presentacion xr.pdf

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Presentation_ID 1

IOS-XR


Evolución

2 2 2 © 2004 Cisco Systems, Inc. All rights reserved. Presentation_ID

Control Plane Applications

Forwarding Plane Applications

Network Stack

System Infrastructure

Forward Infrastructure

OS Scheduler

Man

agem

ent P

lane

App

licat

ions

HA

Infr

astr

uctu

re

Control Plane Data Plane Management Plane



BG

B

RIP

ISIS

OSP

F

Rou

ting

PIM

IGM

P

RIB

L2 D

river

s

AC

L

FIB

QoS

LPTS

Hos

t Ser

vice

PFI

Inte

rfac

e

CLI

SNM

P

XML

Net

flow

Ala

rm

Per.f

Mgm

t

SSH

SSH

SSH

Checkpoint DB Multicast IPC System DB

Distributed Infrastructure

Memory Mgmt IPC Mech Synch. Services Scheduler

Kernel System Services

§  Kernel Monolitico §  Infraestructura centralizada

§  Aplicaciones Centralizadas.

§  Micro Kernel §  Infraestructura distribuida

§  Aplicaciones distribuidas.


IOS XR Características principales

•  Modular – upgrade/downgrade de software sin interrupción

•  Distribuido – escalable a multi-chassis support

•  Plataforma Independiente - modelo POSIX

•  Interface de Admon Unified Data Model SNMP/XML

•  High Availability – Reinicio de Procesos y Hot Standby

•  Seguridad – En planos de datos, control y Management

•  Router Logico – Particionamiento de Router.

© 2011 Cisco and/or its affiliates. All rights reserved. CRS Latam armangar 4

Modularidad


Manageability ORB, XML, Alarms management

Security IPSec, Encryption, Decryption

Multicast PIM, MFIB, IGMP

MPLS MPLS, UCP

IOS XR Paquetes de Software

Routing: RIB, BGP, ISIS, OSPF, RPL

OS: Kernel, file system, memory management, and other slow changing core

Base Interface manager, System database, checkpoint services Configuration management, etc.

Admin Resource Management: Rack, Fabric, LR management

Forwarding Platform independent FIB, ARP, QoS, ACL, etc

Line Card Platform Dependent LC ucode & drivers


IOS XR Paquetes ofrecen flexibilidad

•  Se puede hacer actualizaciones independientes para MPLS, Multicast, Routing Protocols y linecards. •  Habilidad para correr diferentes versiones en diferentes nodos.

•  Habilidad para liberar paquetes de software de forma asíncrona. •  Paquetes opcionales si la tecnología no se desea en el equipo (Multicast, MPLS)

Line card

OSPF ISIS

RPL BGP Routing Composite

OS IOX Admin

Base

Forwarding

Security

MPLS Multi- cast

Manageability

Host Composite


IOS XR Software Modular en Paquetes

§  Actualizar paquetes especificos/compuestos. –  A través de todo el sistema

–  Se puede instalar en tarjetas específicas.

§  Punto de reparación para fallas de softwaren.

DRP LC RP

SC

Manage- ability Security

GMPLS Multi-cast

Opt’l

Mand

Opt’l

Mand

Opt’l

Mand

Mand

Mand

RPL BGP

ISIS OSPF

Forwarding

Base

Admin

OS

Base

OS

Forwarding

Forwarding

Manage- ability Security

GMPLS Multi-cast

RPL BGP

ISIS OSPF Base

OS

Line Card

GMPLS Multi-cast

Base

Admin

OS



Arquitectura Distribuida


In-Memory Database (IMDB) Distribuida

Reliable Multicast and Unicast IPC

Local-DRP Global

IP Intf OSPF BGP ISIS IP Intf

OSPF BGP ISIS

Global Local-Ra

Management Applications (CLI/XML?SNMP)

Consolidated System View

Local-LCa

IP Intf

ARP PPP

ACL VLAN

QOS

RP-A DRP

LCa

§  Mensajes IPC multicast mejoran escalabilidad y performance.

§  Modelo distribuido de administración

§  Vista consolidada del sistema facilita mantenimiento.


Control Plane Distribuido.

§  Protocolos de ruteo y de señalizacion pueden correr en uno o mas (D)RP

§  Cada uno con redundancia con su propia standby (D)RP

§  Facilita el manejo de recursos

RP2 RP3 RP4 RPn RP1

RESILLIENT SYSTEM PROCESS DISTRIBUTION

BGP IS-IS MPLS Multi-cast BGP



Distributed Forwarding Infrastructure

Forwarding un solo estado §  Una sola base de Informacion de

Adjacencias (AIB) distibuida a todas las line cards.

§  Una sola interface global de management distribuida a todas las LC

§  FIB de solo ingreso– forza los features de forwarding correr en la RP

Forwarding de dos estados. §  Cada linecard tiene su propia AIB solo

para interfaces locales. §  Cada LC tiene Bases de Datos

independientes para interfaces locales.

§  FIB de Ingress y de Egress permite que features corran de manera independiente en cada LC


LC

RP

LC

FIB

Global IDB & AIB

CPU

CPU

Switching Fabric

IP Stack IM Netflow

PPP ARP VLAN

Drivers

RP

LC LC

CPU

CPU Ingress FIB

Ingress AIB & IDB Egress

FIB

Egress AIB & IDB

Switching Fabric

Global Int. Mgr.

LC-CPU

IM VLAN PPP

HDLC Netflow ARP


Agenda

§  IOS XR Software Architecture

§  IOS XR High Availability Infrastructure

§ Process Restartability

§ RP/DRP Redundancy

§ Non-Stop Forwarding (NSF)

§  In Service Software Upgrade (ISSU)


IOS XR Software Architecture

IOS XR Software consists of: §  Micro-Kernel OS, memory-protection, msg-passing, pre-emptive

§  All basic OS and router functionality implemented as processes

§  UNIX process model with separate, protected memory/address spaces

Microkernel Threads Scheduling Debug Timers

Message Queues

Synchronization

Distributed Processing

File System

Lightweight Messaging

Event Management

C I S

C O

P O S I X

Applications


Agenda

§  IOS XR Software Architecture







High Availability in IOS XR

Many Aspects of High Availability in the Software & Hardware

§ Process/Application level High Availability

§ Resource Monitoring and Validation

§ Fault Management

§ Data Traffic Protection and Restoration

§  In-Service Software Upgrade (ISSU)


NSF capabilities

§  Separate mgmt, control and data planes Mgmt and control plane outages do not affect forwarding operation

§  Process-level fault containment (process restart)

§  Card-level fault mgmt (active->standby RP or DRP failover)

§  NSF achieved through Check pointing and Graceful Restart of routing protocol

§  ISSU Capability where many processes can be upgraded without impact

Uses process restart to install updated software on the active RP


Agenda

§ High Availability Introduction in IOS XR







Process Restartability §  Used for small/contained faults (individual or small groups of process

failures) §  Processes support restarting with dynamic state recovery

Mirrored State via checkpoint or synchronization with peer §  First line of defense- All Processes are restartable for fault recovery §  Certain processes are ‘mandatory’ – must always be running. Failure of

mandatory processes can cause RP failover §  Second line of defense - Card-level Redundancy is used when Process

Restart fails-

Contained Contained

Contained

BGP IS-IS RIB QoS FIB IP Stack CLI XML Alarm File System

Inter Process Communication SSH SNMP Netflow L2

Drivers PFI ACL IGMP PIM OSPF

OS Distributed Middleware


Process-level Redundancy

Standby process

Active process

Active service-providing process

Standby process

Active process uses checkpoint library to share running state with standby.

Standby Process may or may not be running

client

client

client

Clients use active service-providing process


process

Process-level Redundancy (cont)

process process

Active process dies

Standby Process becomes Active

client

client client

Clients use new primary service-providing process New primary starts

sending updates to standby process

New Standby Process is started


Examining the process restart details show processes aib

Job Id: 101 PID: 13865060 Executable path: /disk0/hfr-base-3.0.1/bin/aib Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 2 Max. spawns per minute: 12 Last started: Wed Feb 16 07:01:56 2005 Process state: Run (last exit due to SIGSEGV) Package state: Normal Started on config: cfg/gl/ipv4-aib/ core: TEXT SHAREDMEM MAINMEM Max. core: 0 Level: 90 Mandatory: ON startup_path: /pkg/startup/aib.startup Process cpu time: 0.143 user, 0.054 kernel, 0.197 total JID TID LastCPU Stack pri state HR:MM:SS:MSEC NAME 101 1 1 36K 10 Receive 0:00:00:0135 aib 101 2 1 36K 10 Receive 0:00:00:0001 aib 101 3 1 36K 10 Receive 0:00:00:0000 aib 101 4 1 36K 10 Receive 0:00:00:0006 aib -------------------------------------------------------------------------------

Number of times process has been restarted

Threshold for restarts

Designated as ‘mandatory’ – can be altered!

