presentacion xr.pdf
TRANSCRIPT
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 1
IOS-XR
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 2
Evolución
2 2 2 © 2004 Cisco Systems, Inc. All rights reserved. Presentation_ID
Control Plane Applications
Forwarding Plane Applications
Network Stack
System Infrastructure
Forward Infrastructure
OS Scheduler
Man
agem
ent P
lane
App
licat
ions
HA
Infr
astr
uctu
re
Control Plane Data Plane Management Plane
Control Plane Data Plane Management Plane
Control Plane Data Plane Management Plane
BG
B
RIP
ISIS
OSP
F
Rou
ting
PIM
IGM
P
RIB
L2 D
river
s
AC
L
FIB
QoS
LPTS
Hos
t Ser
vice
PFI
Inte
rfac
e
CLI
SNM
P
XML
Net
flow
Ala
rm
Per.f
Mgm
t
SSH
SSH
SSH
Checkpoint DB Multicast IPC System DB
Distributed Infrastructure
Memory Mgmt IPC Mech Synch. Services Scheduler
Kernel System Services
§ Kernel Monolitico § Infraestructura centralizada
§ Aplicaciones Centralizadas.
§ Micro Kernel § Infraestructura distribuida
§ Aplicaciones distribuidas.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 3
IOS XR Características principales
• Modular – upgrade/downgrade de software sin interrupción
• Distribuido – escalable a multi-chassis support
• Plataforma Independiente - modelo POSIX
• Interface de Admon Unified Data Model SNMP/XML
• High Availability – Reinicio de Procesos y Hot Standby
• Seguridad – En planos de datos, control y Management
• Router Logico – Particionamiento de Router.
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 4
Modularidad
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 5
Manageability ORB, XML, Alarms management
Security IPSec, Encryption, Decryption
Multicast PIM, MFIB, IGMP
MPLS MPLS, UCP
IOS XR Paquetes de Software
Routing: RIB, BGP, ISIS, OSPF, RPL
OS: Kernel, file system, memory management, and other slow changing core
Base Interface manager, System database, checkpoint services Configuration management, etc.
Admin Resource Management: Rack, Fabric, LR management
Forwarding Platform independent FIB, ARP, QoS, ACL, etc
Line Card Platform Dependent LC ucode & drivers
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 6
IOS XR Paquetes ofrecen flexibilidad
• Se puede hacer actualizaciones independientes para MPLS, Multicast, Routing Protocols y linecards. • Habilidad para correr diferentes versiones en diferentes nodos.
• Habilidad para liberar paquetes de software de forma asíncrona. • Paquetes opcionales si la tecnología no se desea en el equipo (Multicast, MPLS)
Line card
OSPF ISIS
RPL BGP Routing Composite
OS IOX Admin
Base
Forwarding
Security
MPLS Multi- cast
Manageability
Host Composite
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 7
IOS XR Software Modular en Paquetes
§ Actualizar paquetes especificos/compuestos. – A través de todo el sistema
– Se puede instalar en tarjetas específicas.
§ Punto de reparación para fallas de softwaren.
DRP LC RP
SC
Manage- ability Security
GMPLS Multi-cast
Opt’l
Mand
Opt’l
Mand
Opt’l
Mand
Mand
Mand
RPL BGP
ISIS OSPF
Forwarding
Base
Admin
OS
Base
OS
Forwarding
Forwarding
Manage- ability Security
GMPLS Multi-cast
RPL BGP
ISIS OSPF Base
OS
Line Card
GMPLS Multi-cast
Base
Admin
OS
7 7 7 © 2005 Cisco Systems, Inc. All rights reserved. Presentation_ID
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 8
Arquitectura Distribuida
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 9
In-Memory Database (IMDB) Distribuida
Reliable Multicast and Unicast IPC
Local-DRP Global
IP Intf OSPF BGP ISIS IP Intf
OSPF BGP ISIS
Global Local-Ra
Management Applications (CLI/XML?SNMP)
Consolidated System View
Local-LCa
IP Intf
ARP PPP
ACL VLAN
QOS
RP-A DRP
LCa
§ Mensajes IPC multicast mejoran escalabilidad y performance.
§ Modelo distribuido de administración
§ Vista consolidada del sistema facilita mantenimiento.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 10
Control Plane Distribuido.
§ Protocolos de ruteo y de señalizacion pueden correr en uno o mas (D)RP
§ Cada uno con redundancia con su propia standby (D)RP
§ Facilita el manejo de recursos
RP2 RP3 RP4 RPn RP1
RESILLIENT SYSTEM PROCESS DISTRIBUTION
BGP IS-IS MPLS Multi-cast BGP
10 10 10 © 2004 Cisco Systems, Inc. All rights reserved. Presentation_ID
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 11
Distributed Forwarding Infrastructure
Forwarding un solo estado § Una sola base de Informacion de
Adjacencias (AIB) distibuida a todas las line cards.
§ Una sola interface global de management distribuida a todas las LC
§ FIB de solo ingreso– forza los features de forwarding correr en la RP
Forwarding de dos estados. § Cada linecard tiene su propia AIB solo
para interfaces locales. § Cada LC tiene Bases de Datos
independientes para interfaces locales.
§ FIB de Ingress y de Egress permite que features corran de manera independiente en cada LC
11 11 11 © 2004 Cisco Systems, Inc. All rights reserved. Presentation_ID
LC
RP
LC
FIB
Global IDB & AIB
CPU
CPU
Switching Fabric
IP Stack IM Netflow
PPP ARP VLAN
Drivers
RP
LC LC
CPU
CPU Ingress FIB
Ingress AIB & IDB Egress
FIB
Egress AIB & IDB
Switching Fabric
Global Int. Mgr.
LC-CPU
IM VLAN PPP
HDLC Netflow ARP
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 12
Agenda
§ IOS XR Software Architecture
§ IOS XR High Availability Infrastructure
§ Process Restartability
§ RP/DRP Redundancy
§ Non-Stop Forwarding (NSF)
§ In Service Software Upgrade (ISSU)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 13
IOS XR Software Architecture
IOS XR Software consists of: § Micro-Kernel OS, memory-protection, msg-passing, pre-emptive
§ All basic OS and router functionality implemented as processes
§ UNIX process model with separate, protected memory/address spaces
Microkernel Threads Scheduling Debug Timers
Message Queues
Synchronization
Distributed Processing
File System
Lightweight Messaging
Event Management
C I S
C O
P O S I X
Applications
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 14
Agenda
§ IOS XR Software Architecture
§ IOS XR High Availability Infrastructure
§ Process Restartability
§ RP/DRP Redundancy
§ Non-Stop Forwarding (NSF)
§ In Service Software Upgrade (ISSU)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 15
High Availability in IOS XR
Many Aspects of High Availability in the Software & Hardware
§ Process/Application level High Availability
§ Resource Monitoring and Validation
§ Fault Management
§ Data Traffic Protection and Restoration
§ In-Service Software Upgrade (ISSU)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 16
NSF capabilities
§ Separate mgmt, control and data planes Mgmt and control plane outages do not affect forwarding operation
§ Process-level fault containment (process restart)
§ Card-level fault mgmt (active->standby RP or DRP failover)
§ NSF achieved through Check pointing and Graceful Restart of routing protocol
§ ISSU Capability where many processes can be upgraded without impact
Uses process restart to install updated software on the active RP
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 17
Agenda
§ High Availability Introduction in IOS XR
§ IOS XR High Availability Infrastructure
§ Process Restartability
§ RP/DRP Redundancy
§ Non-Stop Forwarding (NSF)
§ In Service Software Upgrade (ISSU)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 18
Process Restartability § Used for small/contained faults (individual or small groups of process
failures) § Processes support restarting with dynamic state recovery
Mirrored State via checkpoint or synchronization with peer § First line of defense- All Processes are restartable for fault recovery § Certain processes are ‘mandatory’ – must always be running. Failure of
mandatory processes can cause RP failover § Second line of defense - Card-level Redundancy is used when Process
Restart fails-
Contained Contained
Contained
BGP IS-IS RIB QoS FIB IP Stack CLI XML Alarm File System
Inter Process Communication SSH SNMP Netflow L2
Drivers PFI ACL IGMP PIM OSPF
OS Distributed Middleware
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 19
Process-level Redundancy
Standby process
Active process
Active service-providing process
Standby process
Active process uses checkpoint library to share running state with standby.
Standby Process may or may not be running
client
client
client
Clients use active service-providing process
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 20
process
Process-level Redundancy (cont)
process process
Active process dies
Standby Process becomes Active
client
client client
Clients use new primary service-providing process New primary starts
sending updates to standby process
New Standby Process is started
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 21
Examining the process restart details show processes aib
Job Id: 101 PID: 13865060 Executable path: /disk0/hfr-base-3.0.1/bin/aib Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 2 Max. spawns per minute: 12 Last started: Wed Feb 16 07:01:56 2005 Process state: Run (last exit due to SIGSEGV) Package state: Normal Started on config: cfg/gl/ipv4-aib/ core: TEXT SHAREDMEM MAINMEM Max. core: 0 Level: 90 Mandatory: ON startup_path: /pkg/startup/aib.startup Process cpu time: 0.143 user, 0.054 kernel, 0.197 total JID TID LastCPU Stack pri state HR:MM:SS:MSEC NAME 101 1 1 36K 10 Receive 0:00:00:0135 aib 101 2 1 36K 10 Receive 0:00:00:0001 aib 101 3 1 36K 10 Receive 0:00:00:0000 aib 101 4 1 36K 10 Receive 0:00:00:0006 aib -------------------------------------------------------------------------------
Number of times process has been restarted
Threshold for restarts
Designated as ‘mandatory’ – can be altered!
