5- en_route_v7_ch05.pdf
TRANSCRIPT
-
2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public ROUTE v6 Chapter 5
1
Chapter 5: Implementing Path Control
Implementing Cisco IP Routing (ROUTE)
Elaborated by: Ing. Ariel Germn For: ITLA Based on: Foundation Learning Guide CCNP ROUTE 300-101 Diane Teare, Bob Vachon, Rick Graziani 2015
-
Chapter 5 2 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Chapter 5 Topics
Using Cisco Express Forwarding Switching
Understanding Path Control
Summary
-
Chapter 5 3 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Using Cisco Express Forwarding Switching
-
Chapter 5 4 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Upon completing this section, you will be able to do the following:
Describe the different switching mechanisms that a Cisco router uses
Describe how Cisco Express Forwarding (CEF) works
Describe how to verify that CEF is working
Describe how to verify the content of the CEF tables
Describe how to enable and disable CEF by interface and globally
-
Chapter 5 5 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Control and Data Plane
The exchange of routing protocol information is performed in the control plane by the route processor.
Data packets are forwarded in the data plane by an interface microcoded processor.
Control plane and data plane are relatively independent.
-
Chapter 5 6 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Cisco Switching Mechanisms
Process switching
Is the slowest method.
Every packet is examined by the CPU in the control plane and all forwarding decisions are made in software.
It greatly degrades performance and is generally used only as a last resort or during troubleshooting.
-
Chapter 5 7 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Cisco Switching Mechanisms
Fast switching
Is faster than process switching.
The first packet is process switched, subsequent frames in the flow arrive, the destination is found in the hardware fast-switching cache
and the frames are then forwarded without interrupting the CPU.
-
Chapter 5 8 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Cisco Switching Mechanisms
Cisco Express Forwarding
Is the fastest method.
Two tables are created beforehand: Forwarding Information Base (FIB) and adjacency table.
The contain all the information the router need to consider when forwarding the packet.
-
Chapter 5 9 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Process and Fast Switching
An EIGRP update containing a new route to 10.0.0.0/8 is added to the EIGRP topology table.
Process switching might trigger an ARP request or find the Layer 2 address in the ARP cache.
-
Chapter 5 10 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Cisco Express Forwarding
It caches the information that is generated by the Layer 3 routing engine even before the router encounters any data
flows.
The control plane is responsible for building the FIB table and adjacency tables in software.
The data plane is responsible for forwarding IP unicast traffic using hardware.
The FIB is arranged for maximum lookup speed (most specific entry first).
-
Chapter 5 11 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Cisco Express Forwarding
-
Chapter 5 12 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Analyzing Cisco Express Forwarding
-
Chapter 5 13 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Analyzing Cisco Express Forwarding
-
Chapter 5 14 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Analyzing Cisco Express Forwarding
-
Chapter 5 15 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Enable and Disable CEF by Interface and Globally
-
Chapter 5 16 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Understanding Path Control
-
Chapter 5 17 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Upon completing this section, you will be able to do the following:
Identify the need for path control.
Describe how to use policy-based routing (PBR) to control path selection.
Describe how to use IP service-level agreement (IP SLA) to control path selection.
-
Chapter 5 18 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The Need for Path Control
Path control is required to avoid performance issues
and to optimize paths.
Path control tools can be used to change the default
destination forwarding and
optimize the path of the
packets for some specific
application.
-
Chapter 5 19 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Implementing Path Control Using Policy-Based Routing
PBR enables the administrator to define a routing policy other than basic destination-based routing using the routing
table.
With PBR, route maps can be used to match source and destination addresses, protocol types, and end-user
applications.
When a match occurs, a set command can be used to define items, such as the interface or next-hop address to
which the packet should be sent.
-
Chapter 5 20 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
PBR Features
PBR adds flexibility in a difficult-to-manage environment by providing the ability to route traffic that is based on network
needs.
Benefits of implementing PBR in a network include the following:
Source-based transit-provider selection
QoS
Cost savings
Load sharing
-
Chapter 5 21 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Steps for Configuring PBR
1. Enable PBR by configuring a route map using the route-map global configuration command.
2. Implement the traffic-matching configuration, specifying which traffic will be manipulated. This is done using the match commands.
