Scribd
Upload
156 views56 pages

BRKNMS 3043

sp6

Uploaded by

cool dude911
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
156 views56 pages

BRKNMS 3043

sp6

Uploaded by

cool dude911
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

BRKNMS-3043

Advanced Performance
Management
SDN & SD-WAN ++

Michael Geller
Agenda
• Introduction
• Performance Management – The Basics with IPSLA
• Performance Management for the Secure SD-WAN
• Conclusion
• Q and A

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Cisco Webex Teams

Questions?
Use Cisco Webex Teams (formerly Cisco Spark)
to chat with the speaker after the session

How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space

[Link]/ciscolivebot#BRKNMS-3043

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
My Personal & Professional Life
• 22 Years in Cisco
• Distinguished Speaker
• Principal Engineer – Security
• Other Cisco Live Sessions:
BRKSPM-2010 & BRKSEC-2602
• Focus on Cloud and Service
Providers for Security
• Areas of focus: MSSP, SDN/NFV,
SecOPS
• 2 kids, 1 wife

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Rules of the Game!
• Silence your phone, pda, pager, mp3 player…
• At CiscoLive! your evaluation is extremely important
• Please remember to wear your badge at all times
• Please visit the World of Solutions

• PLEASE! Ask questions any time

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Meet the Engineer
• To make the most of your time at Networkers at Cisco Live 2019,
schedule a Face-to-Face Meeting with top Cisco Engineers.
• Designed to provide a "big picture" perspective as well as "in-
depth" technology discussions, these face-to-face meetings will
provide fascinating dialogue and a wealth of valuable insights and
ideas.
• Visit the Meeting Center reception desk located in the Meeting
Centre in World of Solutions.

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Prerequisites
• Before attending this session, familiarities with
Cisco IOS® IP Service Level Agreements (IP SLAs)
is essential
• Configuration and generic features will be briefly reviewed
• Only new or advanced topics, as well as design recommendations
will be covered
• Some familiarity with Virtualization, SDN and NfV

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Introduction
Performance
Management – The
Basics with IPSLA

[Link]/go/ipsla
IP SLA “Moving Parts”
- ‘IPSLA Operation’ between
Source and Target IPSLAs
Responder
- Target can be another router, IPSLA- Operation
switch or IP Host.
Router

IPSLAs
Sender

IP Host

Targets
Management
(optional)

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Cisco IOS IP SLA In A Nutshell
Simple and easy to deploy
- Embedded in Cisco IOS
- CLI and SNMP access
Wide Range Coverage
- Multiple protocols
- Multiple applications
- Multiple operations
Scalable and Performance
- Platform proliferation
- Millisecond precision
- Microsecond granularity
Build-in intelligence & Flexibility
- Scheduling and reporting
- Auto discovery and intelligence
- QoS Integration
Customer proven Success

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Cisco IP SLA’s - The Big Picture
End-to-End Automated Network Health Monitor for IOS, IOS-XR, and Linux, TCP/IP, VoIP, Metro-E,
and MPLS Networks
• VoIP, TCP/IP and Application Operations
 IOS Feature Integration
• TCP/UDP/ICMP, RTP, HTTP, DNS, G.711, G.729,
Reliable Static Routing Backup (EoT + IP SLA’s)
FTP, DHCP, MoS/ICPIF, Call Setup, Gatekeeper
PfR(OER) IP core routing w/automated alternate
• IPv6 support on UDP Jitter/Echo, ICMP Echo, TCP route test via IP SLA’s
Connect) EEM Triggers via Syslog MIB
• TWAMP Responder
• Video Operations •Intelligent and Flexible Core Values
Dynamic Operations w/Multiple & Random
• MPLS OAM Operations Schedulers

Proactive Threshold Monitoring & Alerts via SNMP


• LSP Health Monitor (Ping and Echo)
Multiple Reactions per Threshold
• Equal Cost Multi-Path (ECMP) Tree Trace Threshold on Single Measurements plus Aggregate
• LSP for PWE3’s via VCCV Operation and Trend Results for Collection