Multi-threaded with 4 active threads


Agenda








RP/DRP Redundancy


RP/DRP Redundancy

Card-level redundancy and failover §  Used for handling larger error sets

control plane lock-up on active RP or Hardware errors on active RP or cases where critical processes will not restart

properly

§  “Warm” redundancy - Processes on standby card use mirrored, checkpointed data.

§  Warm Standby processes do not process checkpointed data until they become active

Standby RP

Active RP


Redundancy - Card-Level Switchover When?

§  HW errors detected on active RP card

§  Control plane lockup on active card

§  ‘Mandatory’ Process crashed and not restartable or crashed repeatedly

§  Kernel crash §  User command “redundancy

failover” §  HW watchdog timer

Standby RP

Active RP

Line Card Line Card

State Information


Redundancy - Card-Level Switchover When is RP switchover NOT allowed?

§  HW errors detected on standby card

§  Control plane lockup on standby card

§  Mandatory Process(es) crashed on standby card

§  Software Install in progress §  Any process on standby indicates “standby not ready” (usually during standby card init)

Standby RP

Active RP

Line Card Line Card

State Information


Agenda

§ High Availability Introduction in IOS XR §  IOS XR High Availability Infrastructure § Process Restartability § RP/DRP Redundancy § Non-Stop Forwarding (NSF) §  In Service Software Upgrade (ISSU) § Summary


MPLS HA Architecture

DRP

LC LC

Application: MPLS-TE Recovery: From systems services and check-pointing

Label signaling: RSVP, LDP Recovery: From applications and neighbors

Infra: Label manager Recovery: From signaling layer

MPLS Forwarding MPLS

Forwarding Recovery: From Label Manager


Agenda








In Service Software Upgrade- ISSU


ISSU

•  Ability to deliver point fixes (e.g. to fix a BGP bug, only install/modify a patch to BGP code, nothing else) or upgrade complete set of functionality whilst system is operating

•  Identify exactly what has changed, and its impact ‘fan-out’

•  Safety Checks conducted before proceeding with upgrade

•  Restart processes to activate new code

•  Goal is to preserve NSF / NSR even on “live” upgrades to active RP


ISSU §  Two main forms of ISSU

Software Maintenance Unit (SMU) based – Patch code to resolve problem. SMU limited to single DDTS component

Package Installation Envelope (PIE) based – Complete set of binaries for a particular collection of functions/ Software Package

Manageability ORB, XML, Alarms management

Security IPSec, Encryption, Decryption

Multicast PIM, MFIB, IGMP

MPLS MPLS, UCP

Routing: RIB, BGP, ISIS, OSPF, RPL

OS: Kernel, file system, memory management, and other slow changing core

Base Interface manager, System database, checkpoint services Configuration management, etc.

Admin Resource Management: Rack, Fabric, LR management

Forwarding Platform independent FIB, ARP, QoS, ACL, etc

Line Card Platform Dependent LC ucode & drivers


IOS XR: Config Management using CLI


IOS XR CLI

What to expect at the end of this session: –  Key CLI features to get started with IOS XR –  Various config modes and their applications


IOS XR and IOS Config differences

IOS XR IOS

Configuration changes do NOT take place after <CR> Configurations take place immediately after <CR>

Configuration changes must be ‘committed’ before they take effect No commit

Allows you to verify your configuration before applying it No verification required

Two stage configuration model Not available

Configuration rollback Not available

Feature centric Interface centric


IOS XR CLI - Location addressing format

§ CRS-1 is designed to scale 72 linecard chassis’s with a potential of 1296 linecard and RP slots

§  Location identifiers use R/S/M/I format R = Rack (applicable in multi-chassis systems) S = Slot (physical slot the module is in) M = module (0 for ‘fixed’ PLIMs, n for SPAs) I = Interface


IOS XR CLI: Key Features

§ New CLI format

§ Two-stage config model

§ Ability to rollback config changes

§ Provision to pre-configure

§ New config plane – Admin mode


IOS XR CLI: New CLI format

§  New CLI reflects the HW position in the system –  Introduces the Hierarchical location scheme –  Each linecard has three-level identification: Shelf/Slot/cpu # –  Interfaces have the Shelf/Slot/Bay/Interface scheme

§  Protocol referenced by address family type – v4/v6 §  Backward compatible command-set with IOS

RP/0/0/CPU0:Router-1#show ipv4 interface brief Interface IP-Address Status Protocol MgmtEth0/0/CPU0/0 10.23.1.69 Up Up MgmtEth0/0/CPU0/1 unassigned Shutdown Down MgmtEth0/0/CPU0/2 unassigned Shutdown Down GigabitEthernet0/2/0/0 100.12.1.1 Up Up


IOS XR CLI: New CLI format

§ Config modes include: –  Privileged exec mode –  Global config mode –  Config sub-mode –  Admin mode

§ Admin mode is newly introduced compared to IOS § Admin mode allows viewing / configuring shared

resources –  Fabric –  Logical Router –  Package installation


IOS XR CLI: Config Modes

RP/0/0/CPU0:ios#config t RP/0/0/CPU0:ios(config)#interface MgmtEth 0/0/CPU0/0 RP/0/0/CPU0:ios(config-if)# RP/0/0/CPU0:ios# RP/0/0/CPU0:ios#admin RP/0/0/CPU0:ios(admin)#


Active Config

Configuration Database

Active Config

user

= Target Config

User establishes config session

Changes take effect immediately

IOS CLI – Single Stage IOS config model

CLI


Config Change Active Config

Configuration Database

Second Stage First Stage

Commit

Config Change Active Config +

user

= Target Config

User establishes config session

Adds/deletes/modifies configuration; these changes:

•  Are entered in the staging area •  Are validated for syntax and

authorized •  Can be reviewed and modified

Promotes the changes to active configuration; these changes:

•  Are verified for semantic correctness

•  Are check-pointed on the router

IOS XR CLI: Two Stage Config model

CLI


IOS XR CLI: Config Commits

RP/0/0/CPU0:ios#show run int gi0/2/0/0 % No such configuration item(s) RP/0/0/CPU0:iosxr1#conf t RP/0/0/CPU0:iosxr1(config)#interface gig0/2/0/0 RP/0/0/CPU0:iosxr1(config-if)#ipv4 address 100.12.1.1/24 RP/0/0/CPU0:iosxr1(config-if)#commit RP/0/0/CPU0:Apr 24 00:49:28.119 : config[65691]: %MGBL-CONFIG-6-DB_COMMIT : Configuration committed by user 'root'. Use 'show configuration commit changes 1000000036' to view the changes. RP/0/0/CPU0:iosxr1(config-if)#end RP/0/0/CPU0:Apr 24 00:49:30.701 : config[65691]: %MGBL-SYS-5-CONFIG_I : Configured from console by root RP/0/0/CPU0:iosxr1# RP/0/0/CPU0:iosxr1#show run int gigabitEthernet 0/2/0/0 interface GigabitEthernet0/2/0/0 ipv4 address 100.12.1.1 255.255.255.0



Config Database

Running Config

•  Each commit generates record with unique Commit ID or label •  Each commit ID is a rollback point •  Commit Database stores up to 100 rollback points

Config Log: Commit ID# 100 Commit ID# 099 Commit ID# 098 … Commit ID #001

Target Config Commit



§ Commit keyword writes config into Active Config § Supplies a commit ID to help in Config Rollback

–  1000000036 is the commit ID in previous illustration

§ List of commits can be viewed –  History list is maintained

§ Commits can be labeled with user-friendly ‘tags’ –  Eliminates the cumbersome IDs

§ Config restrictions can be imposed based on user –  In previous illustration, the user “root” is indicated


IOS XR CLI: Commit List

RP/0/0/CPU0:ios#show configuration commit list SNo. Label/ID User Line Client Time Stamp ~~~~ ~~~~~~~~ ~~~~ ~~~~ ~~~~~~ ~~~~~~~~~~ 1 1000000037 root con0_0_CPU CLI 01:39:03 UTC Mon Apr 24 2006 2 1000000036 root con0_0_CPU CLI 01:18:10 UTC Mon Apr 24 2006 3 1000000035 root con0_0_CPU CLI 01:00:54 UTC Mon Apr 24 2006

•  Sample Commit List output


IOS XR CLI: Config Rollback

RP/0/0/CPU0:iosxr1#conf t RP/0/0/CPU0:iosxr1(config)#hostname iox-nw06 RP/0/0/CPU0:iosxr1(config)#commit RP/0/0/CPU0:Apr 24 01:00:55.302 : config[65691]: %MGBL-CONFIG-6-DB_COMMIT : Configuration committed by user 'root'. Use 'show configuration commit changes 1000000034' to view the changes. RP/0/0/CPU0:iox-nw06(config)#end RP/0/0/CPU0:iox-nw06# RP/0/0/CPU0:iox-nw06#rollback configuration to 1000000033 Loading Rollback Changes. Loaded Rollback Changes in 1 sec Committing. 3 items committed in 1 sec (2)items/sec Updating.RP/0/0/CPU0:Apr 24 01:01:07.143 : config_rollback[65691]: %MGBL-CONFIG-6-DB_COMMIT : Configuration committed by user 'root'. Use 'show configuration commit changes 1000000035' to view the changes. Updated Commit database in 1 sec Configuration successfully rolled back to '1000000033'. RP/0/0/CPU0:iosxr1# RP/0/0/CPU0:iosxr1#


IOS XR CLI: Config Session locks

§  More than one user can open a target config session at a time §  Provision for multiple users to work on separate target

configurations.

