PFR lab2 – Dynamic routing base on source prefixes.

Objetivo: Implementar PFRv2 en un escenario y realizar el enrutamiento dinámico basado en los prefijos de las subnets que originan el tráfico.

Topología:

Configs.

PFRMaster:
!
hostname PFRMaster
!
key chain 2
key 1
key-string password1
key chain 1
key 1
key-string password2
!
pfr master
policy-rules MYMAP
logging
!
border 10.18.2.3 key-chain 2
interface FastEthernet1/0 external
link-group DOWN
interface FastEthernet0/0 internal
!
border 10.18.2.2 key-chain 1
interface FastEthernet1/0 external
link-group UP
interface FastEthernet0/0 internal
!
learn
traffic-class filter access-list BLOCK-LEARN
Define learning parameters, disable global learning. La acl referenciada deniega todo el tráfico ip. También podría utilizarse para limitar.
list seq 10 refname CHITO-BRANCH
traffic-class access-list CHITO filter BRANCH
Perform this task at the master controller to define a learn list that will contain traffic classes that are automatically learned by PfR using an access list to create customized application traffic classes.

En este caso la acl se corresponde con los prefijos fuentes y el filtro está relacionado con los prefijos de destino.
throughput
delay threshold 200
resolve delay priority 1 variance 10
!
interface FastEthernet0/0
ip address 10.22.26.2 255.255.255.252
no ip route-cache
!
interface FastEthernet1/0
ip address 10.18.2.1 255.255.255.248
!
router eigrp 1
network 10.0.0.0
!
ip access-list extended BLOCK-LEARN
deny   ip any any
ip access-list extended CHITO
permit ip 10.22.29.0 0.0.0.31 any
!
ip prefix-list BRANCH seq 10 permit 10.0.0.0/24
!
pfr-map MYMAP 10
match pfr learn list CHITO-BRANCH
set mode monitor fast
set active-probe echo 10.0.0.1
set probe frequency 10
set link-group UP fallback DOWN
!
end

!
PFRBorder1:
!
hostname PFRBorder1
!
key chain 1
key 1
key-string password1
!
pfr border
logging
local FastEthernet0/0
master 10.18.2.1 key-chain 1
!
interface FastEthernet0/0
ip address 10.18.2.2 255.255.255.248
!
interface FastEthernet1/0
ip address 10.18.2.9 255.255.255.248
!
router eigrp 1
network 10.0.0.0
!
end
!

PFRBorder2:
!
hostname PFRBorder2
!
key chain 1
key 1
key-string password2
!
pfr border
logging
local FastEthernet0/0
master 10.18.2.1 key-chain 1
!
interface FastEthernet0/0
ip address 10.18.2.3 255.255.255.248
!
interface FastEthernet1/0
ip address 10.18.2.13 255.255.255.248
!
router eigrp 1
network 10.0.0.0
!
end
!

Checking.

PFRMaster#sh pfr master
OER state: ENABLED and ACTIVE
Conn Status: SUCCESS, PORT: 3949
Version: 3.3
Number of Border routers: 2
Number of Exits: 2
Number of monitored prefixes: 2 (max 5000)
Max prefixes: total 5000 learn 2500
Prefix count: total 2, learn 1, cfg 0
PBR Requirements met (Cuando el learn es por aplicación, el control del enrutamiento es a través de route-maps, en este caso tiene que existir una subnet común entre los dos border routers)
Nbar Status: Inactive
Border           Status                UP/DOWN             AuthFail  Version  DOWN Reason
10.18.2.3        ACTIVE                UP       00:17:18          0  3.3
10.18.2.2        ACTIVE                UP       00:19:19          0  3.3
Global Settings:
max-range-utilization percent 20 recv 0
rsvp post-dial-delay 0 signaling-retries 1
mode route metric bgp local-pref 5000
mode route metric static tag 5000
trace probe delay 1000
logging
exit holddown time 60 secs, time remaining 0
Default Policy Settings:
backoff 90 900 90
delay threshold 200
holddown 90
periodic 0
probe frequency 56
number of jitter probe packets 100
mode route control
mode monitor both
loss relative 10
jitter threshold 20
mos threshold 3.60 percent 30
unreachable relative 50
trigger-log percentage 30
resolve delay priority 1 variance 10
Learn Settings:
current state : STARTED
time remaining in current state : 64 seconds
throughput
no delay
no inside bgp
traffic-class filter access-list BLOCK-LEARN
monitor-period 1
periodic-interval 0
aggregation-type prefix-length 24
prefixes 100 appls 100
expire after time 720
Learn-List seq 10 refname CHITO-BRANCH
Configuration:
Traffic-Class Access-list: CHITO
Filter: BRANCH
Aggregation-type: prefix-length 24
Learn type: throughput
Session count: 1000 Max count: 100000
Policies assigned: 10
Status: ACTIVE
Stats:
Traffic-Class Count: 1

PFRMaster#sh pfr master learn list

Learn-List seq 10 refname CHITO-BRANCH
Configuration:
Traffic-Class Access-list: CHITO
Filter: BRANCH
Aggregation-type: prefix-length 24
Learn type: throughput
Session count: 1000 Max count: 100000
Policies assigned: 10
Status: ACTIVE
Stats:
Traffic-Class Count: 1
Traffic-Class Learned:
Appl Prefix 10.0.0.0/24 N    256 10.22.29.0/27

PFRMaster#sh pfr master traffic-class
OER Prefix Statistics:
Pas – Passive, Act – Active, S – Short term, L – Long term, Dly – Delay (ms),
P – Percentage below threshold, Jit – Jitter (ms),
MOS – Mean Opinion Score
Los – Packet Loss (percent/10000), Un – Unreachable (flows-per-million),
E – Egress, I – Ingress, Bw – Bandwidth (kbps), N – Not applicable
U – unknown, * – uncontrolled, + – control more specific, @ – active probe all
# – Prefix monitor mode is Special, & – Blackholed Prefix
% – Force Next-Hop, ^ – Prefix is denied
DstPrefix           Appl_ID Dscp Prot     SrcPort     DstPort SrcPrefix
Flags             State     Time            CurrBR  CurrI/F Protocol
PasSDly  PasLDly   PasSUn   PasLUn  PasSLos  PasLLos      EBw      IBw
ActSDly  ActLDly   ActSUn   ActLUn  ActSJit  ActPMOS  ActSLos  ActLLos
——————————————————————————–
10.0.0.0/24               N    N  256           N           N 10.22.29.0/27
INPOLICY       @0         10.18.2.2 Fa1/0           PBR
U        U        0        0        0        0        7        7
29       24        0        0        N        N        N        N

PFRBorder1#sh route-map dynamic
route-map OER_INTERNAL_RMAP, permit, sequence 0, identifier 3187671041
Match clauses:
ip address (access-lists): oer#1
Set clauses:
ip next-hop 10.18.2.10
interface FastEthernet1/0
Policy routing matches: 1782 packets, 203148 bytes
Current active dynamic routemaps = 1

PFRBorder2#sh route-map dynamic
route-map OER_INTERNAL_RMAP, permit, sequence 0, identifier 1660944385
Match clauses:
ip address (access-lists): oer#1
Set clauses:
ip next-hop 10.18.2.2
interface FastEthernet0/0
Policy routing matches: 891 packets, 101574 bytes
Current active dynamic routemaps = 1
Aquí se puede ver el control por PBR.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s