Deploying Performance Routing PFR

Deploying
Performance Routing
(PfR)
EDCS-728322
BRKIPM-2362
BRKIPM-2362
2009 Cisco Systems, Inc. All rights reserved.
Cisco Public
Housekeeping
We value your feedback- don't forget to complete your online
session evaluations after each session & complete the Overall
Conference Evaluation which will be available online from
Thursday
Visit the World of Solutions
Please remember this is a 'non-smoking' venue!
Please switch off your mobile phones
Please make use of the recycling bins provided
Please remember to wear your badge at all times including the
Party
Related Sessions:
LABNMS-2002 Deploying and Operating Performance Routing (lab)
BRKIPM-2362
Cisco Public
Agenda
PfR Overview
Deployment
Performance
Conclusion
Q and A
Backup SlidesTroubleshooting
BRKIPM-2362
Cisco Public
What Is Performance
Routing (PfR)?
PfR Enhances Internet and WAN Connectivity for Prefixes

and Applications by Enabling Performance, Load, and $Cost
Routing Policies
Or Simply Put, the Ability to Select a Path Based on More Than
Just Routing Metrics
BRKIPM-2362
Cisco Public
Best Path Selection per Prefix,

Two or More Paths
WAN Access Links Are Biggest

End-to-End Bottleneck
Headquarters
SP C
SP B
SP A
Remote
Office
By Default BGP Chooses

Best Path Based on Fewest
As-Path Hops
Bottlenecks
SP D
SP E
Telecommuter
Shortest Path Is Not Always the

Best Path in Terms of Performance
BRKIPM-2362
Cisco Public
PfR Best Path

PfR Path
SP A
SP C
SP B
Headquarters
MC/BR
Remote
Office
BR
BR
MC
Bottlenecks
BR
SP D
SP E
MC/BR
Optimize by:
Reachability, Delay, Loss, Jitter*, MOS*,
Throughput, Load, and/or $Cost
Telecommuter
PfR Components
BRBorder Router
MCMaster Controller (decision maker)
BRKIPM-2362
Cisco Public
PfR and OER

Whats the Difference?
PfR has a broader technology scope
PfR will greatly expand application intelligence
PfR will leverage OER and other Cisco IOS
technologies to enable adaptive routing throughout
the enterprise
OER
PfR
Prefix
Applications
WAN edge
Private IP (MPLS)
Network selection
Path selection
Exit routing
Networkwide
BRKIPM-2362
Cisco Public
Overview
BRKIPM-2362
Cisco Public
Performance Routing (PfR)

Exit Selection Criteria
Reachability, Delay, Loss, Jitter, MOS, Load, $Cost
E-Mail
MC
Headquarters
MPLS
ATM
FR
BR
BR
BR
Remote
Office
MC/BR
BR
BR
Internet VPN
MC/BR
PfR Components
Telecommuter
BRBorder Router (Forwarding Path)

MCMaster Controller (Decision Maker)
BRKIPM-2362
Cisco Public
Performance Routing Policy Engine

Verify Enforcement
and Performance
Learn Applications
on the Network
Reroute Traffic
Measure
Application
Performance
Measure Alternate Paths

Apply Performance Policies to Measurements
BRKIPM-2362
Cisco Public
10
Component Description
BR External (WAN)
Interfaces
Master Controller (MC)

Cisco IOS software feature
Apply policy, verification,
reporting
Standalone or collocated
with BR
No routing protocol required
No packet forwarding/
inspection required
BR
ISP1/WAN1
MC
ISP2/WAN2
BR
BR Internal (LAN)
Interfaces
Border Router (BR)

Cisco IOS software feature
in forwarding router
Learn, measure, enforcement
NetFlow collector
Probe source (IP SLA client)
BRKIPM-2362
Cisco Public
11
Information Flow
MC controls all operation
Response
BR1
Issues commands to BRs

Contains traffic class/link data
MC
Reports events
Command
Reports measurements
Makes policy decisions
BR2
BR responds to MC commands
Sends responses to MC
Uses NetFlow, IP SLA, BGP, static, PBR
Measures traffic class performance
Measures link performance
Enforces performance-based routing
BRKIPM-2362
Cisco Public
12
PfR Operates on Traffic Classes

Type
Example
Destination Prefix
(Mandatory)
ACL
Application
(Optional)
Well-Known
NBAR
10.0.0.0/8
20.1.1.0/24
10.1.1.0/24 dscp ef
10.1.1.0/24 dst-port 50
10.1.1.0/24 telnet
20.1.0.0/16 ssh
10.1.1.0/24 nbar RTP
20.1.1.0/24 nbar citrix
Required: Destination Prefix

Optional: Src Pfx, Protocol, Ports, DSCP, Application ID
BRKIPM-2362
Cisco Public
13
Measuring Traffic Class Performance

Passive
Delay
PfR NetFlow monitoring

of traffic classes
Loss
Flows do not need to be on symmetrical

paths provided that all exit/entry points
are PfR-managed
Active
Reachability
Egress BW
Ingress BW
PfR enables IP SLA feature

Probes sourced from BRs
icmp probes learned or configured
tcp, udp, jitter need ip sla responder
Delay
Reachability
Jitter 12.4T
MOS 12.4T
Both mode
Attempts to measure performance
passively with NetFlow and only
launches IP SLA probes as needed
Loss 12.4(15)T
BR
Fast mode
Probes all path all the time
BRKIPM-2362
Cisco Public
14
PfR Policy
Traffic Class
Performance
Link
Security
Delay
Sinkhole
Loss
Blackhole
Reachability
Performance
Administrative
Load
balancing
Link
grouping
Max
utilization
$Cost
MOS
Jitter
Scope
BRKIPM-2362
Global or per Policy
Cisco Public
15
Selecting Best Traffic Class Path
Best
Path
Winner?
If Tie, Select
Current, Random
Select Best Performing

Paths Depending on
Priority with Variance
M
BRKIPM-2362
Remove Paths Which Do Not

Have Sufficient Capacity
Cisco Public
16
Selecting Best Traffic Class Path

Delay (ms) Jitter (ms)
Priority 1
Priority 2
Link
Utilization
Serial1
89%
100
30
Serial2
50%
113
30
Serial3
60%
119
32
Serial4
40%
150
20
BRKIPM-2362
Cisco Public
17
How Best Exit Path Is Enforced