§  Locking the router config prevents changes by other users while someone is already committing the config.

CLI

Config Database

Running Config

RP/0/0/CPU0:ios#configure exclusive RP/0/0/CPU0:ios(config)#hostname iox-nw06-1 RP/0/0/CPU0:ios(config)#commit RP/0/0/CPU0:iox-nw06-1(config)#


IOS XR CLI: Pre-config capabilities

§  Pre-config feature allows configuring physical interfaces before they are inserted into the router.

§  Preconfigured interfaces are not verified or applied until the actual interface with the matching location

§  Allows reduction down time and helps improve operational tasks


IOS XR CLI: Pre-config capabilities

§ Prior to the LC being inserted • Select the interface • Configure the timing (e.g. for SONET controller) • Configure the framing • Configure the IP address

RP/0/0/CPU0:IOX-4(config)#interface preconfigure POS 0/4/1/0 RP/0/0/CPU0:IOX-4(config-if-pre)#ip address 1.1.1.1 255.255.255.0 RP/0/0/CPU0:IOX-4(config-if-pre)#encapsulation ppp RP/0/0/CPU0:IOX-4(config)#controller preconfigure sonet 0/4/0/0 RP/0/0/CPU0:IOX-4(config-sonet)#clock source line


IOS XR CLI: Config error handling

§  Two levels of config error handling

§  Parser/Syntax error –  Identified by the parser when the <return> key is entered

§  Commit error –  Syntactically correct but erroneous from config commit standpoint –  Error details viewed through “show configuration failed” command –  Common reasons for this error include:

•  Non-atomic config sequence •  Lack of predecessor config •  Unsupported config from platform perspective


IOS XR CLI: Config error handling

§  Sample config error from QoS feature

RP/0/0/CPU0:ios#conf t RP/0/0/CPU0:ios(config)#policy p1 RP/0/0/CPU0:ios(config-pmap)#class c0 RP/0/0/CPU0:ios(config-pmap-c)#set precedence 0 RP/0/0/CPU0:ios(config-pmap-c)#commit % Failed to commit one or more configuration items during an atomic operation, no changes have been made. Please use 'show configuration failed' to view the errors RP/0/0/CPU0:ios(config-pmap-c)#show configuration failed !! CONFIGURATION FAILED DUE TO SEMANTIC ERRORS policy-map p1 class c0 set precedence routine !!% Class-map not configured: c0


IOS XR CLI: Summary

§  New CLI features to support IOS XR capabilities §  Maintains consistency with commonly used IOS CLI

§  Allows for greater flexibility in CLI usage

§  Provides various tools for managing configs

§  User accessibility administration has been enhanced


Manageability – Router CLI

§  La configuración se basa en un modelo de dos estados.

§  La configuración “running” o “active” no se puede modificar directamente.

§  Por el contrario el usuario primero entra un primer estado.

§  Debe ser explícitamente promovido para formar parte de la configuración.


Configuracion – Protocolos de Ruteo.


IOS XR: OSPF

56 56 56 © 2003, Cisco Systems, Inc. All rights reserved. Presentation_ID


CLI Comparison

router ospf 99 router-id 1.1.1.1 area 0 interface GigabitEthernet0/2/0/0 cost 20 ! interface FastEthernet0/6/2/0 cost 20 ! ! !

OSPF IOS XR

router ospf 99 router-id 1.1.1.1 log-adjacency-changes network 201.0.0.0 0.0.0.255 area 0 ! interface POS1/0/0 ip address 201.1.1.2 255.255.255.0 ip ospf cost 20

OSPF IOS

show run router ospf


IOS XR: Implementing OSPF



Steps to Enable OSPF

§  Although you can configure OSPF before you configure an IP address, no OSPF routing will occur until at least one IP address is configured.

1. configure 2. router ospf instance-name or router ospfv3 instance-name 3. router-id {ip-address | interface-type interface-number} 4. area area-id 5. interface interface-type interface-number 6. Repeat Step 5 for each interface that will use OSPF. 7. end


IOS XR: Show OSPF commands



show ospf commands router# show ospf

show ospf database

show ospf neighbor


Debug Commands

debug ospf [instance-name] adj

router#

debug ospf [instance-name] hello

debug ospf [instance-name] lsa-generation

debug ospf [instance-name] mpls traffic-eng advertisements

debug ospf [instance-name] nsf

debug ospf [instance-name] packet


IOS XR: Static Routes



Comparison of Cisco IOS Static Route and Cisco IOS XR Static Route

RP/0/1/CPU0:IOS XR#sh run router static router static address-family ipv4 unicast 43.43.44.0/24 Serial0/5/3/3/0:2 43.43.44.44/32 Serial0/5/3/3/0:0 223.255.254.254/32 MgmtEth0/1/CPU0/0 ! address-family ipv6 unicast 5301::1111/128 Serial0/5/3/3/0:0 ! !

Static Route IOS Static Route IOS XR

IOS#sh run | beg ip route 192.1.1.0 ip route 192.1.1.0 255.255.255.0 g4/0 ip route 223.255.254.0 255.255.255.0 10.13.0.1


Steps to Enable Static Route

1. configure 2. router static 3. address-family <Address_Family> 4. (Network/Mask), (Forwarding Interface/IP Address) 5. end


IOS XR: BGP


Agenda

§ BGP Differences from IOS XR

§ BGP Verification commands

§ Distributed BGP

§ Route Policy Language

§ BGP Debugs


Common BGP Architecture

FIB

BGP (spkr, brib)

RIB LSD

Peers BPM

CLI

sysDB

SNMP

XML bgp_show

bgp_clear

config_mgr

BGP Processes: • BGP Process Manager (BPM) • BGP Speaker (BGP) • BGP RIB (bRIB) • Show/Clear/Ltrace


Comparison of Cisco IOS BGP and Cisco IOS XR BGP

IOS BGP Configuration router bgp 1 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 1 neighbor 1.1.1.1 update-source Loopback0 maximum-paths 8 ! address-family ipv4 neighbor 1.1.1.1 activate maximum-paths 8 no auto-summary no synchronization exit-address-family !

RP/0/1/CPU0:IOS XR#sh run router bgp router bgp 300 bgp router-id 2.2.2.2 address-family ipv4 unicast ! neighbor 192.1.1.2 remote-as 400 address-family ipv4 unicast route-policy policy in maximum-prefix 200000 75 warning-only route-policy policy out ! !

IOS XR BGP Configuration


Agenda

§ BGP Differences from IOS & XR




§ BGP Debugs


BGP: Show commands (1/2) RP/0/1/CPU0:Router-5# sh bgp ipv4 unicast summary BGP router identifier 2.2.2.2, local AS number 300 BGP generic scan interval 60 secs BGP table state: Active BGP main routing table version 101 BGP scan interval 60 secs BGP is operating in STANDALONE mode. Process RecvTblVer bRIB/RIB LabelVer ImportVer SendTblVer Speaker 101 101 101 101 101 Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd 192.1.1.2 0 400 2451 2453 101 0 0 00:24:33 100

Show ip bgp summary (IOS)

Show bgp ipv4 unicast summary (IOS XR)


BGP: Show commands (2/2) RP/0/1/CPU0:Router-5# sh bgp neighbor 192.1.1.2 BGP neighbor is 192.1.1.2 Remote AS 400, local AS 300, external link Remote router ID 192.1.1.2 BGP state = Established, up for 00:19:48 Last read 00:00:18, hold time is 90, keepalive interval is 30 seconds Neighbor capabilities: Route refresh: advertised Address family IPv4 Unicast: advertised Received 2440 messages, 0 notifications, 0 in queue Sent 2444 messages, 0 notifications, 0 in queue Minimum time between advertisement runs is 30 seconds <snip>

Show ip bgp neighbor x.x.x.x (IOS)

Show bgp neighbor x.x.x.x (IOS XR)


Agenda





§ BGP Debugs


Standalone BGP - Recap

§ Single process that sends and receives updates and interacts with the RIB

§ Less Overhead

§ Single Node

§ Inferior Scaling


Distributed BGP § Motivation is Scalability – Scale to 1000s of peers

§ Utilize multiple (D)RPs within the system to improve performance and increase scalability

§ BGP contains multiple processes to enable distribution and scaling

– One or more BGP Speakers communicate to peers – Single BGP RIB which receives and computes best_paths

§ Distributed operation mode must be explicitly enabled


BGP Speaker

• Can have multiple BGP speaker instances Explicit configuration assigns peers to a speaker instance

•  Speaker is responsible for Protocol communication with assigned peers handling state machine storing Adj-RIB-In and Adj-RIB-Out running policy over prefixes Partial best path selection

• Communicates with BGP RIB process


BGP RIB (bRIB)

• Only a single instance of BGP RIB within the system • Responsible for :

Computing best path among all best paths received from all BGP Speaker instances Notifying all BGP Speakers of the computed best paths Installing best path routes in the global RIB (gRIB) Receiving redistributed routes Announcing redistributed routes to BGP Speakers


Agenda





§ BGP Debugs


RPL - Motivation

§ Scaling Using route-maps could lead to 100k – 1M lines of configuration (e.g. 1000s of BGP peers).