Multi-threaded with 4 active threads
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 22
Agenda
§ High Availability Introduction in IOS XR
§ IOS XR High Availability Infrastructure
§ Process Restartability
§ RP/DRP Redundancy
§ Non-Stop Forwarding (NSF)
§ In Service Software Upgrade (ISSU)
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 23
RP/DRP Redundancy
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 24
RP/DRP Redundancy
Card-level redundancy and failover § Used for handling larger error sets
control plane lock-up on active RP or Hardware errors on active RP or cases where critical processes will not restart
properly
§ “Warm” redundancy - Processes on standby card use mirrored, checkpointed data.
§ Warm Standby processes do not process checkpointed data until they become active
Standby RP
Active RP
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 25
Redundancy - Card-Level Switchover When?
§ HW errors detected on active RP card
§ Control plane lockup on active card
§ ‘Mandatory’ Process crashed and not restartable or crashed repeatedly
§ Kernel crash § User command “redundancy
failover” § HW watchdog timer
Standby RP
Active RP
Line Card Line Card
State Information
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 26
Redundancy - Card-Level Switchover When is RP switchover NOT allowed?
§ HW errors detected on standby card
§ Control plane lockup on standby card
§ Mandatory Process(es) crashed on standby card
§ Software Install in progress § Any process on standby indicates “standby not ready” (usually during standby card init)
Standby RP
Active RP
Line Card Line Card
State Information
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 27
Agenda
§ High Availability Introduction in IOS XR § IOS XR High Availability Infrastructure § Process Restartability § RP/DRP Redundancy § Non-Stop Forwarding (NSF) § In Service Software Upgrade (ISSU) § Summary
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 28
MPLS HA Architecture
DRP
LC LC
Application: MPLS-TE Recovery: From systems services and check-pointing
Label signaling: RSVP, LDP Recovery: From applications and neighbors
Infra: Label manager Recovery: From signaling layer
MPLS Forwarding MPLS
Forwarding Recovery: From Label Manager
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 29
Agenda
§ High Availability Introduction in IOS XR
§ IOS XR High Availability Infrastructure
§ Process Restartability
§ RP/DRP Redundancy
§ Non-Stop Forwarding (NSF)
§ In Service Software Upgrade (ISSU)
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 30
In Service Software Upgrade- ISSU
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 31
ISSU
• Ability to deliver point fixes (e.g. to fix a BGP bug, only install/modify a patch to BGP code, nothing else) or upgrade complete set of functionality whilst system is operating
• Identify exactly what has changed, and its impact ‘fan-out’
• Safety Checks conducted before proceeding with upgrade
• Restart processes to activate new code
• Goal is to preserve NSF / NSR even on “live” upgrades to active RP
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 32
ISSU § Two main forms of ISSU
Software Maintenance Unit (SMU) based – Patch code to resolve problem. SMU limited to single DDTS component
Package Installation Envelope (PIE) based – Complete set of binaries for a particular collection of functions/ Software Package
Manageability ORB, XML, Alarms management
Security IPSec, Encryption, Decryption
Multicast PIM, MFIB, IGMP
MPLS MPLS, UCP
Routing: RIB, BGP, ISIS, OSPF, RPL
OS: Kernel, file system, memory management, and other slow changing core
Base Interface manager, System database, checkpoint services Configuration management, etc.
Admin Resource Management: Rack, Fabric, LR management
Forwarding Platform independent FIB, ARP, QoS, ACL, etc
Line Card Platform Dependent LC ucode & drivers
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 33
IOS XR: Config Management using CLI
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 34
IOS XR CLI
What to expect at the end of this session: – Key CLI features to get started with IOS XR – Various config modes and their applications
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 35
IOS XR and IOS Config differences
IOS XR IOS
Configuration changes do NOT take place after <CR> Configurations take place immediately after <CR>
Configuration changes must be ‘committed’ before they take effect No commit
Allows you to verify your configuration before applying it No verification required
Two stage configuration model Not available
Configuration rollback Not available
Feature centric Interface centric
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 36
IOS XR CLI - Location addressing format
§ CRS-1 is designed to scale 72 linecard chassis’s with a potential of 1296 linecard and RP slots
§ Location identifiers use R/S/M/I format R = Rack (applicable in multi-chassis systems) S = Slot (physical slot the module is in) M = module (0 for ‘fixed’ PLIMs, n for SPAs) I = Interface
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 37
IOS XR CLI: Key Features
§ New CLI format
§ Two-stage config model
§ Ability to rollback config changes
§ Provision to pre-configure
§ New config plane – Admin mode
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 38
IOS XR CLI: New CLI format
§ New CLI reflects the HW position in the system – Introduces the Hierarchical location scheme – Each linecard has three-level identification: Shelf/Slot/cpu # – Interfaces have the Shelf/Slot/Bay/Interface scheme
§ Protocol referenced by address family type – v4/v6 § Backward compatible command-set with IOS
RP/0/0/CPU0:Router-1#show ipv4 interface brief Interface IP-Address Status Protocol MgmtEth0/0/CPU0/0 10.23.1.69 Up Up MgmtEth0/0/CPU0/1 unassigned Shutdown Down MgmtEth0/0/CPU0/2 unassigned Shutdown Down GigabitEthernet0/2/0/0 100.12.1.1 Up Up
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 39
IOS XR CLI: New CLI format
§ Config modes include: – Privileged exec mode – Global config mode – Config sub-mode – Admin mode
§ Admin mode is newly introduced compared to IOS § Admin mode allows viewing / configuring shared
resources – Fabric – Logical Router – Package installation
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 40
IOS XR CLI: Config Modes
RP/0/0/CPU0:ios#config t RP/0/0/CPU0:ios(config)#interface MgmtEth 0/0/CPU0/0 RP/0/0/CPU0:ios(config-if)# RP/0/0/CPU0:ios# RP/0/0/CPU0:ios#admin RP/0/0/CPU0:ios(admin)#
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 41
Active Config
Configuration Database
Active Config
user
= Target Config
User establishes config session
Changes take effect immediately
IOS CLI – Single Stage IOS config model
CLI
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 42
Config Change Active Config
Configuration Database
Second Stage First Stage
Commit
Config Change Active Config +
user
= Target Config
User establishes config session
Adds/deletes/modifies configuration; these changes:
• Are entered in the staging area • Are validated for syntax and
authorized • Can be reviewed and modified
Promotes the changes to active configuration; these changes:
• Are verified for semantic correctness
• Are check-pointed on the router
IOS XR CLI: Two Stage Config model
CLI
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 43
IOS XR CLI: Config Commits
RP/0/0/CPU0:ios#show run int gi0/2/0/0 % No such configuration item(s) RP/0/0/CPU0:iosxr1#conf t RP/0/0/CPU0:iosxr1(config)#interface gig0/2/0/0 RP/0/0/CPU0:iosxr1(config-if)#ipv4 address 100.12.1.1/24 RP/0/0/CPU0:iosxr1(config-if)#commit RP/0/0/CPU0:Apr 24 00:49:28.119 : config[65691]: %MGBL-CONFIG-6-DB_COMMIT : Configuration committed by user 'root'. Use 'show configuration commit changes 1000000036' to view the changes. RP/0/0/CPU0:iosxr1(config-if)#end RP/0/0/CPU0:Apr 24 00:49:30.701 : config[65691]: %MGBL-SYS-5-CONFIG_I : Configured from console by root RP/0/0/CPU0:iosxr1# RP/0/0/CPU0:iosxr1#show run int gigabitEthernet 0/2/0/0 interface GigabitEthernet0/2/0/0 ipv4 address 100.12.1.1 255.255.255.0
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 44
IOS XR CLI: Config Commits
Config Database
Running Config
• Each commit generates record with unique Commit ID or label • Each commit ID is a rollback point • Commit Database stores up to 100 rollback points
Config Log: Commit ID# 100 Commit ID# 099 Commit ID# 098 … Commit ID #001
Target Config Commit
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 45
IOS XR CLI: Config Commits
§ Commit keyword writes config into Active Config § Supplies a commit ID to help in Config Rollback
– 1000000036 is the commit ID in previous illustration
§ List of commits can be viewed – History list is maintained
§ Commits can be labeled with user-friendly ‘tags’ – Eliminates the cumbersome IDs
§ Config restrictions can be imposed based on user – In previous illustration, the user “root” is indicated
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 46
IOS XR CLI: Commit List
RP/0/0/CPU0:ios#show configuration commit list SNo. Label/ID User Line Client Time Stamp ~~~~ ~~~~~~~~ ~~~~ ~~~~ ~~~~~~ ~~~~~~~~~~ 1 1000000037 root con0_0_CPU CLI 01:39:03 UTC Mon Apr 24 2006 2 1000000036 root con0_0_CPU CLI 01:18:10 UTC Mon Apr 24 2006 3 1000000035 root con0_0_CPU CLI 01:00:54 UTC Mon Apr 24 2006
• Sample Commit List output
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 47
IOS XR CLI: Config Rollback
RP/0/0/CPU0:iosxr1#conf t RP/0/0/CPU0:iosxr1(config)#hostname iox-nw06 RP/0/0/CPU0:iosxr1(config)#commit RP/0/0/CPU0:Apr 24 01:00:55.302 : config[65691]: %MGBL-CONFIG-6-DB_COMMIT : Configuration committed by user 'root'. Use 'show configuration commit changes 1000000034' to view the changes. RP/0/0/CPU0:iox-nw06(config)#end RP/0/0/CPU0:iox-nw06# RP/0/0/CPU0:iox-nw06#rollback configuration to 1000000033 Loading Rollback Changes. Loaded Rollback Changes in 1 sec Committing. 3 items committed in 1 sec (2)items/sec Updating.RP/0/0/CPU0:Apr 24 01:01:07.143 : config_rollback[65691]: %MGBL-CONFIG-6-DB_COMMIT : Configuration committed by user 'root'. Use 'show configuration commit changes 1000000035' to view the changes. Updated Commit database in 1 sec Configuration successfully rolled back to '1000000033'. RP/0/0/CPU0:iosxr1# RP/0/0/CPU0:iosxr1#
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 48
IOS XR CLI: Config Session locks
§ More than one user can open a target config session at a time § Provision for multiple users to work on separate target
configurations.
