/ BR T1
4G
10.254.44.44
Campus MC/ BR
Cisco Confidential
28