§ Modularity Exploit modularity to reuse common portions of configuration.

§ Parameterization For elements which are not exact copies of each other we can add parameterization ( think variables ) to get further re-use.

§  Improved Clarity No Silently skipped statements.


RPL Syntax – General Structure

§ RPL is used in 2 steps : Define the policy in configuration mode:

Use the policy in BGP body:

Route-policy <Policy Name> statement A

statement B End-policy

Router bgp 99 neighbor 2.2.2.2 remote-as 1

address-family ipv4 unicast route-policy <policy Name> in/out


RPL Syntax – Salient Features

§ Simple if, then, elseif & else statements.

§ Boolean operators to combine multiple statements.

§ Hierarchical and parameterized policy definitions for modularity.

§ Unordered sets to form operand templates.

§ Protocol specific constructs: as-path, community, med, tag, metric etc.


RPL - Conditional Statements – if

An “if” statement uses a conditional expression to decide which actions or dispositions should be taken for the given route.

If as-path in as-path-set-1 then drop

endif


RPL - Conditional Statements – else if

The “if” statement also permits an “else” clause, which is executed if the expression is false.

if med eq 150 then set local-preference 10 elseif med eq 200 then

set local-preference 60 else set local-preference 0

endif


RPL - Conditional Statements - Nested If

The statements within an if statement may themselves be if statements if community matches-every(12:34,56:78) then if med eq 8 then

drop

endif

set local-preference 100

endif


if med eq 42 and next-hop in (1.1.1.1) then

if med eq 10 and not destination in (10.1.3.0/24) or community is (56:78)

if med eq 10 and (not destination in (10.1.3.0/24)) or community is (56:78 )

RPL - Boolean Expressions

§  Boolean expressions evaluate as either true or false.

§  RPL provides means to build compound conditions by means of boolean operators

§  There are three Boolean operators : –  negation (not) –  conjunction (and) –  disjunction (or).


RPL - Hierarchical Policy

§ A policy which uses another policy within its body

route-policy Inner set weight 100

end-policy

!

route-policy Outer

apply Inner set community (2:666) additive

end-policy

!


RPL – Passing Parameters

§ A hierarchical policy can pass parameters

RP/0/RP0/CPU0:IOS XR#sh run route-policy Inner route-policy Inner($med)

set med $med

end-policy

!

RP/0/RP0/CPU0:IOS XR#sh run route-policy Outer

route-policy Outer

apply Inner(10)

end-policy

!


RPL – Passing Parameters … cont

§ Looping/recursion is not allowed

§ As many layers of hierarchy or parameters that you want

§ Parameters are passed by value only

§ When any policy is modified, that change affects all instances of policy hierarchies that reference the modified policy.


RPL - Sets

§  Collection of unique elements. §  The policy language provides sets as containers for group of values for matching purposes. §  Used in conditional expressions. §  The elements of the set are separated by commas. §  Five Set types:

•  prefix-set •  as-path-set •  community-set •  extcommunity-set •  rd-set


RPL - Prefix Sets §  A prefix-set holds IPv4 and v6 prefix match specifications

§  Each prefix-set has four parts: address mask length minimum matching length (ge) maximum matching length (le)

prefix-set ten 10.0.3.0/24 ge 28,

10.0.4.0/24 le 28,

10.0.5.0/24 ge 26 le 30

end-set


RPL - AS-PATH Sets

§ An as-path-set comprises operations for matching an AS path attribute.

§ The only matching operation is a regular expression match

§ Compatible with the as-regexp provided by IOS in ip as-path access-list

RP/0/RP0/CPU0:IOS XR#sh run as-path-set set as-path-set set

ios-regex '_127$'

end-set

!


RPL - Community Sets

§  A community-set holds community values for matching against the BGP community attribute. §  A community is a 2*16-bit quantity. §  Community value is expressed as two integers separated by a colon.

community-set cset1 12:34,

12:78,

internet

end-set


RPL - Extended Community Set

§ Contains extended community values

§ Supports named forms and inline forms

extcommunity-set rt extcomm-set1 1.2.3.4:666,

1234:666

end-set


RPL - RD Set

§ An rd-set holds a set of RD values to match against VPNv4 routes.

§ Use rd-set to filter VPNv4 routes on inter-AS boundary

rd-set rt rd-set1 1.2.3.4:666,

1234:666,

123:*

end-set


Debug Commands

debug bgp [ip-address]

router#

debug bgp event [ ipv4/ipv6]

debug bgp keepalive [ip-address]

debug bgp rib [{ipv4 | ipv6 | all} {unicast | multicast | all}]

debug bgp policy [ip-address]

debug bgp address-family [{ipv4 | ipv6 | all} {unicast | multicast | all}]


Module 3-2 : IOS XR Quality of Service (QoS)



Quality of Service (QoS) Discussion

•  By the end of this chapter we will see : •  QoS configuration •  QoS show commands •  QoS debug commands •  ACL Configuration


Quality of Service

•  No major difference in CLI configuration between IOS and IOS XR.

•  New CLI command in IOS XR is “show qos interface “


QoS configuration

RP/0/RP0/CPU0:IOS XR# sh run policy-map NW policy-map NW class P1 police rate 2000 kbps priority ! class P2 police rate 2000 kbps burst 1000 bytes ! ! RP/0/RP0/CPU0:IOS XR# show run class-map P1 class-map match-any P1 match precedence priority ! RP/0/RP0/CPU0:IOS XR# show run class-map P2 class-map match-any P2 match precedence immediate !


show qos interface RP/0/RP0/CPU0:IOS XR# show qos interface poS 0/6/0/0 output Interface POS0_6_0_0 -- output policy Total number of classes: 3 ------------------------------------------------------- LEVEL1 class: classid = 0x1 class name = P1 No explicit weight assigned for this class Sharq Queue ID = 10 This Q belongs to Group = 9 Queue Max. BW. = 2396160 kbps TailDrop Threshold(bytes)= 2995200 WRED not configured for this class Policer slot # = 225 Policer avg. kbps = 1953 kbps Policer peak kbps = 0 kbps Policer conform burst configured = 0 Kbits Policer conform burst programmed = 62496 bytes Policer conform action = Just TX Policer conform action value = 0 Policer exceed action = DROP PKT Policer exceed action value = 0 <output omitted>


Debug Commands

debug qos [control | data | dll]

router#


Base Security using ACLs

•  Creating access lists

•  Numbering statements (ACEs)

RP/0/0/0:RP-POD1#conf t RP/0/0/0:RP-POD1(config)#ip access-list Cisco RP/0/0/0:RP-POD1(config-ipv4-acl)#

RP/0/0/0:RP-POD1(config-ipv4-acl)#10 permit ip


ACL editing

§  Adding a line (ACE)

(config-ipv4-acl)# no 20

(config-ipv4-acl)# 30 deny udp any eq netbios-dgm any

•  Removing a line (ACE)


ACL Re-sequencing

•  Sample re-sequenced ACL

resequence ip access-list <tag>

ip access-list Ethernet_In 10 deny udp any eq netbios-ns any 20 deny udp any host 255.255.255.255 eq tftp 30 permit any

•  Re-sequencing ACL


ACL Copying

•  Copying ACLs

RP/0/0/0:rp-router#copy ipv4 access-list pod6 pod6copy

copy ipv4 access-list source-list-name destination-list-name

Router#


Module 4-1 : IOS XR: MPLS Architecture, Configuration and Verification


§ MPLS Infrastructure

§ MPLS LDP

§ MPLS TE and FRR

§ MPLS L3VPN

§ MPLS OAM

Master MPLS Agenda


MPLS Infrastructure


Major MPLS Infrastructural Components

§  MPLS Applications: TE/FRR, LDP §  Routing Protocols: OSPF, ISIS, BGP, static routes, etc §  RIB: Routed Information Base §  LSD: Label Switching Database §  LFD: Label Forwarding Database §  AIB: Adjacency Information Base §  FIB: Forwarding Information Base §  GSP: Group Services Protocol §  BCDL: Bulk Content Downloader


Label Switching and Forwarding Databases

§  LSD- Label Switching Database Resides on the RP and maintains the mapping of input label to output label/interface

§  LFD – Label Forwarding Database Resolves label mapping interface to L2 adjacencies (MAC string, etc) Resides on the LC Programs the forwarding hardware on the LC

§  RP also has a local copy of the LFD, for locally originated packets

LSD RP

LC LFD Hardware AIB

Application (TE,LDP, etc)

LFD


AIB, GSP, BCDL §  Adjacency Information Base (AIB)

keeps the mapping of IP NextHop/Outgoing Interface to L2 information (MAC string, PPP/HDLC rewrite, etc. – media-specific stuff) AIB runs on all LCs and on RP