3. Define the action for the matched traffic. This is done using the set commands.
4. Optionally, fast-switched PBR or CEF-switched PBR can be enabled.
5. Apply the route map to incoming traffic or to traffic locally generated on the router.
6. Verify PBR configuration with basic connectivity and path verification commands
-
Chapter 5 22 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Configuring PBR
The route-map map-tag [permit | deny] [sequence-number] global configuration command is used to create a route map.
If the statement is marked as permit, packets that meet all the match criteria are policy-based routed.
If the statement is marked as deny, packet meeting the match criteria is not policy-based routed. Instead, it is sent through the normal forwarding channels and destination-based routing.
If no match is found in the route map, the packet is not dropped. It is forwarded through the normal routing channel
Note: To drop a packet, forward it to the interface null 0.
-
Chapter 5 23 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
PBR match Commands
The match condition route map configuration commands are used to define the conditions to be checked.
match ip address {access-list-number | name} [...access-list-number | name] | prefix-list prefix-list-name [..prefix-list-name]
match length min max Matches based
-
Chapter 5 24 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
PBR set Commands
If the match statements are satisfied, you can use the set ip next-hop or set interface commands.
set ip next-hop ip-address [...ip-address]
set interface type number [...type number]
-
Chapter 5 25 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Configuring PBR on an Interface
To identify a route map to use for policy routing on an interface, use the ip policy route-map map-tag interface configuration command.
Remember that policy-based routing is configured on the interface that receives the packets, not on the interface from which the packets are forwarded.
Packets originating on the router are not normally policy routed.
To identify a route map to use for local policy routing, use the ip local policy route-map map-tag global configuration command.
This command applies the specified route map to packets originating on the router.
-
Chapter 5 26 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Verifying PBR
To display the route maps used for policy routing on the routers interfaces, use the show ip policy EXEC command.
To display configured route maps, use the show route-map [map-name] EXEC command.
Use the debug ip policy EXEC command to display IP policy routing packet activity.
-
Chapter 5 27 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Configuring PBR Example
In the example, you will: Verify normal traffic paths as selected by the traditional destination-
based routing.
Configure PBR to alter the traffic flow for one client station.
Verify both the PBR configuration and the new traffic path
-
Chapter 5 28 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Verify Normal Traffic Paths
-
Chapter 5 29 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Configure PBR to Alter the Traffic Flow from the Notebook
-
Chapter 5 30 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Verify the PBR Configuration and Traffic Path
-
Chapter 5 31 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Verify the PBR Configuration and Traffic Path
-
Chapter 5 32 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Verify the PBR Configuration and Traffic Path
-
Chapter 5 33 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Verify the PBR Configuration and Traffic Path
Notebook
-
Chapter 5 34 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Implementing Path Control Using Cisco IOS IP SLAs
PBR is a static path control mechanism.
It cannot respond dynamically to changes in network health.
If a policy states that when packet loss on primary exceeds 5%, backup should be used, It cant be done with PBR
alone.
-
Chapter 5 35 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
IP SLA Features
Cisco IOS IP SLAs perform network performance measurement within Cisco devices.
Cisco IOS IP SLAs actively send simulated data across the network to measure performance between multiple network locations or across multiple network paths.
The information collected includes data about: Response time
One-way latency
Jitter
Packet loss
Voice-quality scoring
Network resource availability
Application performance
Server response time.
-
Chapter 5 36 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Cisco IOS IP SLA Sources and Targets
All the IP SLA measurement probe operations are configured on the IP SLAs source, such as a Cisco IOS router.
If the target is another Cisco IOS device, the target can be configured as an IP SLA responder. A responder can provide accurate measurements
without the need for dedicated probes or any complex or per-operation
configuration.
-
Chapter 5 37 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Cisco IOS IP SLA Operations
An IP SLA operation is a measurement that includes protocol, frequency, traps, and thresholds.
This operation can be used with both types of target devices (source and responder).
When the operation is finished and the response has been received, the results are stored in the IP SLA MIB on the source.
These results can be retrieved and viewed using command line interface (CLI) commands or using Simple Network Management Protocol (SNMP).
-
Chapter 5 38 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Cisco IOS IP SLA Operation with Responders
Using an IP SLA responder provides enhanced measurement accuracy and additional statistics that are not
otherwise available via standard ICMP-based
measurement.
When a network manager configures an IP SLA operation on the IP SLA source, reaction conditions can also be
defined.
-
Chapter 5 39 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Steps for Configuring IP SLAs
The following steps are required to configure Cisco IOS IP SLAs functionality:
1. Define one or more IP SLA operations (or probes).
2. Define one or more tracking objects to track the state of IOS IP SLA
operations.