Endpoint Auto-Discovery and Auto-Registration


• Metro-Ethernet Operations QoS integration
• Metro-E 802.1ag Ethernet Ping and Jitter
• MEP VLAN Auto-Discovery and Auto-Scheduling
• Y.1731
Engine 3
(15.1(1)T)
BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Uses Cases

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Use Cases

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Monitoring Availability
• IP SLA ICMP Echo Operation
– similar to ICMP Ping
– destination can be any IP host

• IP SLA Path Echo Operation


– Discover hops in path using trace route
– Per hop round trip time
– IP SLA responder not required at hops or destination

• IP SLA UDP Echo Operation


– Round Trip Time
– destination must be Cisco IOS device with IP SLA responder enabled

• IP SLA TCP Connect Operation


– TCP connect time
– Useful in estimating Telnet, SSH, SQL connection time.

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Use Cases

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Use Cases

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Use Cases

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
IPSLA software architecture
Auto IPSLAs CLI/MIB
Group
IPSLA API IPSLA OLD CLI/MIB
QOS Operation
Group/Template
Generation IPSLA Group Scheduler

IPSLA Infrastructure (Component/Oper)

IPSLA Infrastructure (Event Processor, operations store, statistics, reaction)

IPSLA Infrastructure (Component)

VOIP
(RTP/ BGP
POST-DIAL/ MPLS Next Hop
OS ICMP DNS/ GK Registration) (LSP Ping/ /
Infra (Echo/ FTP/
(Timer, LSP Trace/ ECMP IPSLA-
Ethernet UDP jitter) DHCP
Queues LSP Group) Path End Vlan
(Echo/ (Echo/ TCP HTTP
…) Disc Point Disc
Jitter) Jitter) IPSLA RTP
Disc
Application

IP Registry/domain
Symphony MPLS OAM Infra

CFM Various Layer 3-4 services (TCP, SCTP, IP routing, IP, …) CFM

Layer 2 services

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Time Synchronization

To measure One Way statistics between Source and Target devices,


using the UDP Jitter Operation, Cisco IP SLAs responder need to be
enabled, and it must be time synchronized between Source and Target
devices

The time on the Source and Target devices has to be synchronized. The
smallest drift in clock synchronization will cause latency measurements
in one direction to be smaller than expected, while in the other direction
the latency will be measured larger than expected

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Cisco IOS IPSLA Uses and Metrics
Data Service Level Streaming
VoIP Availability
Traffic Agreement Video

 Minimize packet  Minimize delay,  Measure delay,  Connectivity  Minimize delay,


Requirement

loss packet loss, jitter packet loss, jitter testing packet loss
 Maximize  One-way
bandwidth
 Verify Quality of
Service (QoS)

 Packet loss  Jitter  Jitter  Connectivity tests  Jitter


 Latency  Packet loss  Packet loss to IP devices  Packet loss
Measurement

 per QoS  Latency   Latency


IPSLAs

Latency
 MOS Voice
Quality Score  One-way
 Enhanced
accuracy
 NTP

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Performance
Management for the
Secure SD-WAN
Intelligent WAN: Leveraging the Internet
Secure WAN Transport and Internet Access
Optimized
Secure Transport

Private
MPLS (IP-VPN) Cloud
Virtual
Private
Cloud
Branch

Internet
Direct Internet Public
Access Cloud

1. IWAN Secure transport for private  Increase WAN transport capacity and
and virtual private cloud access app performance cost effectively!