§  Group Services Protocol (GSP) Reliable multicast mechanism to distribute information from RP to LC. Has regular priority messages and high-priority messages; high priority are used for FRR

§  Bulk Content Downloader (BCDL) Transport mechanism used to distribute forwarding information (both IP and MPLS) to the linecards

LDP/static LSD RP

LC LFD Hardware AIB

Routing Protocol RIB

FIB

(Both RIB and LSD use BCDL)

AIB


LFD/LSD show commands

RP/0/0/CPU0:Rtr#show mpls lsd ? applications Applications registered with LSD

clients Clients connected to LSD

RP/0/0/CPU0:Rtr#show mpls lfd ?

adjacency Display list of adjacencies on interface

fast-reroute Display Fast Reroute database information

timers Display timer information

updates Display internal update queues



§ MPLS LDP

§ MPLS TE and FRR

§ MPLS L3VPN

§ MPLS OAM

Master MPLS Agenda


MPLS LDP


Agenda

§ Basic LDP configuration and verification

§  LDP Inbound label filtering

§  LDP Session Protection

§  LDP-IGP Synchronization

§  LDP Local label allocation control


LDP

§  Like other protocols in IOS XR, LDP has its own configuration submode

§ All LDP configuration takes place in this submode

§  LDP includes Graceful-restart capability but requires neighbor to be ‘GR-capable’ in order for labels to be maintained

§ There is no support for TDP in IOS XR


LDP RP/0/0/CPU0:Rtr(config)#mpls ldp RP/0/0/CPU0:Rtr(config-ldp)#? backoff Configure session backoff parameters discovery Configure discovery parameters explicit-null Configure explicit-null advertisement graceful-restart Configure LDP graceful restart feature holdtime Configure session holdtime interface Enable LDP on an interface and enter interface submode label Configure label advertisement control log Configure log information neighbor Configure neighbor parameters router-id Configure router Id signalling Configure LDP signalling parameters

Must be explicitly configured

RP/0/0/CPU0:Rtr(config-ldp)#interface pos0/6/0/2

RP/0/0/CPU0:Rtr(config-ldp-if)#?

discovery Configure interface LDP discovery parameter

§  LDP is enabled on an interface via the interface submode underneath the LDP submode


Show mpls forwarding/ Show mpls interfaces

RP/0/0/CPU0:Rtr#show mpls forwarding Local Outgoing Prefix Outgoing Next Hop Bytes T

Label Label or ID Interface Switched O

------ ----------- ----------------- ------------ --------------- ----------- -

17 Pop Label 192.168.1.1/32 PO0/6/0/2 192.168.6.1 0

18 Pop Label 192.168.1.3/32 PO0/6/0/0 192.168.7.3 0

19 Unlabelled 192.168.1.4/32 PO0/6/0/1 192.168.8.5 0

20 Unlabelled 192.168.1.5/32 PO0/6/0/1 192.168.8.5 0

21 29 192.168.1.6/32 PO0/6/0/2 192.168.6.1 0

22 30 192.168.1.7/32 PO0/6/0/0 192.168.7.3 0

Unlabelled 192.168.1.7/32 PO0/6/0/1 192.168.8.5 0

RP/0/0/CPU0:Rtr#show mpls interfaces

Interface LDP Tunnel Enabled

-------------------------- -------- -------- --------

POS0/6/0/0 Yes Yes Yes

POS0/6/0/1 No Yes Yes

POS0/6/0/2 Yes Yes Yes


Show mpls ldp RP/0/0/CPU0:Rtr#show mpls ldp ? backoff Session Backoff table information bindings Label Information Base (LIB) information discovery LDP Discovery Hello Information forwarding Forwarding entries information graceful-restart Graceful Restart feature information neighbor Neighbor information parameters Configuration parameter information statistics Statistics information summary Summarized information tech-support Output show commands of interest for MPLS LDP debugging


Debugging LDP

RP/0/0/CPU0:Rtr#debug mpls ldp ? advertisements LDP label and address

advertisments

backoff LDP session establishment backoff

bindings LDP label bindings changes

chkpt LDP Data Checkpoint events

config LDP config events

control LDP label and address control

errors LDP errors

fib LDP and FIB interaction events

graceful-restart LDP Graceful Restart events

interface LDP interface and ifmgr events

memory LDP memory events

messages LDP messages

mfi LDP MFI (LSD) interactions

§  debug mpls ldp has 20+ options to it §  Some are for external things (signalling messages, etc) §  Some are for internals (FIB interactions, HA data checkpointing, etc) §  Very similar to IOS’ debug capabilities §  Per-interface and ACL support where it makes sense

process LDP process events

rewrite-db LDP forwarding rewrite database events

session LDP session

targeted-neighbors LDP targeted neighbors events

timers LDP timer events

transport LDP transport and discovery

warnings LDP warnings

<cr>


Agenda







LDP Inbound label filtering •  Controls receipt of incoming labels (remote bindings) for a set of

prefixes from a peer. •  The configuration is specified using prefix-acl per-nbr.

RP/0/0/CPU0:Rtr# show run mpls ldp label mpls ldp label accept for pfx-acl1 from 1.1.1.1 for pfx-acl3 from 3.3.3.3 ! ! !

RP/0/0/CPU0:Rtr(config-ldp)# label accept for prefix-acl from peer-ip-address


LDP Inbound label filtering Verification

show mpls ldp neighbor ip-address detail

RP/0/0/CPU0:Rtr# show mpls ldp neighbor 3.3.3.3 detail Peer LDP Identifier: 3.3.3.3:0 TCP connection: 3.3.3.3:20635 - 1.1.1.1:646 Graceful Restart: Yes (Reconnect Timeout: 120 sec, Recovery: 180 sec) Session Holdtime: 180 sec State: Oper; Msgs sent/rcvd: 52/51 Up time: 00:30:05 LDP Discovery Sources: POS0/2/0/2 POS0/2/0/3 Addresses bound to this peer: 10.1.0.3 10.0.0.3 10.1.0.3 11.2.3.13 3.3.3.3 3.0.0.1 3.0.0.2 3.0.0.3 Peer holdtime: 180 sec; KA interval: 60 sec; Peer state: Estab Inbound label filtering: accept acl 'pfx-acl3'

Displays lnbound label filtering status for given neighbor


Agenda







Rtr1

Rtr3

Rtr Rtr4

LDP IGP Sync

CE1 CE2

Network x Network y

§  Problem: Traffic hit on link up when IGP converges before MPLS (LDP) Traffic loss when no LDP session on outbound interfaces

§  Solution: Makes sure that no traffic is routed towards links on which MPLS (LDP) is not yet converged. Synchronize IGP with LDP so that LDP controls IGP metric for given link, depending on LDP state on given link. A link is advertised by IGP with max metric if LDP session is not yet up or not yet converged (label bindings exchange).


LDP IGP Sync (cont’d)

RP/0/0/CPU0:Rtr(config-isis-if-af)# mpls ldp sync [ level <1-2> ]

•  IGP sync feature enabled only under IGP

RP/0/0/CPU0:Rtr(config-ldp)# igp sync delay seconds

•  New debug to debug LDP IGP sync events:

debug mpls ldp igp sync [ interface intf-name ]

RP/0/0/CPU0:Rtr(config-ospf)#, (config-ospf-ar)# (config-ospf-ar-if)# mpls ldp sync

•  To delay declaring sync up, a delay time can be configured under LDP:

•  Enabling IGP sync feature for OSPF

•  Enabling IGP sync feature for ISIS


RP/0/0/CPU0:Rtr# show mpls ldp igp sync [ interface intf-name ] RP/0/0/CPU0:Rtr# show ospf num interface [ intf-name ] RP/0/0/CPU0:Rtr# show isis num interface [ intf-name ]

RP/0/0/CPU0:Rtr# show mpls ldp igp sync POS0/2/0/1: Sync status: Ready Peers: 3.3.3.3:0 (GR) POS0/2/0/2: Sync status: Not ready (Deferred; 23 sec remaining) POS0/2/0/3: Sync status: Not ready

LDP IGP Sync - Display LDP IGP sync status for links

RP/0/0/CPU0:Rtr# show ospf 100 interface POS 0/2/0/1 | inc LDP LDP Sync Enabled, Sync Status: Achieved

RP/0/0/CPU0:Rtr# show isis 100 interface POS 0/2/0/1 | inc LDP LDP Sync Enabled, Sync Status: Achieved



§ MPLS LDP

§ MPLS L3VPN

Master MPLS Agenda


IOS XR L3VPN


Agenda

§  L3 VPN features

§ Distinguishing features of IOS XR

§  L3VPN Infrastructure

§  L3VPN Configuration

§  L3VPN Verification and Troubleshooting


L3VPN Features

§ Basic L3VPN PE-CE protocols: eBGP, OSPF, EIGRP, RIP, Static MPLS Transport for the core: LDP, RSVP-TE

§  Inter-AS All options: Option A, B, & C

§  Label Allocation Schemes Per-prefix, Per-CE, Per-VRF Per-prefix is the default allocation mode.