§ Locking the router config prevents changes by other users while someone is already committing the config.
CLI
Config Database
Running Config
RP/0/0/CPU0:ios#configure exclusive RP/0/0/CPU0:ios(config)#hostname iox-nw06-1 RP/0/0/CPU0:ios(config)#commit RP/0/0/CPU0:iox-nw06-1(config)#
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 49
IOS XR CLI: Pre-config capabilities
§ Pre-config feature allows configuring physical interfaces before they are inserted into the router.
§ Preconfigured interfaces are not verified or applied until the actual interface with the matching location
§ Allows reduction down time and helps improve operational tasks
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 50
IOS XR CLI: Pre-config capabilities
§ Prior to the LC being inserted • Select the interface • Configure the timing (e.g. for SONET controller) • Configure the framing • Configure the IP address
RP/0/0/CPU0:IOX-4(config)#interface preconfigure POS 0/4/1/0 RP/0/0/CPU0:IOX-4(config-if-pre)#ip address 1.1.1.1 255.255.255.0 RP/0/0/CPU0:IOX-4(config-if-pre)#encapsulation ppp RP/0/0/CPU0:IOX-4(config)#controller preconfigure sonet 0/4/0/0 RP/0/0/CPU0:IOX-4(config-sonet)#clock source line
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 51
IOS XR CLI: Config error handling
§ Two levels of config error handling
§ Parser/Syntax error – Identified by the parser when the <return> key is entered
§ Commit error – Syntactically correct but erroneous from config commit standpoint – Error details viewed through “show configuration failed” command – Common reasons for this error include:
• Non-atomic config sequence • Lack of predecessor config • Unsupported config from platform perspective
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 52
IOS XR CLI: Config error handling
§ Sample config error from QoS feature
RP/0/0/CPU0:ios#conf t RP/0/0/CPU0:ios(config)#policy p1 RP/0/0/CPU0:ios(config-pmap)#class c0 RP/0/0/CPU0:ios(config-pmap-c)#set precedence 0 RP/0/0/CPU0:ios(config-pmap-c)#commit % Failed to commit one or more configuration items during an atomic operation, no changes have been made. Please use 'show configuration failed' to view the errors RP/0/0/CPU0:ios(config-pmap-c)#show configuration failed !! CONFIGURATION FAILED DUE TO SEMANTIC ERRORS policy-map p1 class c0 set precedence routine !!% Class-map not configured: c0
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 53
IOS XR CLI: Summary
§ New CLI features to support IOS XR capabilities § Maintains consistency with commonly used IOS CLI
§ Allows for greater flexibility in CLI usage
§ Provides various tools for managing configs
§ User accessibility administration has been enhanced
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 54
Manageability – Router CLI
§ La configuración se basa en un modelo de dos estados.
§ La configuración “running” o “active” no se puede modificar directamente.
§ Por el contrario el usuario primero entra un primer estado.
§ Debe ser explícitamente promovido para formar parte de la configuración.
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 55
Configuracion – Protocolos de Ruteo.
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 56
IOS XR: OSPF
56 56 56 © 2003, Cisco Systems, Inc. All rights reserved. Presentation_ID
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 57
CLI Comparison
router ospf 99 router-id 1.1.1.1 area 0 interface GigabitEthernet0/2/0/0 cost 20 ! interface FastEthernet0/6/2/0 cost 20 ! ! !
OSPF IOS XR
router ospf 99 router-id 1.1.1.1 log-adjacency-changes network 201.0.0.0 0.0.0.255 area 0 ! interface POS1/0/0 ip address 201.1.1.2 255.255.255.0 ip ospf cost 20
OSPF IOS
show run router ospf
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 58
IOS XR: Implementing OSPF
58 58 58 © 2003, Cisco Systems, Inc. All rights reserved. Presentation_ID
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 59
Steps to Enable OSPF
§ Although you can configure OSPF before you configure an IP address, no OSPF routing will occur until at least one IP address is configured.
1. configure 2. router ospf instance-name or router ospfv3 instance-name 3. router-id {ip-address | interface-type interface-number} 4. area area-id 5. interface interface-type interface-number 6. Repeat Step 5 for each interface that will use OSPF. 7. end
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 60
IOS XR: Show OSPF commands
60 60 60 © 2003, Cisco Systems, Inc. All rights reserved. Presentation_ID
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 61
show ospf commands router# show ospf
show ospf database
show ospf neighbor
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 62
Debug Commands
debug ospf [instance-name] adj
router#
debug ospf [instance-name] hello
debug ospf [instance-name] lsa-generation
debug ospf [instance-name] mpls traffic-eng advertisements
debug ospf [instance-name] nsf
debug ospf [instance-name] packet
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 63
IOS XR: Static Routes
63 63 63 © 2003, Cisco Systems, Inc. All rights reserved. Presentation_ID
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 64
Comparison of Cisco IOS Static Route and Cisco IOS XR Static Route
RP/0/1/CPU0:IOS XR#sh run router static router static address-family ipv4 unicast 43.43.44.0/24 Serial0/5/3/3/0:2 43.43.44.44/32 Serial0/5/3/3/0:0 223.255.254.254/32 MgmtEth0/1/CPU0/0 ! address-family ipv6 unicast 5301::1111/128 Serial0/5/3/3/0:0 ! !
Static Route IOS Static Route IOS XR
IOS#sh run | beg ip route 192.1.1.0 ip route 192.1.1.0 255.255.255.0 g4/0 ip route 223.255.254.0 255.255.255.0 10.13.0.1
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 65
Steps to Enable Static Route
1. configure 2. router static 3. address-family <Address_Family> 4. (Network/Mask), (Forwarding Interface/IP Address) 5. end
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 66
IOS XR: BGP
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 67
Agenda
§ BGP Differences from IOS XR
§ BGP Verification commands
§ Distributed BGP
§ Route Policy Language
§ BGP Debugs
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 68
Common BGP Architecture
FIB
BGP (spkr, brib)
RIB LSD
Peers BPM
CLI
sysDB
SNMP
XML bgp_show
bgp_clear
config_mgr
BGP Processes: • BGP Process Manager (BPM) • BGP Speaker (BGP) • BGP RIB (bRIB) • Show/Clear/Ltrace
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 69
Comparison of Cisco IOS BGP and Cisco IOS XR BGP
IOS BGP Configuration router bgp 1 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 1 neighbor 1.1.1.1 update-source Loopback0 maximum-paths 8 ! address-family ipv4 neighbor 1.1.1.1 activate maximum-paths 8 no auto-summary no synchronization exit-address-family !
RP/0/1/CPU0:IOS XR#sh run router bgp router bgp 300 bgp router-id 2.2.2.2 address-family ipv4 unicast ! neighbor 192.1.1.2 remote-as 400 address-family ipv4 unicast route-policy policy in maximum-prefix 200000 75 warning-only route-policy policy out ! !
IOS XR BGP Configuration
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 70
Agenda
§ BGP Differences from IOS & XR
§ BGP Verification commands
§ Distributed BGP
§ Route Policy Language
§ BGP Debugs
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 71
BGP: Show commands (1/2) RP/0/1/CPU0:Router-5# sh bgp ipv4 unicast summary BGP router identifier 2.2.2.2, local AS number 300 BGP generic scan interval 60 secs BGP table state: Active BGP main routing table version 101 BGP scan interval 60 secs BGP is operating in STANDALONE mode. Process RecvTblVer bRIB/RIB LabelVer ImportVer SendTblVer Speaker 101 101 101 101 101 Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd 192.1.1.2 0 400 2451 2453 101 0 0 00:24:33 100
Show ip bgp summary (IOS)
Show bgp ipv4 unicast summary (IOS XR)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 72
BGP: Show commands (2/2) RP/0/1/CPU0:Router-5# sh bgp neighbor 192.1.1.2 BGP neighbor is 192.1.1.2 Remote AS 400, local AS 300, external link Remote router ID 192.1.1.2 BGP state = Established, up for 00:19:48 Last read 00:00:18, hold time is 90, keepalive interval is 30 seconds Neighbor capabilities: Route refresh: advertised Address family IPv4 Unicast: advertised Received 2440 messages, 0 notifications, 0 in queue Sent 2444 messages, 0 notifications, 0 in queue Minimum time between advertisement runs is 30 seconds <snip>
Show ip bgp neighbor x.x.x.x (IOS)
Show bgp neighbor x.x.x.x (IOS XR)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 73
Agenda
§ BGP Differences from IOS & XR
§ BGP Verification commands
§ Distributed BGP
§ Route Policy Language
§ BGP Debugs
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 74
Standalone BGP - Recap
§ Single process that sends and receives updates and interacts with the RIB
§ Less Overhead
§ Single Node
§ Inferior Scaling
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 75
Distributed BGP § Motivation is Scalability – Scale to 1000s of peers
§ Utilize multiple (D)RPs within the system to improve performance and increase scalability
§ BGP contains multiple processes to enable distribution and scaling
– One or more BGP Speakers communicate to peers – Single BGP RIB which receives and computes best_paths
§ Distributed operation mode must be explicitly enabled
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 76
BGP Speaker
• Can have multiple BGP speaker instances Explicit configuration assigns peers to a speaker instance
• Speaker is responsible for Protocol communication with assigned peers handling state machine storing Adj-RIB-In and Adj-RIB-Out running policy over prefixes Partial best path selection
• Communicates with BGP RIB process
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 77
BGP RIB (bRIB)
• Only a single instance of BGP RIB within the system • Responsible for :
Computing best path among all best paths received from all BGP Speaker instances Notifying all BGP Speakers of the computed best paths Installing best path routes in the global RIB (gRIB) Receiving redistributed routes Announcing redistributed routes to BGP Speakers
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 78
Agenda
§ BGP Differences from IOS & XR
§ BGP Verification commands
§ Distributed BGP
§ Route Policy Language
§ BGP Debugs
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 79
RPL - Motivation
§ Scaling Using route-maps could lead to 100k – 1M lines of configuration (e.g. 1000s of BGP peers).