MC tells BR to insert prefix in BGP or static table
MC tells BR to insert application/DSCP in policy route
A
BGP/Static Redis
BR1
Route Commands
ISP or MPLS
Master
B
BGP/Static Redis
BR2
ISP or MPLS
Modifying BGP local preference

Local preference must be highest
Installing a static route at the exit

Redistribute static should be configured
Installing a Dynamic PBR route-map at the Exit

Direct Link or GRE Tunnel Between BRs Necessary
BRKIPM-2362
Cisco Public
18
How Best Entrance Path Is Chosen

Measurements gathered for all entrances
Measurements applied in priority order
MC
Identify entrances to downgrade

Downgrade entrance using BGP advertisement
AS path prepend
Append downgrade BGP community
BRKIPM-2362
Cisco Public
19
How Best Entrance Path Is Enforced

Needed for inbound load balancing
MC tells BR to modify eBGP advertisement
A
eBGP Advert
BR1
Route Commands
ISP or MPLS
Master
eBGP Advert
BR2
ISP or MPLS
Modifying eBGP
Prepend AS hop(s)
Append BGP downgrade community
BRKIPM-2362
Cisco Public
20
PfR Typical Customers

Large, medium, and small enterprises with
mission-critical Internet presence
Enterprises with redundant WAN networks
Enterprises with remote offices
Home office with dual internet connections
Remote
Office
Headquarters
Telecommuter
BRKIPM-2362
Cisco Public
21
PfR Platform Support
Cisco
3800 ISR
Cisco
2800 ISR
Cisco
1800 ISR
Cisco
7200-NPE-G2
Current Highest
Performing PfR
Device**
Cisco
6500***
Cisco 7600
12.2(33)SRB
12.2(33)SXH
12.4, 12.4T
3640*/3660*/37
00*
12.4, 12.4T
2600*
12.4, 12.4T
1700*
12.4, 12.4T
*Announced/reached end-of-sale (EoS)

**Cisco 7301 with fixed NPE-G1 also supports PfR
***Only BR function supported, no support for MC
BRKIPM-2362
Cisco Public
22
Key Features of Cisco PfR

Manager by Fluke Networks
Executive-level reports
Troubleshooting analysis
Network health reports
Easy traffic class and policy

configuration
Fully Web-based
Technical support 24 hours

a day
Reports and alerts on

network events
Historical and trending
graphical reports
BRKIPM-2362
Cisco Public
Same design as NetFlow and

IP SLA monitoring products
23
Agenda
PfR Overview
Deployment
Performance
Conclusion
Q and A
BRKIPM-2362
Cisco Public
24
Design Questions
1. Do I have redundant WAN connections?
Internet, IPSEC/GRE, MPLS, ATM, Frame Relay
Configure as PfR external interfaces
2. Which routers terminate the WAN?

These are PfR border routers
3. What routing protocols over WAN?

BGP, static covered by PfR
All others, cfg static with redistribution and filtering
4. Which router is PfR master controller?

Up to 5000 prefixes, dedicated 7200 or 3800 MC
Up to 20K prefixes with NPE-G2
For a few to few hundred prefixes, configure MC on BR
BRKIPM-2362
Cisco Public
25
Design Questions
5. What policy is important?
Exit performance
Delay, loss, reachability, throughput
Jitter, MOS
Entrance performance12.4T
Delay, loss, reachability, throughput
Load distribution
Cost minimization ($cost)
Primary/backup link groups
Path discovery (for troubleshooting)
Security 12.4T
Default priority is performance then load
BRKIPM-2362
Cisco Public
26
Design Questions
6. Determine interesting traffic class by:
Configure prefix
Configure application
Configure full ACL
Learn interesting prefixes
Learn interesting traffic classes
Learn eBGP advertised prefixes (inbound optimization)
Learn application
7. Are prerequisites for prefix or application control met?

Prefix controlparent route (or default) requirement needs to exist in
BGP or static table
Application controlparent route for prefix also required; direct links
(or GRE) required between all border routers for dynamic PBR
BRKIPM-2362
Cisco Public
27
Solution Topologies
2. Remote Office
1. SOHO/Broadband
ISP1/WAN1
BR
MC/BR
ISP2/WAN2
MC/BR
3. Headquarters/Content/Hosting/Data Centers
ISP1/WAN1
BR
MC
ISP2/WAN2
BR
BRBorder Router, MCMaster Controller

BRKIPM-2362
Cisco Public
28
SOHO/Broadband Deployment
1. Cable and DSL WAN interfaces
Eth8/0OER Internal
Eth9/0OER External
Ser12/0OER External
Eth9/0 Cable
2. ISR router terminates WAN
Eth8/0
ISR is OER BR
MC/BR
3. Static default routing

4. 10 to 100 traffic classes
Ser12/0 DSL
ISR is also MC
12.4
5. Performance is most important

Use OER default policy (performance overload)
6. Learn throughput and delay to get

prefixes
BRKIPM-2362
Cisco Public
29
SOHO/Broadband Configuration
key chain key1
key 1
key-string oer
oer master
logging
mode route control
max prefix total 100
Enable Logging
Enforce Routing
Changes
backoff 90 3000 300

border 10.10.10.1 key-chain key1
Authentication
Required
interface Ethernet8/0 internal

interface Ethernet9/0 external
Limit Cable and
max-xmit-utilization absolute 1000
DSL Throughput
interface Ser12/0 external
max-xmit-utilization absolute 300
learn
Learn Delay and
throughput
Throughput
delay
Prefixes Every Minute
monitor-period 1
MC and BR on
periodic-interval 0
Same Router
oer border
logging
Eth9/0 Cable
local Ethernet8/0
Eth8/0
master 10.10.10.1 key-chain key1
interface Ethernet8/0
ip address 10.10.10.1 255.255.255.0
MC/BR
interface Ethernet 9/0
load-interval 30
Ser12/0 DSL
interface Serial 12/0

load-interval 30
BRKIPM-2362
Cisco Public
30
Mission-Critical Internet Presence

Online banking
E-mail hosting
Online ticketing
Instant messaging
Online catalog
News/weather

IM
E-Mail

BRKIPM-2362
ISP1
Internet
BR
Web
ISPD
ISPA
ISPE
ISPB
MC
ISP2
BR
ISPF
ISPG
ISPC
Internet voice
Application hosting
DNS
Online music
Online video
Cisco Public
31
Internet Presence Deployment