L3VPN Features

§ Site Of Origin

§  as-override

§  remove private-as

§ VRF prefix-limit

§  allow-as in

§  retain route-target

§ …


Agenda

§  L3 VPN features

§ Distinguishing features of IOS XR

§  L3VPN Infrastructure




Distinguishing features of IOS XR

§  Event based import processing

§  Auto-RD – to automatically allocate RD

§  Label allocation schemes

§  Distributed BGP support

§  Automatic trigger of Route-Refresh upon RT config change


Agenda

§  L3VPN features




Configuration

138 138 138


BGP Configuration Configuring PE/RR IBGP vpnv4 neighbors

router bgp 100

bgp router-id 100.100.100.100

address-family vpnv4 unicast

neighbor 168.1.1.1

remote-as 100


!


VRF Configuration

Configuring the VRF in the Global Mode vrf vpn1

description foo router-id 1.1.1.1 address-family ipv4 unicast

import route-target 100:1 export route-target 200:1 import route-policy vpn1-import export route-policy vpn1-export

!

Assigning interface to VRF interface g0/1/0/2

vrf vpn1 ipv4 address 1.1.1.2/24

!


Configuring CE neighbors BGP PE-CE Configuration

router bgp 100

bgp router-id 100.100.100.100


vrf vpn1

rd [auto | 100:1]

label-allocation-mode [per-ce | per-vrf]

address-family ipv4 unicast

neighbor 1.1.1.1

remote-as 65523


route-policy vpn1-in in

route-policy vpn1-out out

!


OSPF PE-CE Configuration

router ospf 100

vrf vpn1

router-id 100.100.100.100

domain-id type 0005 value 000102030405

domain-tag 101

redistribute bgp 100 route-policy policy1

area 0

interface g0/1/0/2

!


BGP Configuration Configuring EBGP ipv4+label neighbors

router bgp 100 bgp router-id 100.100.100.100


neighbor 168.1.1.1

remote-as 100


neighbor 145.1.1.1

remote-as 101

address-family ipv4 label-unicast

send-label route-policy label-policy

!


BGP Configuration – Inter-AS Configuring ASBR neighbors

router bgp 100

bgp router-id 100.100.100.100


allocate-label route-policy vpn1-label

neighbor 1.1.1.1

remote-as 65523

address-family ipv4 labeled-unicast

route-policy vpn1-label-in in


route-policy vpn1-in in

route-policy vpn1-out out

!


Sample Configuration DRP/0/2/CPU1:Rtr#sh run router bgp router bgp 1 bgp router-id 10.0.0.1 address-family ipv4 unicast ! address-family vpnv4 unicast ! neighbor-group v4-CE address-family ipv4 unicast route-policy pass-all in route-policy pass-all out ! ! neighbor-group v4-PE address-family vpnv4 unicast ! ! neighbor-group v4-EBGP address-family ipv4 unicast route-policy pass-all in route-policy pass-all out ! ! neighbor-group v4-IBGP address-family ipv4 unicast

neighbor 11.0.1.2 remote-as 2 use neighbor-group v4-EBGP description ipv4 unicast EBGP ! neighbor 11.0.2.2 remote-as 1 use neighbor-group v4-IBGP description ipv4 unicast IBGP ! neighbor 11.0.4.2 remote-as 1 use neighbor-group v4-PE description vpnv4 unicast PE ! vrf t1 rd auto bgp router-id 10.1.0.1 address-family ipv4 unicast ! neighbor 11.0.3.2 remote-as 1001 use neighbor-group v4-CE !


Agenda

§  L3VPN features




Show commands- Examples RP/0/5/CPU0:Rtr#sh ospf 1 vrf blue neighbor Neighbors for OSPF 1, VRF blue Neighbor ID Pri State Dead Time Address Interface 140.10.10.2 1 FULL/ - 00:00:38 145.10.10.2 POS0/3/0/0 Neighbor is up for 2w1d Total neighbor count: 1

RP/0/5/CPU0:Rtr#sh ospf vrf all neighbor Neighbors for OSPF 1, VRF blue Neighbor ID Pri State Dead Time Address Interface 140.10.10.2 1 FULL/ - 00:00:36 145.10.10.2 POS0/3/0/0 Neighbor is up for 3d13h Total neighbor count: 1


BGP: Show & Debug commands

show bgp vrf <name> [summary] [labels] show bgp vpnv4 unicast [summary] [labels] Show bgp vpnv4 unicast [rd <rd> <prefix>] show bgp vrf <name> [<prefix>] [bestpath-compare] show bgp vrf <name> [imported-routes]

debug bgp [vrf <name>]

[<afi> <safi>] [io | rib | label | import | update | …]


Show commands

Show bgp vpnv4 unicast summary DRP/0/2/CPU1:Rtr#show bgp vpnv4 u sum BGP router identifier 10.0.0.1, local AS number 1 BGP generic scan interval 60 secs BGP table state: Active BGP main routing table version 59 BGP scan interval 60 secs BGP is operating in STANDALONE mode. Process RecvTblVer bRIB/RIB LabelVer ImportVer SendTblVer Speaker 59 59 59 59 59 Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd 11.0.4.2 0 1 17 24 59 0 0 00:09:10 5


IOS XR Operational Tools


Contents

§ Process Management

§ Memory Management

§ System Monitoring

§ Configuration Management

§ Data Collection Scripts

§ Miscellaneous


Process Management


Process Management

•  Process An executable portion of code run within its own memory space

•  Threads A process may contain one or more threads A thread is a ‘sub-process’ managed by the parent responsible for executing a portion of the overall process For example, OSPF has a thread which handles ‘hello’ receipt and transmission A thread may only run when the parent process is allocated runtime by the system scheduler. A process with threads is said to be ‘multi-threaded’


Process Management

•  Job ID# Each process is allocated a Job ID# or JID when it is first run. The Job ID remains associated with the process even if the process is stop and restarted

•  Process ID# Also known as the PID. Each process is also allocated a ‘PID’ when it is first run. The PID will change if the process is stopped and restarted

•  Thread ID# Also known as the TID. If a process contains threads, each is assigned a TID# associated with the PID/JID

•  DLL Processes may call and access Dynamic Link Libraries which is a method for sharing portions of code. Processes will dynamically load the required DLL at runtime


Process Management

§ Basic command show process

§ Process restart-ability process restart <process name | number> <option>

§ Monitor commands: monitor processes

monitor threads (or top)

§ Troubleshooting commands: show exception, exception

dumpcore

show context, clear context

process core

follow process


‘Show process’ command

RP/0/RP1/CPU0:IOSXR# show process ? <0-4294967295> job id WORD Name of the executable aborts Show process aborts all Show process data for all processes blocked Show detail for reply/send/mutex blocked processes. boot Show process boot info cpu Show CPU use per process distribution Show distribution of processes dynamic Show process data for dynamically created processes failover Show process failover info family Show process family information. files Show file and channel use per process location location to display log Show process log mandatory Show process data for mandatory processes memory Show memory use per process searchpath Show the search path signal Show signal use for processes. startup Show process data for processes created at startup threadname Show thread names.

Enter a name or number to select a process to view

Use this option to see processes in a ‘stuck’ state waiting for a response from another process

Use this option to see processes on a remote node – this may be an RP or an LC


‘Show process’ command RP/0/RP1/CPU0:IOSXR# show process snmpd Job Id: 288 PID: 143532 Executable path: /disk0/hfr-base-3.2.85/bin/snmpd Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 1 Max. spawns per minute: 12 Last started: Mon May 9 15:32:22 2005 Process state: Run Package state: Normal Started on config: cfg/gl/snmp/admin/community/ww core: TEXT SHAREDMEM MAINMEM Max. core: 0 startup_path: /pkg/startup/snmpd.startup Ready: 11.636s Process cpu time: 45.821 user, 5.058 kernel, 50.879 total JID TID Stack pri state HR:MM:SS:MSEC NAME 288 1 96K 10 Condvar 0:00:29:0500 snmpd 288 2 96K 10 Receive 0:00:00:0049 snmpd 288 3 96K 10 Receive 0:00:01:0427 snmpd 288 4 96K 10 Receive 0:00:04:0505 snmpd 288 5 96K 10 Condvar 0:00:00:0000 snmpd 288 6 96K 10 Receive 0:00:09:0788 snmpd 288 7 96K 10 Condvar 0:00:00:0042 snmpd 288 8 96K 10 Receive 0:00:00:0011 snmpd

SNMP Process contains 8 threads which operate under JID 288


Process Restartability

RP/0/RP1/CPU0:IOSXR# process ? <0-4294967295> job id WORD Name of the executable blocked process blocked, capture state crash crash a process mandatory set mandatory reboot settings restart restart a process shutdown kill/stop a process start start a process

Immediate termination of process – designed for test purposes rather than regular operation

Both ‘restart’ and ‘shutdown’ provide graceful termination of a process

RP/0/RP1/CPU0:IOSXR# show process snmpd

Job Id: 288 PID: 143532 Executable path: /disk0/hfr-base-3.2.85/bin/snmpd Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 1 Max. spawns per minute: 12 Last started: Mon May 9 15:32:22 2005 Process state: Run Package state: Normal Started on config: cfg/gl/snmp/admin/community/ww core: TEXT SHAREDMEM MAINMEM

...

