INE OLS - PFR DEMYSTIFIED

INSTRUCTOR - ANTHONY SEQUEIRA


INTRODUCTION

• Performance Routing
• Formerly known as OER - Optimized Edge Routing.
• Most syntax still remains SAME.
• Differs from TRADITIONAL routing as in it moves AWAY from the paradigm where routing is based on DESTINATION alone. Instead, PERFORMANCE is taken into consideration.
• Given a scenario where there are TWO exit points out of an AS.
1. LOW BW BUT LOW DELAY
2. HIGH BW BUT HIGH JITTER
• PfR will allow transmission of VOICE through ONE and DATA through the SECOND exit.
• Happens dynamically.
• Originally engineered for OUTBOUND traffic manipulation BUT CAN NOW INFLUENCE INBOUND FLOWS.

_____________________________________________________________
CORE COMPONENTS

• MASTER CONTROLLER (MC)
• The BRAINS of the whole operation.
• Collects statistical data and UPDATES policy decisions.
• Eg. Prefix injection.
• DOES NOT HAVE TO BE IN TRAFFIC PATH. 
• BORDER ROUTERS (BR)
• Located at the network EDGE.
• IN THE TRAFFIC PATH.
• Enacts policy dictated by MC and CONTROLS traffic IN and OUT of external links.
• INTERNAL LINKS DO NOT HAVE TO BE TRAFFIC PATH.
• A Cisco router can funciton as a BR and MC SIMULTANEOUSLY. 

_______________________________________________________________
THE PROCESS

• PROFILE PHASE
• Identifies the TRAFFIC CLASSES that need to be controlled.
• TC can be DISCOVERED by PfR or MANUALLY DEFINED.
• MEASURE PHASE
• BRs collect statistics and REPORT them to MC.
• Measurements can be ACTIVE or PASSIVE
• Passive - Interface statistics, NetFlow.
• Active - IP SLA used to GENERATE and MEASURE traffic.
• APPLY POLICY PHASE
• Acceptable thresholds of performance are defined.
• MC uses this info to IDENTIFY classes or links that are OUT OF POLICY (OOP)
• CONTROL PHASE
• IMPORTANT BUT NOT MANDATORY PHASE.
• Here, MC controls ROUTING PROTOCOL decisions.
• INJECT STATIC or BGP routes, CHANGE METRICS etc.
• VERIFY PHASE
• ENSURE the changes have brought the network BACK IN POLICY.

_______________________________________________________________
MC AND BR SETUP

• Basic setup is SIMPLE; most subsequent configuration occurs on MC.
• MASTER CONTROLLER SAMPLE CONFIG
• key chain ()
• key #
• key-sting ()
• !
• oer master
• keepalive ()
• logging
• !
• border (IP) key-chain ()
• interface (NAME) [internal | external]
• KEY CHAIN SETUP IS MANDATORY.
• LOGGING IS OPTIONAL BUT HELPFUL IN SETUP
• INTERFACE NAMES ARE ON THE BR!!!!!!!!!!
• EXTERNAL route OUT.
• INTERNAL connect BR to MC.
• BORDER ROUTER SAMPLE CONFIG
• key chain ()
• key #
• key-sting ()
• !
• oer border
• local (INTERFACE) <---------- LOCAL IP USED
• master (IP) key-chain ()
• VERIFICATION
• show oer master|border

_________________________________________________________
THE PfR PROFILE PHASE

• Dynamic discovery of TC (LEARN) or MANUAL configuration.
• Any TC PROFILED are stored in MONITORED TRAFFIC CLASSES (MTC) table.

• LEARNING PREFIX TRAFFIC CLASSES
• Uses the NetFlow TOP TALKER feature.
• Identifies prefixes with HIGHEST THROUGHPUT OR DELAY.
• Aggregation and limits CONTROL the SIZE of the MTC.
• MINIMAL BASE CONFIG for dynamic learning :-
• oer master
• learn
• throughput
• delay

• LEARNING APPLICATION TRAFFIC CLASSES
• Use the command protocol to identify ONLY those flows associated with an application.

• CONFIGURING A PREFIX TRAFFIC CLASS
• Prefixes are MANUALLY added to the MTC table using an OER-MAP.
• OER map contains ONLY PERMIT entries.
• Use PREFIX-LIST to DENY certain subnets.
• SAMPLE CONFIGURATION
• oer-map (NAME)
• match ip address prefix-list ()
• !
• oer master
• policy-rules
• VERIFICATION
• show oer master prefix learned

_______________________________________________________
THE PfR MEASURE PHASE

• BRs PASSIVELY measure the MTC information OR ACTIVELY PROBE (IP SLA) configured targets.
• ALSO monitor the the configured EXTERNAL links (LOAD/ERRORs)
• Here, PfR classifies TC and LINKS into STATES. POLICY DECISION POINT (PDP)
• default - TC or LINK is NOT under PfR control.
• choose exit - PfR is ATTEMPTING to select an EXIT POINT based on PERFORMANCE and configured POLICY.
• holddown - The MC has REQUESTED a BR to MONITOR the TC.
• in-policy - Traffic is being forwarded through an interface that SATISFIES the default or user-defined policy.
• out-of-policy - NO exits conform the policy. The MC may have to select the BEST available exit.
• PASSIVE measurement is done with NETFLOW.
• ACTIVE measurement is done with IP SLA.

• SAMPLE CONFIGURATION
• oer master
• active-probe echo (IP)
• Supported test are :
• ICMP echo
• UDP echo
• Jitter
• TCP connection.

______________________________________________________________
THE PfR APPLY PHASE

• Policy can be applied that DICTATES ACCEPTABLE values from the MEASURE phase.
• Timers help to ensure that network is NOT UNSTABLE as a result of PfR.
• Policies are applied using the OER-MAP
• Can be set GLOBALLY or for SPECIFIC TC.
• SAMPLE CONFIGURATION
• oer-map (NAME)
• match ip address prefix-list ()
• set delay threshold ()
• !
• oer master
• policy-rulse (OER-MAP-NAME)

___________________________________________________________
THE PfR APPLY PHASE

• OPTIONAL
• Here, PfR actually CHANGES the FLOW of traffic based on MEASUREMENTS and the POLICY.
• The mode route control places PfR in a mode where commands are sent to BRs to CONTROL ROUTING.
• Changes are initiated when :-
• A TC goes OOP.
• An exit link goes OOP.
• The periodic timer EXPIRES and TC are in CHOOSE EXIT.
• Changes are enacted though IGP metric change, BGP attribute manipulation, route injection or PBR introduction.

__________________________________________________________
THE PfR VERIFY PHASE

• This phase ENSURES that TC are brought back IN POLICY.
• NetFlow is relied upon for VERIFY phase.