§ Modularity Exploit modularity to reuse common portions of configuration.
§ Parameterization For elements which are not exact copies of each other we can add parameterization ( think variables ) to get further re-use.
§ Improved Clarity No Silently skipped statements.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 80
RPL Syntax – General Structure
§ RPL is used in 2 steps : Define the policy in configuration mode:
Use the policy in BGP body:
Route-policy <Policy Name> statement A
statement B End-policy
Router bgp 99 neighbor 2.2.2.2 remote-as 1
address-family ipv4 unicast route-policy <policy Name> in/out
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 81
RPL Syntax – Salient Features
§ Simple if, then, elseif & else statements.
§ Boolean operators to combine multiple statements.
§ Hierarchical and parameterized policy definitions for modularity.
§ Unordered sets to form operand templates.
§ Protocol specific constructs: as-path, community, med, tag, metric etc.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 82
RPL - Conditional Statements – if
An “if” statement uses a conditional expression to decide which actions or dispositions should be taken for the given route.
If as-path in as-path-set-1 then drop
endif
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 83
RPL - Conditional Statements – else if
The “if” statement also permits an “else” clause, which is executed if the expression is false.
if med eq 150 then set local-preference 10 elseif med eq 200 then
set local-preference 60 else set local-preference 0
endif
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 84
RPL - Conditional Statements - Nested If
The statements within an if statement may themselves be if statements if community matches-every(12:34,56:78) then if med eq 8 then
drop
endif
set local-preference 100
endif
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 85
if med eq 42 and next-hop in (1.1.1.1) then
if med eq 10 and not destination in (10.1.3.0/24) or community is (56:78)
if med eq 10 and (not destination in (10.1.3.0/24)) or community is (56:78 )
RPL - Boolean Expressions
§ Boolean expressions evaluate as either true or false.
§ RPL provides means to build compound conditions by means of boolean operators
§ There are three Boolean operators : – negation (not) – conjunction (and) – disjunction (or).
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 86
RPL - Hierarchical Policy
§ A policy which uses another policy within its body
route-policy Inner set weight 100
end-policy
!
route-policy Outer
apply Inner set community (2:666) additive
end-policy
!
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 87
RPL – Passing Parameters
§ A hierarchical policy can pass parameters
RP/0/RP0/CPU0:IOS XR#sh run route-policy Inner route-policy Inner($med)
set med $med
end-policy
!
RP/0/RP0/CPU0:IOS XR#sh run route-policy Outer
route-policy Outer
apply Inner(10)
end-policy
!
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 88
RPL – Passing Parameters … cont
§ Looping/recursion is not allowed
§ As many layers of hierarchy or parameters that you want
§ Parameters are passed by value only
§ When any policy is modified, that change affects all instances of policy hierarchies that reference the modified policy.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 89
RPL - Sets
§ Collection of unique elements. § The policy language provides sets as containers for group of values for matching purposes. § Used in conditional expressions. § The elements of the set are separated by commas. § Five Set types:
• prefix-set • as-path-set • community-set • extcommunity-set • rd-set
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 90
RPL - Prefix Sets § A prefix-set holds IPv4 and v6 prefix match specifications
§ Each prefix-set has four parts: address mask length minimum matching length (ge) maximum matching length (le)
prefix-set ten 10.0.3.0/24 ge 28,
10.0.4.0/24 le 28,
10.0.5.0/24 ge 26 le 30
end-set
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 91
RPL - AS-PATH Sets
§ An as-path-set comprises operations for matching an AS path attribute.
§ The only matching operation is a regular expression match
§ Compatible with the as-regexp provided by IOS in ip as-path access-list
RP/0/RP0/CPU0:IOS XR#sh run as-path-set set as-path-set set
ios-regex '_127$'
end-set
!
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 92
RPL - Community Sets
§ A community-set holds community values for matching against the BGP community attribute. § A community is a 2*16-bit quantity. § Community value is expressed as two integers separated by a colon.
community-set cset1 12:34,
12:78,
internet
end-set
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 93
RPL - Extended Community Set
§ Contains extended community values
§ Supports named forms and inline forms
extcommunity-set rt extcomm-set1 1.2.3.4:666,
1234:666
end-set
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 94
RPL - RD Set
§ An rd-set holds a set of RD values to match against VPNv4 routes.
§ Use rd-set to filter VPNv4 routes on inter-AS boundary
rd-set rt rd-set1 1.2.3.4:666,
1234:666,
123:*
end-set
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 95
Debug Commands
debug bgp [ip-address]
router#
debug bgp event [ ipv4/ipv6]
debug bgp keepalive [ip-address]
debug bgp rib [{ipv4 | ipv6 | all} {unicast | multicast | all}]
debug bgp policy [ip-address]
debug bgp address-family [{ipv4 | ipv6 | all} {unicast | multicast | all}]
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 96
Module 3-2 : IOS XR Quality of Service (QoS)
96 96 96 © 2003, Cisco Systems, Inc. All rights reserved. Presentation_ID
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 97
Quality of Service (QoS) Discussion
• By the end of this chapter we will see : • QoS configuration • QoS show commands • QoS debug commands • ACL Configuration
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 98
Quality of Service
• No major difference in CLI configuration between IOS and IOS XR.
• New CLI command in IOS XR is “show qos interface “
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 99
QoS configuration
RP/0/RP0/CPU0:IOS XR# sh run policy-map NW policy-map NW class P1 police rate 2000 kbps priority ! class P2 police rate 2000 kbps burst 1000 bytes ! ! RP/0/RP0/CPU0:IOS XR# show run class-map P1 class-map match-any P1 match precedence priority ! RP/0/RP0/CPU0:IOS XR# show run class-map P2 class-map match-any P2 match precedence immediate !
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 100
show qos interface RP/0/RP0/CPU0:IOS XR# show qos interface poS 0/6/0/0 output Interface POS0_6_0_0 -- output policy Total number of classes: 3 ------------------------------------------------------- LEVEL1 class: classid = 0x1 class name = P1 No explicit weight assigned for this class Sharq Queue ID = 10 This Q belongs to Group = 9 Queue Max. BW. = 2396160 kbps TailDrop Threshold(bytes)= 2995200 WRED not configured for this class Policer slot # = 225 Policer avg. kbps = 1953 kbps Policer peak kbps = 0 kbps Policer conform burst configured = 0 Kbits Policer conform burst programmed = 62496 bytes Policer conform action = Just TX Policer conform action value = 0 Policer exceed action = DROP PKT Policer exceed action value = 0 <output omitted>
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 101
QoS Show and Debug Commands
show policy-map interface [interface-id] [input | output]
show qos [interface ] [interface-id] [input | output]
show qos redq [queue number] [input | output | location]
show qos wred-curve [input | output | location]
router#
debug qos [control | data | dll]
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 102
Debug Commands
debug qos [control | data | dll]
router#
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 103
Base Security using ACLs
• Creating access lists
• Numbering statements (ACEs)
RP/0/0/0:RP-POD1#conf t RP/0/0/0:RP-POD1(config)#ip access-list Cisco RP/0/0/0:RP-POD1(config-ipv4-acl)#
RP/0/0/0:RP-POD1(config-ipv4-acl)#10 permit ip
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 104
ACL editing
§ Adding a line (ACE)
(config-ipv4-acl)# no 20
(config-ipv4-acl)# 30 deny udp any eq netbios-dgm any
• Removing a line (ACE)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 105
ACL Re-sequencing
• Sample re-sequenced ACL
resequence ip access-list <tag>
ip access-list Ethernet_In 10 deny udp any eq netbios-ns any 20 deny udp any host 255.255.255.255 eq tftp 30 permit any
• Re-sequencing ACL
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 106
ACL Copying
• Copying ACLs
RP/0/0/0:rp-router#copy ipv4 access-list pod6 pod6copy
copy ipv4 access-list source-list-name destination-list-name
Router#
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 107
Module 4-1 : IOS XR: MPLS Architecture, Configuration and Verification
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 108
§ MPLS Infrastructure
§ MPLS LDP
§ MPLS TE and FRR
§ MPLS L3VPN
§ MPLS OAM
Master MPLS Agenda
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 109
MPLS Infrastructure
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 110
Major MPLS Infrastructural Components
§ MPLS Applications: TE/FRR, LDP § Routing Protocols: OSPF, ISIS, BGP, static routes, etc § RIB: Routed Information Base § LSD: Label Switching Database § LFD: Label Forwarding Database § AIB: Adjacency Information Base § FIB: Forwarding Information Base § GSP: Group Services Protocol § BCDL: Bulk Content Downloader
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 111
Label Switching and Forwarding Databases
§ LSD- Label Switching Database Resides on the RP and maintains the mapping of input label to output label/interface
§ LFD – Label Forwarding Database Resolves label mapping interface to L2 adjacencies (MAC string, etc) Resides on the LC Programs the forwarding hardware on the LC
§ RP also has a local copy of the LFD, for locally originated packets
LSD RP
LC LFD Hardware AIB
Application (TE,LDP, etc)
LFD
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 112
AIB, GSP, BCDL § Adjacency Information Base (AIB)
keeps the mapping of IP NextHop/Outgoing Interface to L2 information (MAC string, PPP/HDLC rewrite, etc. – media-specific stuff) AIB runs on all LCs and on RP
§ Group Services Protocol (GSP) Reliable multicast mechanism to distribute information from RP to LC. Has regular priority messages and high-priority messages; high priority are used for FRR
§ Bulk Content Downloader (BCDL) Transport mechanism used to distribute forwarding information (both IP and MPLS) to the linecards
LDP/static LSD RP
LC LFD Hardware AIB
Routing Protocol RIB
FIB
(Both RIB and LSD use BCDL)
AIB
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 113
LFD/LSD show commands
RP/0/0/CPU0:Rtr#show mpls lsd ? applications Applications registered with LSD
clients Clients connected to LSD
RP/0/0/CPU0:Rtr#show mpls lfd ?
