Implementing Path Control Path Control BSCI v3.0—2-1 Why Path-control? • Suboptimal routing • Availability of redundant paths • Application – specific path optimization • Load sharing Path-control methods • Using Route – filtering • Using metric modifying: cost modifying, offset – list • Using Load – balancing techniques • Using AD modifying • Policy Based Routing (PBR) • Track next – hop with IP SLA Offset – list • The network is using RIP • The cost between A and B is smaller than between A and D but RIP choose both route for traffic from A going to subnet 172.16.3.0/24 on C • The administrator want to modify metric so that traffic from A to C transit through B Offset – list (Cont.) • An offset value to incoming and outgoing metrics to routes learned is added • Supported protocols:  RIP  EIGRP • The router applies an offset of to routes learned from G1.14 interface (connect to D) which match on access – list A(config)#access-list permit 172.16.3.0 A(config)#router rip A(config-router)#offset-list in g1.14 Policy Based Routing • Policy Based Routing (PBR) allows the router to forward traffic based on user – defined criteria before the normal IP routing table is consulted • PBR provides an extremely powerful, simple and flexible tool to route traffic based on network needs • PBR is applied to incoming packets • PBR also provides a mechanism for marking packets and as a result, differentiated preferential service can be provided to different types of traffic in combination with queuing techniques that are available in Cisco IOS software • PBR requires a route – map to implement the policy Steps to implement PBR • Enable PBR by configuring a route – map: • Match traffic using the match command • Define the action for matched traffic using the set command • Apply PBR to traffic:  To an incoming traffic  To packets that are generated by the router • Verify the PBR configuration Policy Based Routing Example • Match packets coming from subnet 172.16.1.0/24 and forward them to the next hop 172.16.12.2 • Match packets coming from subnet 172.16.11.0/24 and forward them to the next hop 172.16.14.4 • Apply the route – map to the incoming interface G1 if router A Policy Based Routing Example (Cont.) A(config)#access-list permit 172.16.1.0 0.0.0.255 A(config)#access-list 11 permit 172.16.11.0 0.0.0.255 • Access – list is used to match traffic from subnet 172.16.1.0/24 • Access – list 11 is used to match traffic from subnet 172.16.11.0/24 A(config)#route-map PBR 10 A(config-route-map)#match ip address A(config-route-map)#set ip next-hop 172.16.12.2 A(config-route-map)#exit • Traffic from subnet 172.16.1.0/24 will be forward to next – hop IP 172.16.12.2 Policy Based Routing Example (Cont.) A(config)#route-map PBR 20 A(config-route-map)#match ip address 11 A(config-route-map)#set ip next-hop 172.16.14.4 A(config-route-map)#exit • Traffic from subnet 172.16.1.0/24 will be forward to next – hop IP 172.16.12.2 A(config)#interface g1 A(config-if)#ip policy route-map PBR A(config-if)#exit • Apply the PBR route – map to the incoming interface G1 on router A Cisco IOS IP SLA • Cisco IOS IP Service Level Agreement (SLA) performs network performance measurement within Cisco System devices • IP SLA actively sends data across the network in a continuous, reliable, predictable manner to measure performance between multiple network locations or across multiple network paths • IP SLA uses timestamp information to calculate performance metrics such as jitter, delay, respond time, packet loss, Mean Opinion Score (MOS),… • The following steps are required to configure Cisco IP SLA:  Define one or more probes  Define one or more tracking objects  Define the action for each tracking object Using IP SLA for Path-control The administrator can use IP SLA for path – control: choose the primary path and backup path for a topology using only static routing Considering the following example: • The administrator at router A wants to use the path transit through B as the primary path to subnet 172.16.3.0/24 and the path transit through D is used as the backup path • The routing technique is used is static routing Using IP SLA for Path-control (Cont.) • Static routes on router A are configured using AD to establish primary route and backup route: A(config)#ip route 172.16.3.0 255.255.255.0 172.16.12.2 A(config)#ip route 172.16.3.0 255.255.255.0 172.16.14.4 10 • With the configuration above, if the link connect router A and router B down, static route with next – hop is router D will be used to forward traffic to subnet 172.16.3.0 • However, if the link is down at router B, router A cannot discover this breakdown and the redundancy is not perfomed • The solution to the above issue is to use Cisco IP SLA functionality , which can be used to continuously check the reachability of a specific next – hop IP and conditionally announce the static route if the connectivity is verified Using IP SLA for Path-control (Cont.) A(config)#ip sla A(config-ip-sla)#icmp-echo 172.16.12.2 source-ip 172.16.12.1 A(config-ip-sla-echo)#frequency 10 A(config-ip-sla-echo)#exit A(config)#ip sla schedule start-time now life forever • Set the probe to send an ICMP packet every 10 seconds to IP address 172.16.12.2 • Start sending packets now and continues forever A(config)#track ip sla • Define the tracking of object linked to IP SLA A(config)#ip route 172.16.3.0 255.255.255.0 172.16.12.2 track • Announces the static route with next – hop IP 172.16.12.2 with administrative distance of if tracking object is true