Example of a process in normal ‘run’ state


RP/0/RP1/CPU0:IOSXR# process shutdown snmpd RP/0/RP1/CPU0:IOSXR# show processes snmpd Job Id: 288 PID: 143532 Executable path: /disk0/hfr-base-3.2.85/bin/snmpd Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 1 Max. spawns per minute: 12 Last started: Mon May 9 15:32:22 2005 Process state: Killed (last exit status : 15) Package state: Normal Registered item(s): cfg/gl/snmp/ cfg/gl/udpsnmp/ cfg/gl/mibs/ core: TEXT SHAREDMEM MAINMEM Max. core: 0 startup_path: /pkg/startup/snmpd.startup Ready: 11.636s

Process Restartability

Process state reported as ‘killed’

Configuration entries in Sysdb associated with this process


RP/0/RP1/CPU0:IOSXR# process restart snmpd RP/0/RP1/CPU0:IOSXR# show processes snmpd Job Id: 288 PID: 8528114 Executable path: /disk0/hfr-base-3.2.85/bin/snmpd Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 2 Max. spawns per minute: 12 Last started: Thu May 12 11:46:38 2005 Process state: Run (last exit status : 15) Package state: Normal Started on config: cfg/gl/snmp/admin/community/ww core: TEXT SHAREDMEM MAINMEM Max. core: 0 startup_path: /pkg/startup/snmpd.startup Ready: 6.657s Process cpu time: 0.721 user, 0.145 kernel, 0.866 total

Process Restart-ability

JID# remains constant, PID# changed on restart

Respawn counter incremented with process restart

Process state reports ‘Run’ plus last termination code


RP/0/RP1/CPU0:IOSXR# process crash snmpd RP/0/RP1/CPU0:IOSXR#sh processes snmpd Job Id: 288 PID: 10961090 Executable path: /disk0/hfr-base-3.2.85/bin/snmpd Instance #: 1 Version ID: 00.00.0000 Respawn: ON Respawn count: 3 Max. spawns per minute: 12 Last started: Fri May 20 14:32:53 2005 Process state: Run (last exit due to SIGSEGV) Package state: Normal Started on config: cfg/gl/snmp/admin/community/ww core: TEXT SHAREDMEM MAINMEM Max. core: 0 startup_path: /pkg/startup/snmpd.startup Ready: 2.001s Process cpu time: 1.539 user, 0.258 kernel, 1.797 total

Process Crash

Process will be automatically restarted if Respawn state is set to ‘ON’

Respawn counter incremented on restart

Process state reports last termination state as Signalled Segmentation Fault


Process Crash

RP/0/RP1/CPU0:IOSXR# process crash snmpd RP/0/RP1/CPU0: 14:32:48.464 : sysmgr_control[65730]: %OS-SYSMGR-4-PROC_CRASH_NAME : User lab (con0_RP1_CPU0) requested a crash of process snmpd RP/0/RP1/CPU0: 14:32:48.474 : sysmgr[73]: %OS-SYSMGR-4-WARNING : Sending signal 11 to snmpd jid=288/pid=10948823 RP/0/RP1/CPU0: 14:32:48.492 : dumper[54]: %OS-DUMPER-4-SIGNALCORE_INFO : Core for pid = 10948823 (pkg/bin/snmpd) as signal 11 sent by pkg/bin/sysmgr@node0_RP1_CPU0 RP/0/RP1/CPU0: 14:32:50.081 : dumper[54]: %OS-DUMPER-5-CORE_FILE_NAME : Core for process pkg/bin/snmpd at harddisk:/dumper/snmpd.by.sysmgr.node0_RP1_CPU0.ppc.Z RP/0/RP1/CPU0: 14:32:53.506 : dumper[54]: %OS-DUMPER-5-DUMP_SUCCESS : Core dump success RP/0/RP1/CPU0: 14:32:53.625 : sysmgr[73]: snmpd(1) (jid 288) abnormally terminated, restart scheduled

Log message notes that user ‘Lab’ initiated crash request

Log messages generated on process crash

Identification of JID#/PID# that crash signal is being sent to

Message identifying location of coredump generated by process crash

Automatic restart since Respawn is set to ‘ON’ for this process


‘Monitor process’ command

• Command provide Unix ‘top’ like information

• Displays details on number of running processes, CPU and memory utilization

•  Automatically updates every 10 seconds

• Can specify the location of the node that you wish to monitor, for example 0/RP0/CPU0 or 0/2/CPU0

•  To change the parameters displayed by monitor processes, enter one of the interactive commands eg. ? to get help, n for the number of entries, t – sorted on cpu time, q to quit


‘Monitor process’ command 233 processes; 788 threads; 4663 channels, 5906 fds CPU states: 94.8% idle, 4.1% user, 1.0% kernel Memory: 4096M total, 3599M avail, page size 4K JID TIDS Chans FDs Tmrs MEM HH:MM:SS CPU NAME 1 26 236 183 1 0 67:18:56 1.06% procnto-600-smp-cisco… 256 5 39 21 4 292K 0:02:44 0.79% packet 69 10 454 9 3 2M 0:33:07 0.62% qnet 331 8 254 21 13 2M 0:15:20 0.52% wdsysmon 55 11 23 15 6 36M 0:31:18 0.50% eth_server 241 12 96 83 13 1M 0:04:54 0.37% netio 171 15 97 44 9 2M 0:03:33 0.12% gsp JID TIDS Chans FDs Tmrs MEM HH:MM:SS CPU NAME 55 11 23 15 6 36M 0:00:00 0.00% eth_server 155 1 7 18 4 12M 0:00:00 0.00% fgid_server 100 2 11 16 3 11M 0:00:00 0.00% fgid_aggregator 257 8 16 36 3 8M 0:00:00 0.00% parser_server 65554 7 16 3 3 7M 0:00:00 0.00% devb-ata 53 5 237 633 0 4M 0:00:00 0.00% dllmgr 121 11 48 67 19 3M 0:00:00 0.00% bgp

t - Sort on CPU time

m - Sort on memory usage


Memory Management


Memory Management

§  Global memory: show memory summary

§  Process memory show memory

show process memory

show dll memory

show memory heap

show memory compare

§  How to troubleshoot memory leaks – Use commands: monitor process

show process memory

show memory

follow

show memory compare


Global memory

§  Physical Memory - amount of physical memory installed on the device

§  Application Memory - memory available for the system to use (total memory minus image size, reserved, and flashfsys)

§  Image - size of the bootable image

§  Reserved - amount of space reserved for packet memory

§  IOMem - IO memory—currently used as a backup for packet memory

•  Flashfsys - flash file system memory

RP/0/RP1/CPU0:IOSXR# show memory summary Physical Memory: 4096M total Application Memory : 3951M (3600M available) Image: 16M (bootram: 16M) Reserved: 128M, IOMem: 2028M, flashfsys: 0 Total shared window: 8M


Process memory RP/0/RP1/CPU0:IOSXR# show memory 288 ... pkg/bin/snmpd: jid 288 Address Bytes What 480b9000 4096 Program Stack (pages not allocated) 480ba000 122880 Program Stack (pages not allocated) ... 48200000 290816 Shared Memory 48247000 77824 Program Text or Data 4825a000 4096 Program Text or Data 4825b000 16384 Allocated Memory ... 482cd000 126976 Allocated Memory 60100000 401408 Shared Memory 6022e000 49152 Shared Memory 6023a000 4096 Shared Memory 6034f000 966656 Reserved Memory 6043b000 126976 Shared Memory fc01b000 4096 DLL Data libikeparse.dll fc0c2000 24576 DLL Text libsnmpmib_ios.dll fc0cb000 4096 DLL Data fd11f000 57344 DLL Data libsnmpmib.dll fd12d000 32768 DLL Text libentityapi.dll fd135000 45056 DLL Text libinventoryci.dll fd144000 4096 DLL Data fd17b000 4096 DLL Data libifmibapi.dll fd550000 28672 DLL Text libifmib.dll fd6ac000 73728 DLL Text libifmibapi.dll fd6be000 69632 DLL Text libinterface_ci.dll Total Allocated Memory: 593920 Total Shared Memory: 1806336

Starting address in memory

Size of memory allocated


‘Show memory compare’ command

•  This command makes use of show memory heap and allows users to display details about heap memory usage for all processes on the router at different moments in time and compare the results - useful for detecting patterns of memory usage during events such as restarting processes or looking for memory leaks