adjacency Display list of adjacencies on interface
fast-reroute Display Fast Reroute database information
timers Display timer information
updates Display internal update queues
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 114
§ MPLS Infrastructure
§ MPLS LDP
§ MPLS TE and FRR
§ MPLS L3VPN
§ MPLS OAM
Master MPLS Agenda
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 115
MPLS LDP
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 116
Agenda
§ Basic LDP configuration and verification
§ LDP Inbound label filtering
§ LDP Session Protection
§ LDP-IGP Synchronization
§ LDP Local label allocation control
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 117
LDP
§ Like other protocols in IOS XR, LDP has its own configuration submode
§ All LDP configuration takes place in this submode
§ LDP includes Graceful-restart capability but requires neighbor to be ‘GR-capable’ in order for labels to be maintained
§ There is no support for TDP in IOS XR
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 118
LDP RP/0/0/CPU0:Rtr(config)#mpls ldp RP/0/0/CPU0:Rtr(config-ldp)#? backoff Configure session backoff parameters discovery Configure discovery parameters explicit-null Configure explicit-null advertisement graceful-restart Configure LDP graceful restart feature holdtime Configure session holdtime interface Enable LDP on an interface and enter interface submode label Configure label advertisement control log Configure log information neighbor Configure neighbor parameters router-id Configure router Id signalling Configure LDP signalling parameters
Must be explicitly configured
RP/0/0/CPU0:Rtr(config-ldp)#interface pos0/6/0/2
RP/0/0/CPU0:Rtr(config-ldp-if)#?
discovery Configure interface LDP discovery parameter
§ LDP is enabled on an interface via the interface submode underneath the LDP submode
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 119
Show mpls forwarding/ Show mpls interfaces
RP/0/0/CPU0:Rtr#show mpls forwarding Local Outgoing Prefix Outgoing Next Hop Bytes T
Label Label or ID Interface Switched O
------ ----------- ----------------- ------------ --------------- ----------- -
17 Pop Label 192.168.1.1/32 PO0/6/0/2 192.168.6.1 0
18 Pop Label 192.168.1.3/32 PO0/6/0/0 192.168.7.3 0
19 Unlabelled 192.168.1.4/32 PO0/6/0/1 192.168.8.5 0
20 Unlabelled 192.168.1.5/32 PO0/6/0/1 192.168.8.5 0
21 29 192.168.1.6/32 PO0/6/0/2 192.168.6.1 0
22 30 192.168.1.7/32 PO0/6/0/0 192.168.7.3 0
Unlabelled 192.168.1.7/32 PO0/6/0/1 192.168.8.5 0
RP/0/0/CPU0:Rtr#show mpls interfaces
Interface LDP Tunnel Enabled
-------------------------- -------- -------- --------
POS0/6/0/0 Yes Yes Yes
POS0/6/0/1 No Yes Yes
POS0/6/0/2 Yes Yes Yes
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 120
Show mpls ldp RP/0/0/CPU0:Rtr#show mpls ldp ? backoff Session Backoff table information bindings Label Information Base (LIB) information discovery LDP Discovery Hello Information forwarding Forwarding entries information graceful-restart Graceful Restart feature information neighbor Neighbor information parameters Configuration parameter information statistics Statistics information summary Summarized information tech-support Output show commands of interest for MPLS LDP debugging
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 121
Debugging LDP
RP/0/0/CPU0:Rtr#debug mpls ldp ? advertisements LDP label and address
advertisments
backoff LDP session establishment backoff
bindings LDP label bindings changes
chkpt LDP Data Checkpoint events
config LDP config events
control LDP label and address control
errors LDP errors
fib LDP and FIB interaction events
graceful-restart LDP Graceful Restart events
interface LDP interface and ifmgr events
memory LDP memory events
messages LDP messages
mfi LDP MFI (LSD) interactions
§ debug mpls ldp has 20+ options to it § Some are for external things (signalling messages, etc) § Some are for internals (FIB interactions, HA data checkpointing, etc) § Very similar to IOS’ debug capabilities § Per-interface and ACL support where it makes sense
process LDP process events
rewrite-db LDP forwarding rewrite database events
session LDP session
targeted-neighbors LDP targeted neighbors events
timers LDP timer events
transport LDP transport and discovery
warnings LDP warnings
<cr>
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 122
Agenda
§ Basic LDP configuration and verification
§ LDP Inbound label filtering
§ LDP Session Protection
§ LDP-IGP Synchronization
§ LDP Local label allocation control
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 123
LDP Inbound label filtering • Controls receipt of incoming labels (remote bindings) for a set of
prefixes from a peer. • The configuration is specified using prefix-acl per-nbr.
RP/0/0/CPU0:Rtr# show run mpls ldp label mpls ldp label accept for pfx-acl1 from 1.1.1.1 for pfx-acl3 from 3.3.3.3 ! ! !
RP/0/0/CPU0:Rtr(config-ldp)# label accept for prefix-acl from peer-ip-address
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 124
LDP Inbound label filtering Verification
show mpls ldp neighbor ip-address detail
RP/0/0/CPU0:Rtr# show mpls ldp neighbor 3.3.3.3 detail Peer LDP Identifier: 3.3.3.3:0 TCP connection: 3.3.3.3:20635 - 1.1.1.1:646 Graceful Restart: Yes (Reconnect Timeout: 120 sec, Recovery: 180 sec) Session Holdtime: 180 sec State: Oper; Msgs sent/rcvd: 52/51 Up time: 00:30:05 LDP Discovery Sources: POS0/2/0/2 POS0/2/0/3 Addresses bound to this peer: 10.1.0.3 10.0.0.3 10.1.0.3 11.2.3.13 3.3.3.3 3.0.0.1 3.0.0.2 3.0.0.3 Peer holdtime: 180 sec; KA interval: 60 sec; Peer state: Estab Inbound label filtering: accept acl 'pfx-acl3'
Displays lnbound label filtering status for given neighbor
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 125
Agenda
§ Basic LDP configuration and verification
§ LDP Inbound label filtering
§ LDP Session Protection
§ LDP-IGP Synchronization
§ LDP Local label allocation control
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 126
Agenda
§ Basic LDP configuration and verification
§ LDP Inbound label filtering
§ LDP Session Protection
§ LDP-IGP Synchronization
§ LDP Local label allocation control
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 127
Rtr1
Rtr3
Rtr Rtr4
LDP IGP Sync
CE1 CE2
Network x Network y
§ Problem: Traffic hit on link up when IGP converges before MPLS (LDP) Traffic loss when no LDP session on outbound interfaces
§ Solution: Makes sure that no traffic is routed towards links on which MPLS (LDP) is not yet converged. Synchronize IGP with LDP so that LDP controls IGP metric for given link, depending on LDP state on given link. A link is advertised by IGP with max metric if LDP session is not yet up or not yet converged (label bindings exchange).
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 128
LDP IGP Sync (cont’d)
RP/0/0/CPU0:Rtr(config-isis-if-af)# mpls ldp sync [ level <1-2> ]
• IGP sync feature enabled only under IGP
RP/0/0/CPU0:Rtr(config-ldp)# igp sync delay seconds
• New debug to debug LDP IGP sync events:
debug mpls ldp igp sync [ interface intf-name ]
RP/0/0/CPU0:Rtr(config-ospf)#, (config-ospf-ar)# (config-ospf-ar-if)# mpls ldp sync
• To delay declaring sync up, a delay time can be configured under LDP:
• Enabling IGP sync feature for OSPF
• Enabling IGP sync feature for ISIS
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 129
RP/0/0/CPU0:Rtr# show mpls ldp igp sync [ interface intf-name ] RP/0/0/CPU0:Rtr# show ospf num interface [ intf-name ] RP/0/0/CPU0:Rtr# show isis num interface [ intf-name ]
RP/0/0/CPU0:Rtr# show mpls ldp igp sync POS0/2/0/1: Sync status: Ready Peers: 3.3.3.3:0 (GR) POS0/2/0/2: Sync status: Not ready (Deferred; 23 sec remaining) POS0/2/0/3: Sync status: Not ready
LDP IGP Sync - Display LDP IGP sync status for links
RP/0/0/CPU0:Rtr# show ospf 100 interface POS 0/2/0/1 | inc LDP LDP Sync Enabled, Sync Status: Achieved
RP/0/0/CPU0:Rtr# show isis 100 interface POS 0/2/0/1 | inc LDP LDP Sync Enabled, Sync Status: Achieved
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 130
§ MPLS Infrastructure
§ MPLS LDP
§ MPLS L3VPN
Master MPLS Agenda
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 131
IOS XR L3VPN
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 132
Agenda
§ L3 VPN features
§ Distinguishing features of IOS XR
§ L3VPN Infrastructure
§ L3VPN Configuration
§ L3VPN Verification and Troubleshooting
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 133
L3VPN Features
§ Basic L3VPN PE-CE protocols: eBGP, OSPF, EIGRP, RIP, Static MPLS Transport for the core: LDP, RSVP-TE
§ Inter-AS All options: Option A, B, & C
§ Label Allocation Schemes Per-prefix, Per-CE, Per-VRF Per-prefix is the default allocation mode.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 134
L3VPN Features
§ Site Of Origin
§ as-override
§ remove private-as
§ VRF prefix-limit
§ allow-as in
§ retain route-target
§ …
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 135
Agenda
§ L3 VPN features
§ Distinguishing features of IOS XR
§ L3VPN Infrastructure
§ L3VPN Configuration
§ L3VPN Verification and Troubleshooting
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 136
Distinguishing features of IOS XR
§ Event based import processing
§ Auto-RD – to automatically allocate RD
§ Label allocation schemes
§ Distributed BGP support
§ Automatic trigger of Route-Refresh upon RT config change
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 137
Agenda
§ L3VPN features
§ L3VPN Configuration
§ L3VPN Verification and Troubleshooting
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 138
Configuration
138 138 138
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 139
BGP Configuration Configuring PE/RR IBGP vpnv4 neighbors
router bgp 100
bgp router-id 100.100.100.100
address-family vpnv4 unicast
neighbor 168.1.1.1
remote-as 100
address-family vpnv4 unicast
!