1. DS3 interfaces
Ser12/0, Ser13/0, etc.
IM
2. Cisco 7200 and Cisco 3800

are typical BR/MC with BR
terminating WAN connections
3. BGP routing
BRs must be iBGP peers
Default routing -orPartial routes -orFull routes
Web
E-mail
BR
MC
BR
Same PfR Configuration for All
4. Support of up to 15,000 prefixes

(with Cisco 7200-NPE-G2)
12.4T/14.4M
Entrance Optimization
5. Customers differ on policy priority

6. Learn prefixes by throughput and delay
BRKIPM-2362
Cisco Public
BRBorder Router,
MCMaster Controller
32
Internet Presence Configuration

Default Policy: Performance Then Load
key chain key1
key 1
key chain key1
MC 10.1.1.1
key-string oer
oer master
logging
key 1
Choose Best Exit

Regardless of In or
Out of Policy
key-string oer
oer border
periodic 600
Revaluate Exit
10 Minutes

interface Ethernet8/0 internal
BR 10.10.10.3
logging
mode route control

mode select-exit best
backoff 90 3000 300
BR 10.10.10.2
local loopback 1
master 10.10.10.1 key-chain key1
interface ser12/0
load-interval 30
interface ser13/0
load-interval 30
interface Serial12/0 external

IM
interface Ethernet 8/0 internal

Web
BR
MC
E-Mail
learn
throughput
BR
Learn 500
Prefixes
delay
monitor-period 1
periodic-interval 0
Delete Prefix if Not

Relearned in 240 Minutes
prefixes 500
expire after time 240
BRKIPM-2362
Cisco Public
33

Outbound Load Balancing Only
Add to default policy configuration
Disable Periodic
Prefix Evaluation
oer master
MC 10.1.1.1
IM
Web
E-Mail
BR
MC
BR
no periodic
resolve utilization priority 1 variance 5
resolve range priority 2
no resolve delay
no resolve loss
max-range-utilization percent 50
border 10.1.1.2
Link OOP if :%
util > Lowest
+ 50
% util > 90

max-xmit-utilization percent 90
border 10.1.1.3
BRKIPM-2362
Cisco Public
34

$Cost Minimization Only
Add to default policy configuration
oer master
no periodic
MC 10.1.1.1
resolve cost priority 1

no resolve delay
100
10,000$
75%
8000$
40
4000$
No
OER
no resolve utilization
border 10.1.1.2
cost-minimization tier 100 fee
cost-minimization tier 75 fee
cost-minimization tier
10000
8000
40 fee
10,000$
4000
cost-minimization end day-of-month 31

cost-minimization fixed fee 3000
border 10.1.1.3
75%
8000$
OER

4000$
Fixed Tiered
BRKIPM-2362
Cisco Public
35

Inbound Load Balancing
Learning Inside Prefix
oer master
learn
inside bgp
oer-map MAP 10
match oer learn inside
BGP
Advertisement
Enterprise
BR
ISP1
Internet
MC
Configuring Inside Prefix
BR/CE
ip prefix-list INSIDE permit 10.1.1.0/24

oer-map MAP 10
ip address prefix-list INSIDE inside
ISP2
Choosing Downgrading Method

AS prepend No Configuration required
BGP Community
Oer master
border 10.1.1.1 key-chain oer
interface ethernet1/0 external
downgrade bgp community 3:2
BRKIPM-2362
Cisco Public
36
Enterprise VPN Deployment

Internet
MC/BR
Telecommuter
MPLS
Headquarters
BR
MC
ATM
BR
Remote
Office
Frame Relay
MC/BR
BR

BRKIPM-2362
Cisco Public
37

PfR with EIGRPStatic Route Redistribution
1.
Configure Default to each external interface

ip route 0.0.0.0 0.0.0.0 eth 9/0 50.50.50.2 tag 10
ip route 0.0.0.0 0.0.0.0 ser12/0 tag 10
ip route 0.0.0.0 0.0.0.0 tunnel0 tag 10
ip route 0.0.0.0 0.0.0.0 tunnel1 tag 10
2.
OER External
Interfaces
Block redistribution of Default

router eigrp 100
redistribute static route-map block-def
route-map block-def deny 20
Remote
Office
match tag 10
route-map block-def permit 30
MC/BR
PfR Integration with EIGRP Coming in 12.5(P13)T.

Until That Time, We Must Use This Workaround.
BRKIPM-2362
Cisco Public
38

PfR with EIGRP
3. Configure PfR learn
oer master
learn
throughput
delay
4. Block redistribution of PfR statics over externals

router eigrp 100
distribute-list route-map block-oer out eth0/1
OER External
Interfaces
distribute-list route-map block-oer out ser12/0

distribute-list route-map block-oer out tunnel0
distribute-list route-map block-oer out tunnel1
route-map block-oer deny 10
match tag 5000
route-map block-oer permit 20
BRKIPM-2362
Cisco Public
Default Tag for

OER Statics
39

Dual IPSec/GRE Tunnels
IPSec over GRE
Tunnel0
DMVPN (at spokes only)
Tunnel1
Tunnels are OER external
MC/BR
Add to SOHO Cfg
Tunnel0
Headquarters
Telecommuter
oer master
BR
MC
Tunnel1
Tunnel0
BR/CE
border 10.10.10.1
Internet
interface Tunnel 0 external

Tunnel1
Add to Internet default policy config

oer master
Tunnel0
MC/BR
Remote
Office
border 10.1.1.2
Tunnel0
BR/CE
border 10.1.1.3

BRKIPM-2362
Cisco Public
40

MPLS Primary with IPSec/GRE Backup
Combines Internet and IPSec/GRE
Tunnel and MPLS I/F are OER external
Backup then performance policy
Tunnel0
Headquarters
Internet
Serial1
BR
Remote
Office
MC
Tunnel2
MC/BR
BR/CE
Serial3
MPLS
VPN
BR/CE

BRKIPM-2362
Cisco Public
41

MPLS Primary and IPSec/GRE Backup Configurations*
Group Links
Specify Link Preference
oer master
oer-map MAP 10
match Appl1
set delay threshold 100
set link-group RED fallback BLUE

interface Serial1 external
link-group RED
interface Tu0 external
oer-map MAP 20
match Appl2
set link-group BLUE
link-group BLUE
interface eth1/1 internal
interface Serial3 external
Tunnel0
link-group RED
interface Tu2 external
link-group BLUE
BR1
MC
interface et3/1 internal
Serial1
Tunnel2
BR2
Serial3
*PfR also supported with ISDN and 3G wireless interfaces