3. Define the action associated with the tracking object.
-
Chapter 5 40 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Step 1: Configuring Cisco IOS IP SLA Operations
Use the ip sla operation-number global configuration command to begin configuring a Cisco IOS IP SLA
operation and to enter IP SLA configuration mode.
The operation-number is the identification number of the IP SLA operation to be configured.
-
Chapter 5 41 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
The focus of this section is on the icmp-echo command
The complete command syntax is:
icmp-echo {destination-ip-address | destination-hostname} [source-ip {ip-address | hostname} | source-interface interface-name].
IP SLA Configuration Mode Commands
-
Chapter 5 42 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
IP SLA ICMP Echo Configuration Mode Commands
-
Chapter 5 43 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Schedule the IP SLA Operation
Once a Cisco IP SLA operation is configured, it needs to be scheduled using the ip sla schedule global configuration
command.
The complete command syntax is
ip sla schedule operation-number [life {forever | seconds}] [start-time {hh:mm [:ss] [month day | day month] | pending | now | after
hh:mm:ss}] [ageout seconds] [recurring]
-
Chapter 5 44 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Step 2: Configuring Cisco IOS IP SLA Tracking Objects
Use the global configuration command:
track object-number ip sla operation-number {state | reachability}
Use this optional command to specify the period of time to delay communicating states changes:
delay {up seconds [down seconds] | [up seconds] down seconds}
-
Chapter 5 45 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Step 3: Defining an Action Associated with a Tracking Object
Many types of actions can be associated with a tracked object.
A simple path control action is to use the global configuration command:
ip route prefix mask {ip-address | interface-type interface-number [ip-address]} [track number]
-
Chapter 5 46 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Configuring IP SLA Example
-
Chapter 5 47 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Configuring an IP SLA Operation with the ISP 1 DNS Server
-
Chapter 5 48 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Defining a Tracking Object and Assigning an Action
-
Chapter 5 49 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Configuring an IP SLA Operation with the ISP 2 DNS Server
-
Chapter 5 50 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Configuring an IP SLA Operation with the ISP 2 DNS Server
-
Chapter 5 51 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Configuring PBR and IP SLA Example
-Web traffic to the HQ site should be redirected over the serial link.
-All other traffic from Notebook should go via BR2 but only if BR2 is reachable.
-
Chapter 5 52 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Redirecting Web Traffic from BR1 to HQ Using PBR
-
Chapter 5 53 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Redirecting Web Traffic from BR1 to HQ Using PBR
-
Chapter 5 54 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Ensuring That BR2 Is Reachable Using IP SLA
-
Chapter 5 55 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Redirect Traffic from Notebook to BR2 If Reachable
-
Chapter 5 56 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Verifications
-
Chapter 5 57 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Verifications
-
Chapter 5 58 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Verifications
-
Chapter 5 59 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Summary
-
Chapter 5 60 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Summary
Packet-switching mechanisms on a Cisco IOS platform, including process switching, fast switching, and CEF switching.
Overview of path control tools, including PBR and Cisco IOS IP SLAs.
Using PBR to control path selection, providing benefits including source-based transit provider selection, QoS, cost savings, and
load sharing.
PBR is applied to incoming packets; enabling PBR causes the router to evaluate all packets incoming on the interface using a
route map configured for that purpose.
-
Chapter 5 61 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Summary
Configuring and verifying PBR, including the following steps:
Choose the path control tool to use; for PBR, route-map commands are used
Implement the traffic-matching configuration, specifying which traffic will be manipulated; match commands are used within route maps
Define the action for the matched traffic, using set commands within route maps
Apply the route map to incoming traffic or to traffic locally generated on the router
Verify path control results, using show commands
Cisco IOS IP SLAs, which use active traffic monitoring, generating traffic in a continuous, reliable, and predictable manner, to measure network performance.
-
Chapter 5 62 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public
Summary
Cisco IOS IP SLA terminology, including the following:
All the Cisco IOS IP SLA measurement probe operations are configured on the IP SLA source.
There are two types of IP SLA operations: those in which the target device is running the IP SLA responder component.
An IP SLA operation is a measurement that includes protocol, frequency, traps, and thresholds.
Configuring and verifying IOS IP SLAs.
-
Chapter 5 63 2007 2010, Cisco Systems, Inc. All rights reserved. Cisco Public