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 140
VRF Configuration
Configuring the VRF in the Global Mode vrf vpn1
description foo router-id 1.1.1.1 address-family ipv4 unicast
import route-target 100:1 export route-target 200:1 import route-policy vpn1-import export route-policy vpn1-export
!
Assigning interface to VRF interface g0/1/0/2
vrf vpn1 ipv4 address 1.1.1.2/24
!
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 141
Configuring CE neighbors BGP PE-CE Configuration
router bgp 100
bgp router-id 100.100.100.100
address-family vpnv4 unicast
vrf vpn1
rd [auto | 100:1]
label-allocation-mode [per-ce | per-vrf]
address-family ipv4 unicast
neighbor 1.1.1.1
remote-as 65523
address-family ipv4 unicast
route-policy vpn1-in in
route-policy vpn1-out out
!
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 142
OSPF PE-CE Configuration
router ospf 100
vrf vpn1
router-id 100.100.100.100
domain-id type 0005 value 000102030405
domain-tag 101
redistribute bgp 100 route-policy policy1
area 0
interface g0/1/0/2
!
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 143
BGP Configuration Configuring EBGP ipv4+label neighbors
router bgp 100 bgp router-id 100.100.100.100
address-family vpnv4 unicast
neighbor 168.1.1.1
remote-as 100
address-family vpnv4 unicast
neighbor 145.1.1.1
remote-as 101
address-family ipv4 label-unicast
send-label route-policy label-policy
!
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 144
BGP Configuration – Inter-AS Configuring ASBR neighbors
router bgp 100
bgp router-id 100.100.100.100
address-family ipv4 unicast
allocate-label route-policy vpn1-label
neighbor 1.1.1.1
remote-as 65523
address-family ipv4 labeled-unicast
route-policy vpn1-label-in in
address-family ipv4 unicast
route-policy vpn1-in in
route-policy vpn1-out out
!
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 145
Sample Configuration DRP/0/2/CPU1:Rtr#sh run router bgp router bgp 1 bgp router-id 10.0.0.1 address-family ipv4 unicast ! address-family vpnv4 unicast ! neighbor-group v4-CE address-family ipv4 unicast route-policy pass-all in route-policy pass-all out ! ! neighbor-group v4-PE address-family vpnv4 unicast ! ! neighbor-group v4-EBGP address-family ipv4 unicast route-policy pass-all in route-policy pass-all out ! ! neighbor-group v4-IBGP address-family ipv4 unicast
neighbor 11.0.1.2 remote-as 2 use neighbor-group v4-EBGP description ipv4 unicast EBGP ! neighbor 11.0.2.2 remote-as 1 use neighbor-group v4-IBGP description ipv4 unicast IBGP ! neighbor 11.0.4.2 remote-as 1 use neighbor-group v4-PE description vpnv4 unicast PE ! vrf t1 rd auto bgp router-id 10.1.0.1 address-family ipv4 unicast ! neighbor 11.0.3.2 remote-as 1001 use neighbor-group v4-CE !
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 146
Agenda
§ L3VPN features
§ L3VPN Configuration
§ L3VPN Verification and Troubleshooting
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 147 147 147 147
Verification and Troubleshooting Show and Debug Command
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 148
IGPs & Static: Show commands
show ospf vrf <name> [neighbor | database | interface | …]
show eigrp vrf <name> [neighbor | topology | interface | …]
show rip vrf <name> [database | interface | …]
show static vrf <name> [topology | next-hops]
show ital dbase vrf-dbase process <process>
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 149
IGPs & Static: Debug commands
debug ospf <inst> [packet | tree | spf | rib | …]
debug eigrp [packets | fsm] [ipv4 vrf <name>] [neighbor | notifications | …]
debug rip [database | interface | rib | events | …]
debug static [topology | rib | ital | nhdb | tables | …]
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 150
Show commands- Examples RP/0/5/CPU0:Rtr#sh ospf 1 vrf blue neighbor Neighbors for OSPF 1, VRF blue Neighbor ID Pri State Dead Time Address Interface 140.10.10.2 1 FULL/ - 00:00:38 145.10.10.2 POS0/3/0/0 Neighbor is up for 2w1d Total neighbor count: 1
RP/0/5/CPU0:Rtr#sh ospf vrf all neighbor Neighbors for OSPF 1, VRF blue Neighbor ID Pri State Dead Time Address Interface 140.10.10.2 1 FULL/ - 00:00:36 145.10.10.2 POS0/3/0/0 Neighbor is up for 3d13h Total neighbor count: 1
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 151
BGP: Show & Debug commands
show bgp vrf <name> [summary] [labels] show bgp vpnv4 unicast [summary] [labels] Show bgp vpnv4 unicast [rd <rd> <prefix>] show bgp vrf <name> [<prefix>] [bestpath-compare] show bgp vrf <name> [imported-routes]
debug bgp [vrf <name>]
[<afi> <safi>] [io | rib | label | import | update | …]
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 152
Show commands
Show bgp vpnv4 unicast summary DRP/0/2/CPU1:Rtr#show bgp vpnv4 u sum BGP router identifier 10.0.0.1, local AS number 1 BGP generic scan interval 60 secs BGP table state: Active BGP main routing table version 59 BGP scan interval 60 secs BGP is operating in STANDALONE mode. Process RecvTblVer bRIB/RIB LabelVer ImportVer SendTblVer Speaker 59 59 59 59 59 Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd 11.0.4.2 0 1 17 24 59 0 0 00:09:10 5
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 153
IOS XR Operational Tools
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 154
Contents
§ Process Management
§ Memory Management
§ System Monitoring
§ Configuration Management
§ Data Collection Scripts
§ Miscellaneous
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 155
Process Management
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 156
Process Management
• Process An executable portion of code run within its own memory space
• Threads A process may contain one or more threads A thread is a ‘sub-process’ managed by the parent responsible for executing a portion of the overall process For example, OSPF has a thread which handles ‘hello’ receipt and transmission A thread may only run when the parent process is allocated runtime by the system scheduler. A process with threads is said to be ‘multi-threaded’
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 157
Process Management
• Job ID# Each process is allocated a Job ID# or JID when it is first run. The Job ID remains associated with the process even if the process is stop and restarted
• Process ID# Also known as the PID. Each process is also allocated a ‘PID’ when it is first run. The PID will change if the process is stopped and restarted
• Thread ID# Also known as the TID. If a process contains threads, each is assigned a TID# associated with the PID/JID
• DLL Processes may call and access Dynamic Link Libraries which is a method for sharing portions of code. Processes will dynamically load the required DLL at runtime
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 158
Process Management
§ Basic command show process
§ Process restart-ability process restart <process name | number> <option>
§ Monitor commands: monitor processes
monitor threads (or top)
§ Troubleshooting commands: show exception, exception
dumpcore
show context, clear context
process core
follow process
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 159
‘Show process’ command
RP/0/RP1/CPU0:IOSXR# show process ? <0-4294967295> job id WORD Name of the executable aborts Show process aborts all Show process data for all processes blocked Show detail for reply/send/mutex blocked processes. boot Show process boot info cpu Show CPU use per process distribution Show distribution of processes dynamic Show process data for dynamically created processes failover Show process failover info family Show process family information. files Show file and channel use per process location location to display log Show process log mandatory Show process data for mandatory processes memory Show memory use per process searchpath Show the search path signal Show signal use for processes. startup Show process data for processes created at startup threadname Show thread names.