•  Process how to use the command: 1.  show memory compare start

Takes the initial snapshot of heap usage 2.  show memory compare end

Takes the second snapshot of heap usage 3.  show memory compare report

Displays the heap memory comparison report


‘Show memory compare’ command

RP/0/RP1/CPU0:IOSXR# show memory compare start Successfully stored memory snapshot /harddisk:/malloc_dump/memcmp_start.out RP/0/RP1/CPU0:IOSXR# show memory compare end Successfully stored memory snapshot /harddisk:/malloc_dump/memcmp_end.out RP/0/RP1/CPU0:IOSXR# show memory compare report JID name mem before mem after difference mallocs restart --- ---- ---------- --------- ---------- ------- ------- 57 i2c_server 11756 11916 160 1 283 shelfmgr 273508 273460 -48 -1 121 bgp 2522256 2522208 -48 -1 69 qnet 2013844 2013196 -648 -27 234 lpts_pa 408536 407632 -904 -14 224 isis 3089108 3087900 -1208 0 314 tcp 247196 245740 -1456 -9 241 netio 808136 806464 -1672 -46 You are now free to remove snapshot memcmp_start.out and memcmp_end.out under /harddisk:/malloc_dump


System Monitoring


System Monitoring

§ Commands show tech

show system verify

monitor interface

monitor controller


‘Show tech’ command •  Traditional dump of configuration and show command outputs but can be focussed on functional areas

RP/0/RP1/CPU0:CRS_IOX# show tech-support ?

bcdl Output show commands of interest for bcdl debugging cef Output show commands of interest for CEF debugging file Specify a valid file name (e.g. disk0:tmp.log) gsp Output show commands of interest for gsp debugging install Show install information for Tech-support isis Show IS-IS-related diagnostics for Tech-support mpls Output show commands of interest for MPLS debugging multicast Show multicast related information ospfv3 Output show commands for OSPFv3 debugging password Include password in output placement Gather lots of information about process placement platform show tech-support platform output rib Show IP RIB related information routing Routing show tech-support output terminal Send output to terminal

RP/0/RP1/CPU0:CRS_IOX#show tech-support cef ipv4 location ? 0/2/CPU0 Fully qualified location specification 0/3/CPU0 Fully qualified location specification 0/5/CPU0 Fully qualified location specification 0/RP0/CPU0 Fully qualified location specification 0/RP1/CPU0 Fully qualified location specification WORD Fully qualified location specification


Trace functionality

RP/0/RP1/CPU0:CRS1_1# sh cef trace tailf 4 unique entries (128 possible, 0 filtered)May 19 23:37:04.172 ipv4_fib/ipv4_fib_mgr_unique 0/RP1/CPU0 1# IP-CEF platform creates hash set to TRUE. May 20 07:04:41.574 ipv4_fib/ipv4_fib_mgr_unique 0/RP1/CPU0 5# IP-CEF-Error: Doesn't own external adjacency for 1.1.1.100/32 path 0 May 20 07:04:41.574 ipv4_fib/ipv4_fib_mgr_unique 0/RP1/CPU0 5# IP-CEF-Error: Doesn't own external adjacency for 10.1.2.0/24 path 0 May 20 07:04:41.574 ipv4_fib/ipv4_fib_mgr_unique 0/RP1/CPU0 5# IP-CEF-Error: Doesn't own external adjacency for 10.1.3.0/24 path 0 102 wrapping entries (10240 possible, 0 filtered, 102 total) May 19 23:37:04.174 ipv4_fib/ipv4_fib_mgr_low 0/RP1/CPU0 t1 IP-CEF-Event: Spawning CEF periodic thread May 19 23:37:04.174 ipv4_fib/ipv4_fib_mgr_low 0/RP1/CPU0 t1 IP-CEF-Event: Spawning CEF main thread May 19 23:37:04.199 ipv4_fib/ipv4_fib_mgr_low 0/RP1/CPU0 t3 IP-CEF-EA: Connected to IMP May 19 23:37:04.207 ipv4_fib/ipv4_fib_mgr_hi 0/RP1/CPU0 t1 IP-CEF-Event: Connected to netio May 19 23:37:04.218 ipv4_fib/ipv4_fib_mgr_errors 0/RP1/CPU0 t1 IP-FIB:fib_pfi_if_connect pfi_ifh_bind failed : 0x434e8c00, 'pfi-ifh' detected the 'warning' condition 'Failed to contact the IFH server'

•  Many major functions have ‘trace’ functionality to show the last actions it conducted – a form of ‘always-on’ debug

RP/0/RP1/CPU0:CRS1_1# sh sysmgr trace tailf May 19 23:33:17.912 sysmgr/global 0/RP1/CPU0 1# t1 SYSMGR_INIT jid=0 UNKNOWN May 20 00:27:50.879 sysmgr/global 0/RP1/CPU0 4# t13 [unknown 0x10a/1] 0x00000005 May 20 05:02:59.839 sysmgr/global 0/RP1/CPU0 1# t11 FAILOVER jid=0 UNKNOWN May 20 05:03:15.473 sysmgr/global 0/RP1/CPU0 105# t11 PROC_NOTIFY jid=206 ipv4_smiap May 20 05:04:15.583 sysmgr/global 0/RP1/CPU0 20# t13 PROC_EXIT jid=312 sysmgr_preload_dll May 20 07:04:41.509 sysmgr/global 0/RP1/CPU0 61# t14 PROC_AVAIL jid=340 mpls_ldp May 20 14:32:53.625 sysmgr/global 0/RP1/CPU0 2# t11 PROC_ABORT jid=288 snmpd status=139 May 20 14:32:53.996 sysmgr/global 0/RP1/CPU0 213# t11 PROC_START jid=288 snmpd May 20 14:32:55.637 sysmgr/global 0/RP1/CPU0 209# t11 PROC_READY jid=288 snmpd


‘Monitor interface’ command

RP/0/RP1/CPU0:CRS1_1# monitor interface mgmtEth 0/rp1/CPU0/0

CRS1_1 Monitor Time: 00:00:52 SysUptime: 16:33:16 MgmtEth0/RP1/CPU0/0 is up, line protocol is up Encapsulation ARPA

Traffic Stats:(5 minute rates) Delta Input Packets: 313326 17 Input pps: 5 Input Bytes: 34467898 1033 Input Kbps: 3 Output Packets: 37633 4 Output pps: 0 Output Bytes: 2034463 244 Output Kbps: 0

Errors Stats: Input Total: 1 0 Input CRC: 0 0 Input Frame: 0 0 Input Overrun: 0 0 Output Total: 0 0 Output Underrun: 0 0

Quit='q', Freeze='f', Thaw='t', Clear='c', Interface='i', Detail='d', Brief='b', Next='n', Prev='p'

•  per interface reporting (requires MGBL package)


‘Monitor interface’ command

RP/0/RP1/CPU0:CRS1_1# monitor interface all

CRS1_1 Monitor Time: 00:00:55 SysUptime: 16:35:50

Interface Encap Input Output Input Output pps pps Kbps Kbps MgmtEth0/RP0/CPU0/0 ARPA 4 0 2 0

MgmtEth0/RP1/CPU0/0 ARPA 4 0 2 0

POS0/4/0/0 HDLC 1230 0 542210 0

POS0/4/0/3 HDLC 0 0 0 0

POS0/4/0/6 PPP 0 0 0 0

POS0/4/0/7 HDLC 0 1230 0 542210

Quit='q', Freeze='f', Thaw='t', Clear='c', Next set='n', Prev set='p'

•  or all interfaces in the system


‘Monitor controller sonet’ command

RP/0/RP1/CPU0:CRS1_1# monitor controller sonet 0/2/0/0

equinox Monitor Time: 00:00:47 SysUptime: 172:31:04

Controller for SONET0_2_0_0

Controller Stats: Delta Path LOP 0 ( 0 per-sec) 0 Path AIS 0 ( 0 per-sec) 0 Path RDI 0 ( 0 per-sec) 0 Path BIP 0 ( 0 per-sec) 0 Path FEBE 0 ( 0 per-sec) 0 Path NEWPTR 0 ( 0 per-sec) 0 Path PSE 0 ( 0 per-sec) 0 Path NSE 0 ( 0 per-sec) 0 Line AIS 0 ( 0 per-sec) 0 Line RDI 0 ( 0 per-sec) 0 Line BIP 0 ( 0 per-sec) 0 Line FEBE 0 ( 0 per-sec) 0 Section LOS 0 ( 0 per-sec) 0 Section LOF 0 ( 0 per-sec) 0 Section BIP 0 ( 0 per-sec) 0

Quit='q', Freeze='f', Thaw='t', Clear='c', Select controller='s'


Logging archive

RP/0/RP1/CPU0:ios(config)#logging archive ?

archive-length The maximum no of weeks of log to maintain archive-size The total size of the archive device Configure the archive device file-size The maximum file size for a single log file. frequency The collection interval for logs severity The minimum severity of log messages to archive <cr>

RP/0/RP1/CPU0:ios(config)#logging archive device ?

disk0 Use disk0 as the archive device disk1 Use disk1 as the archive device harddisk Use harddisk as the archive device

•  use disk devices to store syslogs

•  Options must be set for function to work •  recommended defaults:

•  archive-length = 4 weeks •  archive-size = 300 MB •  device = harddisk •  file size = 5 MB •  frequency = daily •  severity = informational

RP/0/8/CPU0:PE1#sh run logging archive logging archive device harddisk severity informational file-size 5 frequency daily archive-size 300 archive-length 4

presentacion xr.pdf

Documents