BRKIPM-2362
Cisco Public
42

Fast Failover and Load Balancing
Simultaneous probing on all exits
Quick failover to alternate path within 3 seconds
Headquarters
MC/BR
Serial0
BR
Remote
Office
MPLS
MC
BR/CE
BR/CE
Serial0
Oer master
max-range-utilization percent 10
learn
list sequence 10 refname REM_OFC
traffic-class prefix-list REM_OFC_LIST
throughput
Ip prefix-lst REM_OFC_LIST permit 10.1.0.0/16
Ip prefix-lst REM_OFC_LIST deny 0.0.0.0/0
oer-map MAP 10
match oer learn list REM_OFC
set mode monitor fast
set unreachable threshold 5
set active-probe echo 10.1.1.1
set active-probe echo 10.1.1.2
set probe frequency 2
set resolve range priority 1

BRKIPM-2362
Cisco Public
43

Optimize Voice Traffic Between Two Sites
Select exit with least jitter, delay, and loss
Jitter 20 ms
IP SLA Responder
Tunnel0
Headquarters
BR
Tunnel0
ISP1
MC
Internet
BR/CE
Tunnel1
ISP2
Remote
Office
MC/BR
Tunnel1
BR/CE
Jitter 5 ms
Select exit with highest percentage of estimated MOS above

threshold
Tunnel15 out of 100 sample had MOS < 4.00 better
Tunnel020 out of 100 sample had MOS < 4.00
BRKIPM-2362
Cisco Public
44

Optimize Voice Traffic Between Two Sites
Identify Voice Traffic
Configure Voice Policy

oer-map MAP 20
match traffic-class access-list
VOICE-LIST
set Jitter threshold 15
set mos percent 20 threshold 4.00
set resolve mos priority 1
set resolve jitter priority 2
set mode monitor fast
Packets marked with DSCP bits

ip access-list extended VOICE-LIST
permit ip any 10.1.1.0 0.0.0.255 dscp
ef
Or
UDP port range
ip access-list extended VOICE-LIST
permit udp any 10.1.1.0 0.0.0.255
range x y
Jitter 20 ms
Configure Jitter Probe
IP SLA Responder
10.1.1.1
oer-map MAP 20
set active-probe jitter 10.1.1.1
target-port 2000 codec g729a
set probe frequency 2
Headquarters
Tunnel0
1
BR
MC
Tunnel0
Internet
BR/CE
Tunnel1
Remote
Office
MC/BR
Tunnel1
2
BR/CE
Configure
Responder on remote router
Ip
sla responder
Jitter 5 ms
BRKIPM-2362
Cisco Public
45

Optimize Application
Traffic to branch office
Latency < 100 ms
Headquarters
Latency sensitive applicationtelnet, ssh
Tunnel0
1
BR
Internet
MC
Latency tolerantother
BR/CE
Tunnel1
Learn Application Traffic

Ip prefix-list BRANCH_PFX permit 10.1.0.0/16
!
oer master
learn
list sequence 10 refname BRANCH_APPL
traffic-class application telnet ssh filter BRANCH_PFX
throughput
list sequence 20 refname BRANCH_PFX
traffic-class prefix-list BRANCH_PFX
throughput
Latency > 200 ms
Telnet or ssh
Other
Tunnel0
Tunnel1
Configure Policy
oer-map MAP 10
match oer learn list BRANCH_APPL
set resolve delay priority 1 variance 5
BRKIPM-2362
Cisco Public
oer-map MAP 20
match oer learn list BRANCH_PFX
set resolve utilization priority 1
variance 5
46

Optimize ApplicationDefine Your Own Application
Define Application Using access-list
Add Application Definition to OER Database
Ip access-list extended APPL1_DEF

permit tcp any eq 200 any
permit tcp any any eq 200
Oer master
application define APPL1 access-list APPL1_DEF
application define APPL2 access-list APPL2_DEF
Ip access-list extended APPL2_DEF

permit ip any any dscp af12
Learning User Defined Applications

Oer master
learn
list seq 30 refname LISTA
traffic-class application APPL1
list seq 40 refname LISTB
traffic-class application APPL2
BR
Apply Policy to Learned Application

MC
oer-map MAP 10
match traffic-class learn list LISTA
set resolve delay priority 1 variance 5
oer-map MAP 20
match traffic-class learn list LISTB
set resolve range priority 1
BR
BRKIPM-2362
Cisco Public
47

Optimize Application Identified by NBAR*
Use NBAR to identify application traffic
NBAR is activated automatically on BR
BR
Learning NBAR Identified Applications

Oer master
learn
list seq 30 refname LISTA
traffic-class application nbar rtp-audio
list seq 40 refname LISTB
MC
BR
traffic-class application nbar citrix
Configure NBAR Identified Applications

Ip prefix-list LIST1 permit 10.1.1.0/24
Ip prefix-list LIST1 permit 10.1.2.0/24
Oer-map MAP 10
match traffic-class application nbar citrix prefix-list LIST1
* To be released in 12.5 (1st) T

BRKIPM-2362
Cisco Public
48
Security PolicyIgnore Performance

Identify Blackhole Traffic Class
ip prefix-list BLACKHOLE permit 100.1.1.0/24
ip access-list extended BLACKHOLE
permit tcp 10.10.10.0 0.0.0.255 any eq www
Identify Sinkhole Traffic Class

ip prefix-list SINKHOLE permit 9.1.1.1/32
ip access-list extended SINKHOLE
permit udp 10.10.10.0 0.0.0.255 any eq domain
permit ip any any dscp cs4
Apply Policy
oer master
policy-rules SECURITY
oer-map SECURITY 10
match ip address prefix-list BLACKHOLE
set interface Null0
oer-map SECURITY 40
match ip address access-list SINKHOLE
set next-hop 10.10.10.4
BRKIPM-2362
Cisco Public
49
PfR with NAT