Enter a name or number to select a process to view
Use this option to see processes in a ‘stuck’ state waiting for a response from another process
Use this option to see processes on a remote node – this may be an RP or an LC
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 160
‘Show process’ command RP/0/RP1/CPU0:IOSXR# show process snmpd Job Id: 288 PID: 143532 Executable path: /disk0/hfr-base-3.2.85/bin/snmpd Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 1 Max. spawns per minute: 12 Last started: Mon May 9 15:32:22 2005 Process state: Run Package state: Normal Started on config: cfg/gl/snmp/admin/community/ww core: TEXT SHAREDMEM MAINMEM Max. core: 0 startup_path: /pkg/startup/snmpd.startup Ready: 11.636s Process cpu time: 45.821 user, 5.058 kernel, 50.879 total JID TID Stack pri state HR:MM:SS:MSEC NAME 288 1 96K 10 Condvar 0:00:29:0500 snmpd 288 2 96K 10 Receive 0:00:00:0049 snmpd 288 3 96K 10 Receive 0:00:01:0427 snmpd 288 4 96K 10 Receive 0:00:04:0505 snmpd 288 5 96K 10 Condvar 0:00:00:0000 snmpd 288 6 96K 10 Receive 0:00:09:0788 snmpd 288 7 96K 10 Condvar 0:00:00:0042 snmpd 288 8 96K 10 Receive 0:00:00:0011 snmpd
SNMP Process contains 8 threads which operate under JID 288
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 161
Process Restartability
RP/0/RP1/CPU0:IOSXR# process ? <0-4294967295> job id WORD Name of the executable blocked process blocked, capture state crash crash a process mandatory set mandatory reboot settings restart restart a process shutdown kill/stop a process start start a process
Immediate termination of process – designed for test purposes rather than regular operation
Both ‘restart’ and ‘shutdown’ provide graceful termination of a process
RP/0/RP1/CPU0:IOSXR# show process snmpd
Job Id: 288 PID: 143532 Executable path: /disk0/hfr-base-3.2.85/bin/snmpd Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 1 Max. spawns per minute: 12 Last started: Mon May 9 15:32:22 2005 Process state: Run Package state: Normal Started on config: cfg/gl/snmp/admin/community/ww core: TEXT SHAREDMEM MAINMEM
...
Example of a process in normal ‘run’ state
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 162
RP/0/RP1/CPU0:IOSXR# process shutdown snmpd RP/0/RP1/CPU0:IOSXR# show processes snmpd Job Id: 288 PID: 143532 Executable path: /disk0/hfr-base-3.2.85/bin/snmpd Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 1 Max. spawns per minute: 12 Last started: Mon May 9 15:32:22 2005 Process state: Killed (last exit status : 15) Package state: Normal Registered item(s): cfg/gl/snmp/ cfg/gl/udpsnmp/ cfg/gl/mibs/ core: TEXT SHAREDMEM MAINMEM Max. core: 0 startup_path: /pkg/startup/snmpd.startup Ready: 11.636s
Process Restartability
Process state reported as ‘killed’
Configuration entries in Sysdb associated with this process
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 163
RP/0/RP1/CPU0:IOSXR# process restart snmpd RP/0/RP1/CPU0:IOSXR# show processes snmpd Job Id: 288 PID: 8528114 Executable path: /disk0/hfr-base-3.2.85/bin/snmpd Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 2 Max. spawns per minute: 12 Last started: Thu May 12 11:46:38 2005 Process state: Run (last exit status : 15) Package state: Normal Started on config: cfg/gl/snmp/admin/community/ww core: TEXT SHAREDMEM MAINMEM Max. core: 0 startup_path: /pkg/startup/snmpd.startup Ready: 6.657s Process cpu time: 0.721 user, 0.145 kernel, 0.866 total
Process Restart-ability
JID# remains constant, PID# changed on restart
Respawn counter incremented with process restart
Process state reports ‘Run’ plus last termination code
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 164
RP/0/RP1/CPU0:IOSXR# process crash snmpd RP/0/RP1/CPU0:IOSXR#sh processes snmpd Job Id: 288 PID: 10961090 Executable path: /disk0/hfr-base-3.2.85/bin/snmpd Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 3 Max. spawns per minute: 12 Last started: Fri May 20 14:32:53 2005 Process state: Run (last exit due to SIGSEGV) Package state: Normal Started on config: cfg/gl/snmp/admin/community/ww core: TEXT SHAREDMEM MAINMEM Max. core: 0 startup_path: /pkg/startup/snmpd.startup Ready: 2.001s Process cpu time: 1.539 user, 0.258 kernel, 1.797 total
Process Crash
Process will be automatically restarted if Respawn state is set to ‘ON’
Respawn counter incremented on restart
Process state reports last termination state as Signalled Segmentation Fault
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 165
Process Crash
RP/0/RP1/CPU0:IOSXR# process crash snmpd RP/0/RP1/CPU0: 14:32:48.464 : sysmgr_control[65730]: %OS-SYSMGR-4-PROC_CRASH_NAME : User lab (con0_RP1_CPU0) requested a crash of process snmpd RP/0/RP1/CPU0: 14:32:48.474 : sysmgr[73]: %OS-SYSMGR-4-WARNING : Sending signal 11 to snmpd jid=288/pid=10948823 RP/0/RP1/CPU0: 14:32:48.492 : dumper[54]: %OS-DUMPER-4-SIGNALCORE_INFO : Core for pid = 10948823 (pkg/bin/snmpd) as signal 11 sent by pkg/bin/sysmgr@node0_RP1_CPU0 RP/0/RP1/CPU0: 14:32:50.081 : dumper[54]: %OS-DUMPER-5-CORE_FILE_NAME : Core for process pkg/bin/snmpd at harddisk:/dumper/snmpd.by.sysmgr.node0_RP1_CPU0.ppc.Z RP/0/RP1/CPU0: 14:32:53.506 : dumper[54]: %OS-DUMPER-5-DUMP_SUCCESS : Core dump success RP/0/RP1/CPU0: 14:32:53.625 : sysmgr[73]: snmpd(1) (jid 288) abnormally terminated, restart scheduled
Log message notes that user ‘Lab’ initiated crash request
Log messages generated on process crash
Identification of JID#/PID# that crash signal is being sent to
Message identifying location of coredump generated by process crash
Automatic restart since Respawn is set to ‘ON’ for this process
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 166
‘Monitor process’ command
• Command provide Unix ‘top’ like information
• Displays details on number of running processes, CPU and memory utilization
• Automatically updates every 10 seconds
• Can specify the location of the node that you wish to monitor, for example 0/RP0/CPU0 or 0/2/CPU0
• To change the parameters displayed by monitor processes, enter one of the interactive commands eg. ? to get help, n for the number of entries, t – sorted on cpu time, q to quit
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 167
‘Monitor process’ command 233 processes; 788 threads; 4663 channels, 5906 fds CPU states: 94.8% idle, 4.1% user, 1.0% kernel Memory: 4096M total, 3599M avail, page size 4K JID TIDS Chans FDs Tmrs MEM HH:MM:SS CPU NAME 1 26 236 183 1 0 67:18:56 1.06% procnto-600-smp-cisco… 256 5 39 21 4 292K 0:02:44 0.79% packet 69 10 454 9 3 2M 0:33:07 0.62% qnet 331 8 254 21 13 2M 0:15:20 0.52% wdsysmon 55 11 23 15 6 36M 0:31:18 0.50% eth_server 241 12 96 83 13 1M 0:04:54 0.37% netio 171 15 97 44 9 2M 0:03:33 0.12% gsp JID TIDS Chans FDs Tmrs MEM HH:MM:SS CPU NAME 55 11 23 15 6 36M 0:00:00 0.00% eth_server 155 1 7 18 4 12M 0:00:00 0.00% fgid_server 100 2 11 16 3 11M 0:00:00 0.00% fgid_aggregator 257 8 16 36 3 8M 0:00:00 0.00% parser_server 65554 7 16 3 3 7M 0:00:00 0.00% devb-ata 53 5 237 633 0 4M 0:00:00 0.00% dllmgr 121 11 48 67 19 3M 0:00:00 0.00% bgp
t - Sort on CPU time
m - Sort on memory usage
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 168
Memory Management
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 169
Memory Management
§ Global memory: show memory summary
§ Process memory show memory
show process memory
show dll memory
show memory heap
show memory compare
§ How to troubleshoot memory leaks – Use commands: monitor process
show process memory
show memory
follow
show memory compare
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 170
Global memory
§ Physical Memory - amount of physical memory installed on the device
§ Application Memory - memory available for the system to use (total memory minus image size, reserved, and flashfsys)
§ Image - size of the bootable image
§ Reserved - amount of space reserved for packet memory
§ IOMem - IO memory—currently used as a backup for packet memory
• Flashfsys - flash file system memory
RP/0/RP1/CPU0:IOSXR# show memory summary Physical Memory: 4096M total Application Memory : 3951M (3600M available) Image: 16M (bootram: 16M) Reserved: 128M, IOMem: 2028M, flashfsys: 0 Total shared window: 8M
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 171
Process memory RP/0/RP1/CPU0:IOSXR# show memory 288 ... pkg/bin/snmpd: jid 288 Address Bytes What 480b9000 4096 Program Stack (pages not allocated) 480ba000 122880 Program Stack (pages not allocated) ... 48200000 290816 Shared Memory 48247000 77824 Program Text or Data 4825a000 4096 Program Text or Data 4825b000 16384 Allocated Memory ... 482cd000 126976 Allocated Memory 60100000 401408 Shared Memory 6022e000 49152 Shared Memory 6023a000 4096 Shared Memory 6034f000 966656 Reserved Memory 6043b000 126976 Shared Memory fc01b000 4096 DLL Data libikeparse.dll fc0c2000 24576 DLL Text libsnmpmib_ios.dll fc0cb000 4096 DLL Data fd11f000 57344 DLL Data libsnmpmib.dll fd12d000 32768 DLL Text libentityapi.dll fd135000 45056 DLL Text libinventoryci.dll fd144000 4096 DLL Data fd17b000 4096 DLL Data libifmibapi.dll fd550000 28672 DLL Text libifmib.dll fd6ac000 73728 DLL Text libifmibapi.dll fd6be000 69632 DLL Text libinterface_ci.dll Total Allocated Memory: 593920 Total Shared Memory: 1806336
Starting address in memory
Size of memory allocated
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 172
‘Show memory compare’ command
• This command makes use of show memory heap and allows users to display details about heap memory usage for all processes on the router at different moments in time and compare the results - useful for detecting patterns of memory usage during events such as restarting processes or looking for memory leaks
• Process how to use the command: 1. show memory compare start
Takes the initial snapshot of heap usage 2. show memory compare end
Takes the second snapshot of heap usage 3. show memory compare report
Displays the heap memory comparison report
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 173
‘Show memory compare’ command
RP/0/RP1/CPU0:IOSXR# show memory compare start Successfully stored memory snapshot /harddisk:/malloc_dump/memcmp_start.out RP/0/RP1/CPU0:IOSXR# show memory compare end Successfully stored memory snapshot /harddisk:/malloc_dump/memcmp_end.out RP/0/RP1/CPU0:IOSXR# show memory compare report JID name mem before mem after difference mallocs restart --- ---- ---------- --------- ---------- ------- ------- 57 i2c_server 11756 11916 160 1 283 shelfmgr 273508 273460 -48 -1 121 bgp 2522256 2522208 -48 -1 69 qnet 2013844 2013196 -648 -27 234 lpts_pa 408536 407632 -904 -14 224 isis 3089108 3087900 -1208 0 314 tcp 247196 245740 -1456 -9 241 netio 808136 806464 -1672 -46 You are now free to remove snapshot memcmp_start.out and memcmp_end.out under /harddisk:/malloc_dump
© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 174
System Monitoring
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 175
System Monitoring
§ Commands show tech
show system verify
monitor interface
monitor controller
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 176
‘Show tech’ command • Traditional dump of configuration and show command outputs but can be focussed on functional areas
RP/0/RP1/CPU0:CRS_IOX# show tech-support ?
bcdl Output show commands of interest for bcdl debugging cef Output show commands of interest for CEF debugging file Specify a valid file name (e.g. disk0:tmp.log) gsp Output show commands of interest for gsp debugging install Show install information for Tech-support isis Show IS-IS-related diagnostics for Tech-support mpls Output show commands of interest for MPLS debugging multicast Show multicast related information ospfv3 Output show commands for OSPFv3 debugging password Include password in output placement Gather lots of information about process placement platform show tech-support platform output rib Show IP RIB related information routing Routing show tech-support output terminal Send output to terminal
RP/0/RP1/CPU0:CRS_IOX#show tech-support cef ipv4 location ? 0/2/CPU0 Fully qualified location specification 0/3/CPU0 Fully qualified location specification 0/5/CPU0 Fully qualified location specification 0/RP0/CPU0 Fully qualified location specification 0/RP1/CPU0 Fully qualified location specification WORD Fully qualified location specification
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 177
Trace functionality
RP/0/RP1/CPU0:CRS1_1# sh cef trace tailf 4 unique entries (128 possible, 0 filtered)May 19 23:37:04.172 ipv4_fib/ipv4_fib_mgr_unique 0/RP1/CPU0 1# IP-CEF platform creates hash set to TRUE. May 20 07:04:41.574 ipv4_fib/ipv4_fib_mgr_unique 0/RP1/CPU0 5# IP-CEF-Error: Doesn't own external adjacency for 1.1.1.100/32 path 0 May 20 07:04:41.574 ipv4_fib/ipv4_fib_mgr_unique 0/RP1/CPU0 5# IP-CEF-Error: Doesn't own external adjacency for 10.1.2.0/24 path 0 May 20 07:04:41.574 ipv4_fib/ipv4_fib_mgr_unique 0/RP1/CPU0 5# IP-CEF-Error: Doesn't own external adjacency for 10.1.3.0/24 path 0 102 wrapping entries (10240 possible, 0 filtered, 102 total) May 19 23:37:04.174 ipv4_fib/ipv4_fib_mgr_low 0/RP1/CPU0 t1 IP-CEF-Event: Spawning CEF periodic thread May 19 23:37:04.174 ipv4_fib/ipv4_fib_mgr_low 0/RP1/CPU0 t1 IP-CEF-Event: Spawning CEF main thread May 19 23:37:04.199 ipv4_fib/ipv4_fib_mgr_low 0/RP1/CPU0 t3 IP-CEF-EA: Connected to IMP May 19 23:37:04.207 ipv4_fib/ipv4_fib_mgr_hi 0/RP1/CPU0 t1 IP-CEF-Event: Connected to netio May 19 23:37:04.218 ipv4_fib/ipv4_fib_mgr_errors 0/RP1/CPU0 t1 IP-FIB:fib_pfi_if_connect pfi_ifh_bind failed : 0x434e8c00, 'pfi-ifh' detected the 'warning' condition 'Failed to contact the IFH server'
• Many major functions have ‘trace’ functionality to show the last actions it conducted – a form of ‘always-on’ debug
RP/0/RP1/CPU0:CRS1_1# sh sysmgr trace tailf May 19 23:33:17.912 sysmgr/global 0/RP1/CPU0 1# t1 SYSMGR_INIT jid=0 UNKNOWN May 20 00:27:50.879 sysmgr/global 0/RP1/CPU0 4# t13 [unknown 0x10a/1] 0x00000005 May 20 05:02:59.839 sysmgr/global 0/RP1/CPU0 1# t11 FAILOVER jid=0 UNKNOWN May 20 05:03:15.473 sysmgr/global 0/RP1/CPU0 105# t11 PROC_NOTIFY jid=206 ipv4_smiap May 20 05:04:15.583 sysmgr/global 0/RP1/CPU0 20# t13 PROC_EXIT jid=312 sysmgr_preload_dll May 20 07:04:41.509 sysmgr/global 0/RP1/CPU0 61# t14 PROC_AVAIL jid=340 mpls_ldp May 20 14:32:53.625 sysmgr/global 0/RP1/CPU0 2# t11 PROC_ABORT jid=288 snmpd status=139 May 20 14:32:53.996 sysmgr/global 0/RP1/CPU0 213# t11 PROC_START jid=288 snmpd May 20 14:32:55.637 sysmgr/global 0/RP1/CPU0 209# t11 PROC_READY jid=288 snmpd
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 178
‘Monitor interface’ command
RP/0/RP1/CPU0:CRS1_1# monitor interface mgmtEth 0/rp1/CPU0/0
CRS1_1 Monitor Time: 00:00:52 SysUptime: 16:33:16 MgmtEth0/RP1/CPU0/0 is up, line protocol is up Encapsulation ARPA
Traffic Stats:(5 minute rates) Delta Input Packets: 313326 17 Input pps: 5 Input Bytes: 34467898 1033 Input Kbps: 3 Output Packets: 37633 4 Output pps: 0 Output Bytes: 2034463 244 Output Kbps: 0
Errors Stats: Input Total: 1 0 Input CRC: 0 0 Input Frame: 0 0 Input Overrun: 0 0 Output Total: 0 0 Output Underrun: 0 0
Quit='q', Freeze='f', Thaw='t', Clear='c', Interface='i', Detail='d', Brief='b', Next='n', Prev='p'
• per interface reporting (requires MGBL package)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 179
‘Monitor interface’ command
RP/0/RP1/CPU0:CRS1_1# monitor interface all
CRS1_1 Monitor Time: 00:00:55 SysUptime: 16:35:50
Interface Encap Input Output Input Output pps pps Kbps Kbps MgmtEth0/RP0/CPU0/0 ARPA 4 0 2 0
MgmtEth0/RP1/CPU0/0 ARPA 4 0 2 0
POS0/4/0/0 HDLC 1230 0 542210 0
POS0/4/0/3 HDLC 0 0 0 0
POS0/4/0/6 PPP 0 0 0 0
POS0/4/0/7 HDLC 0 1230 0 542210
Quit='q', Freeze='f', Thaw='t', Clear='c', Next set='n', Prev set='p'
• or all interfaces in the system
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 180
‘Monitor controller sonet’ command
RP/0/RP1/CPU0:CRS1_1# monitor controller sonet 0/2/0/0
equinox Monitor Time: 00:00:47 SysUptime: 172:31:04
Controller for SONET0_2_0_0
Controller Stats: Delta Path LOP 0 ( 0 per-sec) 0 Path AIS 0 ( 0 per-sec) 0 Path RDI 0 ( 0 per-sec) 0 Path BIP 0 ( 0 per-sec) 0 Path FEBE 0 ( 0 per-sec) 0 Path NEWPTR 0 ( 0 per-sec) 0 Path PSE 0 ( 0 per-sec) 0 Path NSE 0 ( 0 per-sec) 0 Line AIS 0 ( 0 per-sec) 0 Line RDI 0 ( 0 per-sec) 0 Line BIP 0 ( 0 per-sec) 0 Line FEBE 0 ( 0 per-sec) 0 Section LOS 0 ( 0 per-sec) 0 Section LOF 0 ( 0 per-sec) 0 Section BIP 0 ( 0 per-sec) 0
Quit='q', Freeze='f', Thaw='t', Clear='c', Select controller='s'
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 181
Logging archive
RP/0/RP1/CPU0:ios(config)#logging archive ?
archive-length The maximum no of weeks of log to maintain archive-size The total size of the archive device Configure the archive device file-size The maximum file size for a single log file. frequency The collection interval for logs severity The minimum severity of log messages to archive <cr>
RP/0/RP1/CPU0:ios(config)#logging archive device ?
disk0 Use disk0 as the archive device disk1 Use disk1 as the archive device harddisk Use harddisk as the archive device
• use disk devices to store syslogs
• Options must be set for function to work • recommended defaults:
• archive-length = 4 weeks • archive-size = 300 MB • device = harddisk • file size = 5 MB • frequency = daily • severity = informational
RP/0/8/CPU0:PE1#sh run logging archive logging archive device harddisk severity informational file-size 5 frequency daily archive-size 300 archive-length 4