MC/BR Router Combined
PfR and NAT
RPF Check
IM
Web
ISP1
New flow goes out

via new exit
ISP2
Avoids problems if
ISP is performing RPF
checking
MC/BR
CSS11500
E-Mail
Existing flow continues

on same exit; no
sessions are dropped
NAT Translation
Occurs Here
ISP1
Minimal Configuration Change
ISP2
interface virtual-template 1
ip nat inside source <x> interface Virtual-Template 1 overload oer
BRKIPM-2362
BR
Cisco Public
MC
With Separate MC and BR
50
PfR with NATConfiguration Example

Identify Traffic to be NAT Translated
access-list 1 permit 10.1.0.0
0.0.255.255
route-map isp-1 permit 10
match ip address 1
match interface Se1/0
route-map isp-2 permit 10
match ip address 1
match interface Se2/0
interface Eth3/0
ip nat inside
interface Se1/0
ip nat outside
interface Se2/0
ip nat outside
OER Internal
Interface
OER External
Interface
Single IP
Se1/0ISP1
interface virtual-template 1
ip nat inside source route-map isp-1 interface
Virtual-Template1 overload oer
Single IP
ISP1
IP Pool
ip nat pool ISP-2 <min-ip-addr> <max-ip-addr>
prefix-length <len>
ip nat inside source route-map isp-2 pool ISP-2
oer
10.1.0.0
MC/BR
ISP2
Eth3/0
Se2/0ISP2
IP Pool
BRKIPM-2362
Cisco Public
51
Security Considerations
Deploy MC behind firewall
Separate private VLAN
for MC and BR
IM
Web
BR
MC
E-Mail
BR
Private addressing for

MC and BR communication
No routing on MC
no ip routing
Routing Not Required on MC
no router

BRKIPM-2362
Cisco Public
52
PfR MC Redundancy
What if MC goes down?
Routing defaults to normal
as if PfR was not configured
Still need MC redundancy?

Available
Stateless redundancy
without configuration
synchronization available
using HSRP
IM
On roadmap
Stateless redundancy
with synchronized
configuration and stateful
redundancy
BRKIPM-2362
ISP1
Cisco Public
BR
Web
ISP2
BR
E-Mail
MC
53
PfR MC Redundancy
Stateless redundancy using HSRP
On Border Configure HSRP
Group IP as MC IP
oer border
master 10.1.1.100 key-chain oer
ISP1
IM
BR
Web
BR
E-Mail
MC
Active
MC
ISP2
HSRP Group
IP 10.1.1.100
Standby
standby 100 ip 10.1.1.100
Duplicate Configuration
on both MC
BRKIPM-2362
Cisco Public
54
Agenda
PfR Overview
Deployment
Performance
Conclusion
Q and A
BRKIPM-2362
Cisco Public
55
PfR MC Process vs. Total System CPU

12.3(11)T CPU Usage Cisco IOS Master Controller
Comparing OER Process to Total System CPU
Active + Learning Mode Enabled (2500 Prefixes)
System Total10 Border Routers/2500 Prefixes
OER Process10 Border Routers/2500 Prefixes
System Total10 Border Routers/5000 Prefixes
OER Process10 Border Routers/5000 Prefixes
28
26
24
22
1min % CPU
20
18
16
14
12
10
8
6
4
2
0
0
10
15
20
25
30
35
40
45
50
55
Time (Minutes)
BRKIPM-2362
Cisco Public
56
PfR BR Learning-Enabled
12.3(11)T CPU Usage Cisco IOS Border Router
12.3(11)T CPU Usage Cisco IOS Border Router
Active + Learning Mode Enabled (2500 Prefixes)
2 Border Routers/1000 Prefixes
8
7
1min % CPU
6
5
4
3
2
1
0
0
10
15
20
25
30
35
40
45
50
55
Time (Minutes)
BRKIPM-2362
Cisco Public
57
Master Controller Memory Usage

Memory Usage PfR Master Controller
25 Border Routers
15000 Prefixes
MB
130
120
110
100
90
80
70
60
50
40
30
20
10
0
5:5000
5:4000
5:3000
5:2000
5:1000
5:1
4:5000
4:4000
4:3000
4:2000
4:1000
X = # of Border Routers, Y = # of Prefixes Monitored

1 Min.
BRKIPM-2362
4:1
3:5000
3:4000
3:3000
3:2000
3:1000
3:1
2:5000
2:4000
2:3000
2:2000
2:1000
2:1
X:Y
Cisco Public
60 Min.
58
Border Router Memory Usage

Memory Usage PfR Border Router
25 Border Routers
15000 Prefixes
30,000,000
MemoryBytes
25,000,000
20,000,000
15,000,000
10,000,000
5,000,000
0
5:5000
5:4000
5:3000
5:2000
5:1000
5:1
4:5000
4:4000
4:3000
4:2000
4:1000
4:1
A = # of Border Routers, B = # of Prefixes Monitored

1 Min.
BRKIPM-2362
3:5000
3:4000
3:3000
3:2000
3:1000
3:1
2:5000
2:4000
2:3000
2:2000
2:1000
2:1
A:B
Cisco Public
60 Min.
59
7200-NPE-G2 PfR Performance

Ciscos highest performing
OER solution
Supports > 15,000 prefixes
BR
Avg CPU
Ideal for enterprise OER

solution
Platform: 7200VXR-NPEG2
Mode Monitor: Active
Prefix Count: 20,000*
Prefix Type: Configured
Probe Frequency: 4 Seconds
24% Total
22%Total
5% IP
MC
18%MC
BR
9% IPSLA
5% BR
MC Router
524 MB DRAM
*12.4(15)T image
BRKIPM-2362
Cisco Public
BR Router
120 MB RAM
60
Overall Performance Tests Summary

MC needs higher performing CPU and more memory
compared to BR
In general, Cisco PfR platforms show very favorable
PfR performance
7200-NPE-G2 is Ciscos highest performing PfR
platform
BRKIPM-2362
Cisco Public
61
Deployment Suggestions
Measure performance impact on production BR during

peak time (midday on a weekday)
CPU: show processes cpu
Memory: show memory summary
Determine viability of colocated MC/BR by:

a. Referencing peak time data
b. Referencing graph test results from earlier
BRKIPM-2362
Cisco Public
62
Agenda
OER Overview
Deployment
Troubleshooting
Performance
Conclusion
Q and A
BRKIPM-2362
Cisco Public
63
Conclusions
MPLS
PfR routes around soft errors

Blackouts
ATM
Brownouts
FR
Congestion
PfR chooses the best performing path

Delay, loss, reachability, throughput, jitter/MOS
Utilization, load balancing
ISPA
ISPD
Internet
PfR reports issues
ISPE
ISPB
Management application interface
ISPC
ISPF
ISPG
Syslog
Show oer master prefix
Troubleshoot issues during

workaround instead of fire fighting
$ cost management
OER saves $ on usage based pricing links
BRKIPM-2362
Cisco Public
$$$$$$$
64
Agenda
PfR Overview
Deployment
Performance
Conclusion
References
Q and A
BRKIPM-2362
Cisco Public
65
Technical References
PfR CCO
www.cisco.com/go/PfR/
Cisco IOS Software Release 12.3 12.4 12.4T

www.cisco.com/go/release124t/
Cisco IOS Software Release 12.2(33)SRB

www.cisco.com/go/release/
Fluke Networks PfR Manager

www.flukenetworks.com/fnet/en-us/products/PFR+Manager/
Overview.htm
Empowered Branch 3 Launch Announcement

CCO: http://www.cisco.com/en/US/netsol/ns340/ns394/
ns302/ns296/networking_solutions_package.html
BRKIPM-2362
Cisco Public
66
Q and A
BRKIPM-2362
Cisco Public
67
Meet The Expert

To make the most of your time at Cisco Networkers 2009,
schedule a Face-to-Face Meeting with a top Cisco
expert.
Designed to provide a "big picture" perspective as well as "indepth" technology discussions, these face-to-face meetings will
provide fascinating dialogue and a wealth of valuable insights and
ideas.
Visit the Meeting Centre reception desk located in the Meeting
Centre in World of Solutions
BRKIPM-2362
Cisco Public
68
Recommended Reading
Continue your Cisco Live
learning experience with further
reading from Cisco Press
Check the Recommended
Reading flyer for suggested
books
Available Onsite at the Cisco Company Store

BRKIPM-2362
Cisco Public
69
BRKIPM-2362
Cisco Public
70
Backup Slides
Troubleshooting PfR
BRKIPM-2362
Cisco Public
71
How to Discover Current Path?

show oer master prefix 100.1.1.0/24 traceroute current [now]
Displays current path of prefix
Uses responding target
If now, generate new result
Otherwise, display most recent result
sh oer master prefix 100.1.1.0/24 traceroute current now
Path for Prefix: 100.1.1.0/24
Target: 100.1.1.1
Exit ID: 2, Border: 10.10.10.1
External Interface: Se12/0
Status: DONE, How Recent: 00:00:00 minutes old

Hop
Host
Time(ms) AS
30.30.30.2
24
60.60.60.4
12
100.0.0.2
20
Eth9/0 Cable
Eth8/0
Done or In Progress
BRKIPM-2362
AS Is Unknown
Likely Not Using BGP
Cisco Public
MC/BR
Ser12/0 DSL
72
How to Discover All Paths?

show oer master prefix 100.1.1.0/24 traceroute [now]
Displays path over each external interface
Uses responding target
-------------------------------------------------------------------------------Path for Prefix: 100.1.1.0/24
Target: 100.1.1.1

External Interface: Et9/0
Hop
Host
Time(ms) AS
1
2
40.40.40.2
60.60.60.4
4
4
0
0
100.0.0.2
20
-------------------------------------------------------------------------------Path for Prefix: 100.1.1.0/24

Target: 100.1.1.1

Hop Host
Time(ms) AS
1
2
30.30.30.2
60.60.60.4
12
16
0
0
100.0.0.2
32
BRKIPM-2362
Cisco Public
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
73
How to Discover Path on OOP?

oer-map foo 10
Learned Top
Throughput
Prefixes,
match oer learn throughput

set traceroute reporting policy delay
Discover Path on
Delay OOP
set traceroute reporting policy loss
Discover Path on
Loss OOP
set traceroute reporting policy unreachable
Discover Path on
Unreachable OOP
To display traceroute result

sh oer master prefix 100.1.1.0/24 traceroute current now
Path for Prefix: 100.1.1.0/24
Target: 100.1.1.1

Hop Host
Time(ms) AS
1
30.30.30.2
24
60.60.60.4
12
100.0.0.2
20
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
BRKIPM-2362
Cisco Public
74
Troubleshooting
1. Verify master to border connection
2. Verify master is operational
3. Verify internal/external interfaces operational
4. Verify traffic class learning
5. Verify traffic class monitoring
6. Verify traffic class control
Eth9/0 Cable
7. Investigate traffic class history

Eth8/0
MC/BR
Ser12/0 DSL

BRKIPM-2362
Cisco Public
75
Verify Master to Border Connection

sh oer master border
Border
Status
UP/DOWN
10.10.10.1
INACTIVE DOWN
AuthFail
0
Key chain not configured or misconfigured

OER border local interface IP address
and master IP address mismatch
OER border master IP address
not reachable or not master
CEF not configured
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL

BRKIPM-2362
Cisco Public
76
Verify Master Operational

At least one internal and two external must be UP
Border
10.10.10.1
Status
UP/DOWN
INACTIVE UP
00:00:28
sh oer master border detail | i Down

Se12/0
EXTERNAL Admin Down
Se12/0
1544
300
AuthFail
0
0 Admin Down
No shutdown serial 12/0

Border
Status
ACTIVE
10.10.10.1
UP/DOWN
UP
00:17:06
AuthFail
0
sh oer master | i OER state

OER state: ENABLED and INACTIVE
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL

BRKIPM-2362
Cisco Public
77
Verify Internal and External

Interfaces Operational
sh oer master border detail
Border
Status
10.10.10.1
Se12/0
ACTIVE
UP
EXTERNAL UP
Et9/0
Et8/0
UP/DOWN
AuthFail
00:10:32
0
Eth9/0 Cable
EXTERNAL UP
INTERNAL UP
Eth8/0
MC/BR
Ser12/0 DSL
External
Interface
--------Se12/0
Et9/0
Capacity
(kbps)
--------
Max BW
(kbps)
------
1544
300
120
300
78
1000
338
3 UP
1000
150
10000
BW Used
Load Status
(kbps)
(%)
------- ------- ------
Exit Id
------
7 UP
3
4
Egress
2
Ingress

BRKIPM-2362
Cisco Public
78
Verify Traffic Class Learning

Learning running on MC
sh oer master | b Learn
Learn Settings:
current state : STARTED
time remaining in current state : 93 seconds
aggregation-type prefix-length 22
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL

BRKIPM-2362
Cisco Public
79

Learning running on BR (configuration)
sh oer border passive learn
OER Border Learn Configuration :
State is enabled
Measurement type: throughput, Duration: 5 min
Aggregation type: prefix-length, Prefix length: 24
No port protocol config
Learn List 10
Measurement type: throughput
Session count: 50
Eth9/0 Cable

Appl ID: telnet
Eth8/0
MC/BR
Ser12/0 DSL

BRKIPM-2362
Cisco Public
80

Eth9/0 Cable
Learning running on BR
Eth8/0
sh oer border pass cache learn traffic-class
MC/BR
OER Learn Cache:

State is enabled
Ser12/0 DSL
Measurement type: throughput and delay, Duration: 1 min

4096 oer-flows per chunk,
12 chunks allocated, 32 max chunks,
1 allocated records, 49151 free records, 5767680 bytes allocated
DstPrefix
Pkts
Host1
dport1
Appl_ID Dscp Prot

B/Pk
Host2
dport2
SrcPort
Delay
Host3
dport3
DstPort SrcPrefix
Samples
Host4
dport4
Active
Host5
dport5
------------------------------------------------------------------------------10.1.15.0/24
telnet defa
N
N
N 0.0.0.0/0
38
49
0
0
72.7
10.1.15.2
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
1005
0
0
0
0
10.1.15.0/24
84
10.1.15.2
1006
N defa
634
0.0.0.0
N
0
0.0.0.0
N N
0
0.0.0.0
45.2
0.0.0.0

BRKIPM-2362
Cisco Public
81

Eth9/0 Cable
Learned traffic class in MC
Eth8/0
MC/BR
MC#show oer master traffic-class

OER Prefix Statistics
Ser12/0 DSL
DstPrefix
Appl_ID Dscp Prot

SrcPort
DstPort SrcPrefix
Flags
State
Time
CurrBR CurrI/F Protocol
PasSDly PasLDly
PasSUn
PasLUn PasSLos PasLLos
EBw
IBw
ActSDly ActLDly
ActSUn
ActLUn ActSJit ActPMOS
----------------------------------------------------------------------------10.1.15.0/24
telnet defa
N
N
N 0.0.0.0/0
INPOLICY
0
10.1.1.2
Et2/0
PBR
22
22
0
0
1749
1395
1
1
U
U
0
0
N
N
10.1.15.0/24
14
U
N defa
INPOLICY*
13
0
12
0
N
0
0
0
N 0.0.0.0/0
10.1.1.2
Et2/0
0
0
14
N
N
U
1

BRKIPM-2362
Cisco Public
82
Verify Traffic Class Monitoring

Eth9/0 Cable
Passive monitoring on BR
Eth8/0
MC/BR
show oer border passive cache traffic-class
Ser12/0 DSL
OER Passive Prefix Cache, State: enabled, 278544 bytes
DstPrefix
Appl_ID Dscp Prot

SrcPort
DstPort SrcPrefix
Nexthop
SrcIf
DstIf
Active
Flows
sDl
#Dly
Pkts
B/Pk
PktLos
#UnRch
-----------------------------------------------------------------------------10.1.15.0/24
N defa
N
N
N 0.0.0.0/0
10.1.7.2
Et0/0
Et2/0
56.3
30
0
0
150
620
0
0
10.1.15.0/24
16
telnet defa
10.1.7.2
0
0
N
27
N
Et0/0
49
N 0.0.0.0/0
Et2/0
1
30.4
0

BRKIPM-2362
Cisco Public
83
Verify Traffic Class Control

Eth9/0 Cable
Traffic class control on MC
Eth8/0
MC/BR
show oer master traffic-class

OER Prefix Statistics:
Ser12/0 DSL
DstPrefix
Appl_ID Dscp Prot

SrcPort
DstPort SrcPrefix
Flags
State
Time
CurrBR CurrI/F Protocol
PasSDly PasLDly
PasSUn
PasLUn PasSLos PasLLos
EBw
IBw
ActSDly ActLDly
ActSUn
ActLUn ActSJit ActPMOS
----------------------------------------------------------------------------10.1.15.0/24
telnet defa
N
N
N 0.0.0.0/0
INPOLICY
0
10.1.1.2
Et2/0
PBR
22
22
0
0
1749
1395
1
1
U
U
0
0
N
N
10.1.15.0/24
14
U
N defa
INPOLICY
13
0
12
0
N
0
0
0
N 0.0.0.0/0
10.1.1.2
Et2/0
0
0
14
N
N
BGP
1

BRKIPM-2362
Cisco Public
84
Verify Traffic Class Control

Eth9/0 Cable
Verify traffic class control on BR
Eth8/0
MC/BR
Static or BGP
Ser12/0 DSL
show oer border routes bgp

BGP table version is 88, local router ID is 10.1.4.1
Status codes: s suppressed, d damped, h history, * valid, > best, i internal,

r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
OER Flags: C - Controlled, X - Excluded, E - Exact, N - Non-exact, I Injected
Network
*> 10.1.15.0/24
Next Hop
OER
10.1.4.2
CE
LocPrf Weight Path

0 300 50 ?

BRKIPM-2362
Cisco Public
85
Verify Traffic Class Controlled

Eth9/0 Cable
Verify application traffic class

control on BR
Eth8/0
show ip access-list dynamic

Extended IP access list oer#1
536870911 permit tcp any 10.1.15.0 0.255.255.255 eq telnet
536870912 permit tcp any eq telnet 10.1.15.0 0.255.255.255
MC/BR
Ser12/0 DSL
show route-map dynamic

route-map OER-02/21/06-04:27:44.419-1-OER, permit, sequence 0, identifier 1706070788
Match clauses:
ip address (access-lists): oer#1
Set clauses:
External Interface
ip next-hop 10.1.4.2
Policy routing matches: 0 packets, 0 bytes
Current active dynamic routemaps = 1

BRKIPM-2362
Cisco Public
86
Investigate Traffic Class History

Eth9/0 Cable
Traffic class log
Eth8/0
MC/BR
sh log | i 10.1.15.0
Ser12/0 DSL
*Apr 26 22:58:20.919: %OER_MC-5-NOTICE: Discovered Exit for prefix

10.1.15.0/24, BR 10.10.10.1, i/f Et9/0
*Apr 26 23:03:14.987: %OER_MC-5-NOTICE: Route changed 10.1.15.0/24, BR
10.10.10.1, i/f Se12/0, Reason Delay, OOP Reason Timer Expired
*Apr 26 23:09:18.911: %OER_MC-5-NOTICE: Passive REL Loss OOP
10.1.15.0/24, loss 133, BR 10.10.10.1, i/f Se12/0, relative loss
23, prev BR Unknown i/f Unknown
*Apr 26 23:10:51.123: %OER_MC-5-NOTICE: Route changed Appl
10.1.15.0/24 telnet, BR 10.10.10.1, i/f Et9/0, Reason Delay, OOP
Reason Loss
*Apr 26 23:19:18.919: %OER_MC-5-NOTICE: Passive REL Loss OOP
10.1.15.0/24, loss 138, BR 10.10.10.1, i/f Et9/0, relative loss
66, prev BR Unknown i/f Unknown
BRKIPM-2362
Cisco Public
87
Investigate Traffic Class History

Eth9/0 Cable
Detailed traffic class history
Eth8/0
MC/BR
sh oer master traffic-class prefix 10.1.15.0/24 detail
Ser12/0 DSL
Prefix: 10.1.15.0/24
State: INPOLICY
Time Remaining: 0
Policy: Default
Most recent data per exit

Border
Interface
*10.10.10.1
10.10.10.1
PasSDly
PasLDly
ActSDly
ActLDly
Et9/0
16
35
35
Se12/0
38
38
Latest Active Stats on Current Exit:

Type
Target
echo
100.1.1.1
TPort Attem Comps

N
DSum
Min
Max
Dly
88
40
48
44

BRKIPM-2362
Cisco Public
88
Why Is Traffic Class

Always in Default State?
Active Probes Are Not Responding
Verify active probes enabled
sh oer master | i mode monitor
Should Be Both or Active
mode monitor both
Eth9/0 Cable
clear oer master traffic-class prefix 10.1.15.0/24

Eth8/0
This will remove learned prefixes
MC/BR
Wait for probe all to complete
Ser12/0 DSL
Verify active probes responding

sh oer master traffic-class prefix 10.1.15.0/24 detail
Prefix: 10.1.15.0/24
State: DEFAULT*
@ Indicates Probe All

Time Remaining: @65
Policy: Default
No Probes Responding
Most recent data per exit
Border
*10.10.10.1
10.10.10.1
BRKIPM-2362
Interface
PasSDly
PasLDly
ActSDly
ActLDly
Et9/0
Se12/0
Cisco Public
89
Why Are Active Probes Not Responding?

Is prefix configured?
Probes must be configured for configured prefixes
Probe assigned to prefix with longest match of probe target
oer master
active-probe echo 10.1.15.9
sh oer master active-probes
State
Prefix
Type
Target
Assigned
10.1.15.0/24
echo
10.1.15.9
TPort
How
Codec
Cfgd
No parent route for prefix

BGP or static tables must include a route which includes prefix
Target is turned off, disabled

Target does not respond to echo probes
Try configuring
tcp-conn
or
udp-echo
probes
Firewall is blocking probes

Try traceroute to determine block point
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
show oer master prefix 10.1.15.0/24 traceroute now

BRKIPM-2362
Cisco Public
90
Why No Passive Measurements?

No traffic
Check EBw in show oer master prefix
No TCP traffic
Passive delay, loss, and reachability rely on TCP traffic
Long-lived TCP flows

Passive delay and reachability rely on TCP SYN, TCP ACK
Eth9/0 Cable
Eth8/0
MC/BR
Ser12/0 DSL
BRKIPM-2362
Cisco Public
91
BRKIPM-2362
Cisco Public
92

Deploying Performance Routing PFR

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Deploying Performance Routing PFR

Uploaded by

Copyright:

Available Formats

Deploying

2009 Cisco Systems, Inc. All rights reserved.

2009 Cisco Systems, Inc. All rights reserved.

2009 Cisco Systems, Inc. All rights reserved.

PfR Enhances Internet and WAN Connectivity for Prefixes

2009 Cisco Systems, Inc. All rights reserved.

Best Path Selection per Prefix,

WAN Access Links Are Biggest

By Default BGP Chooses

Shortest Path Is Not Always the

2009 Cisco Systems, Inc. All rights reserved.

PfR Best Path

2009 Cisco Systems, Inc. All rights reserved.

PfR and OER

2009 Cisco Systems, Inc. All rights reserved.

2009 Cisco Systems, Inc. All rights reserved.

Performance Routing (PfR)

BRBorder Router (Forwarding Path)

2009 Cisco Systems, Inc. All rights reserved.

Performance Routing Policy Engine

Measure Alternate Paths

2009 Cisco Systems, Inc. All rights reserved.

Master Controller (MC)

Border Router (BR)

2009 Cisco Systems, Inc. All rights reserved.

Issues commands to BRs

2009 Cisco Systems, Inc. All rights reserved.

PfR Operates on Traffic Classes

Required: Destination Prefix

2009 Cisco Systems, Inc. All rights reserved.

Measuring Traffic Class Performance

PfR NetFlow monitoring

Flows do not need to be on symmetrical

PfR enables IP SLA feature

2009 Cisco Systems, Inc. All rights reserved.

2009 Cisco Systems, Inc. All rights reserved.

Global or per Policy

Selecting Best Traffic Class Path

Select Best Performing

Remove Paths Which Do Not

2009 Cisco Systems, Inc. All rights reserved.

Selecting Best Traffic Class Path

2009 Cisco Systems, Inc. All rights reserved.

How Best Exit Path Is Enforced

Modifying BGP local preference

Installing a static route at the exit

Installing a Dynamic PBR route-map at the Exit

2009 Cisco Systems, Inc. All rights reserved.

How Best Entrance Path Is Chosen

Identify entrances to downgrade

2009 Cisco Systems, Inc. All rights reserved.

How Best Entrance Path Is Enforced

2009 Cisco Systems, Inc. All rights reserved.

PfR Typical Customers

2009 Cisco Systems, Inc. All rights reserved.

PfR Platform Support

*Announced/reached end-of-sale (EoS)

2009 Cisco Systems, Inc. All rights reserved.

Key Features of Cisco PfR

Network health reports

Easy traffic class and policy

Technical support 24 hours

Reports and alerts on