2. Leverage local Internet path for  Improve application performance


public cloud and Internet access (right ©flows to right places)
2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
WAN Blindspots 43% of IT time spent
on troubleshooting

of organizations
30% 90 hours of downtime
a year (large
enterprises)

have a need for


better analytics and Estimated losses of
visibility in the WAN nearly $400 million

*IDC Worldwide SD-WAN


© 2017 Cisco and/orSurvey Special
its affiliates. Report,
All rights September
reserved. Cisco2017
Confidential
**Cisco DNA Customer Survey, June 2016
***ITIC’s 2017 Reliability and Hourly Cost of Downtime Trends Survey
vAnalytics makes your WAN more intelligent

Real-time information

Future planning
and what-if scenarios

Recommendations for
predictable app performance

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
vAnalytics is Part of the SDWAN Fabric
Cloud Delivered vAnalytics

USERS

Cloud IoT
SDWAN
OnRamp
.…….. Edge Computing

DC

DEVICES
APPLICATIONS
Cisco SDWAN Fabric IaaS

SaaS

SECURE vDC
THINGS SCALE OPEN

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
vAnalytics – Customer Adoption

Total number of
Total number Total number Total number of
unique records
of customers of unique circuits unique tunnels
per hour

75+ 400 850K 9.2M

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco SD-WAN How Cisco does it
vAnalytics
• Baseline / Trending
• Anomaly Detection
vAnalytics • Comparisons
Increasing bandwidth • Cause – and – Effect
• Capacity Planning
could take up to

90 days •

Real-time visibility
Historical Visibility
vManage • Troubleshooting Tools
• Capacity Utilization
• Network Utilization
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco SD-WAN vAnalytics

• Offered as a SaaS Service


• Multi-customer sourced data
• Anonymous Data-collection
• Reports for Customers, Partners & Cisco

Licensing
• Part of Enterprise License

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
vAnalytics – Customer Data
Data Transfer and Storage
• Client authenticated and data securely
vAnalytics transmitted from vManage to vAnalytics
Clusters Data Lake
• Data storage isolation between customers
• No PII (Personal Identifiable Information) is
collected
Data Correlation and Algorithms
• Only management data (stats, flows)
information collected
• All algorithms visualization done on a per-
customer basis
• IP Addresses collected for provider look-ups
• Peer benchmarking (future use cases) only on
a group basis. No individual customer data
used
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Screenshots &
Demo

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
vAnalytics Main Dashboard

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
vAnalytics Main Dashboard
Network Availability App vQoE

Carrier
App Bandwidth
Performance

Tunnel
App Anomalies
Performance

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Carrier Performance & Latency

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application vQoE Score

Cnet - Poor Score vQoE Score


1 - 10

Latency

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application vQoE
High Loss
loss

High Jitter
jitter

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Bandwidth – Enterprise-wide View

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Application Bandwidth - Web Apps Drilldown

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Bandwidth – Dropbox Drilldown

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Bandwidth – Dropbox, Site Drilldown

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Anomalies

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Application Anomalies – Web Apps, Per-Site View

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Anomalies – Web Apps, Site Drilldown

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Anomalies – Web Apps, Site Drilldown

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Secure edge-to-edge across the fabric

Cloud edge SD-WAN fabric Branch edge

DNS-layer Zero-trust Enterprise


Security authentication Firewall

Edge-to-edge Intrusion
Trusted Access
segmentation prevention

C97-741496-00 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Secure paths from edge to edge across the fabric
Full edge SaaS Thin, rich, or
security stack IaaS full-stack router
Secure Internet gateway Internet Simple or flexible
(SIG) with firewall options software-defined WAN options
mitigate external security risks Secure cloud edge mitigate internal security risks

Remote

DIA Users Devices


Secure data center edge

Data center

Secure WAN Edge


Branch
IOT Users Mobile
(guests) devices
Transport
independence

Secure SD-WAN fabric


C97-741496-00 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Consolidated View Client Client Client

of Service Chains AnyConnec


t
AMP
ISRv
Umbrella
ISRv
Umbrella
Umbrella
VPN vEdge vEdge
1
1 1
Internet WAN
2
2 2
vEdge

3 3
WSAv 3
ASAv 4
AMP 4
4 5
NGFWv DDoS &
3 WAF
AMP

2
5 6 5 6 6 4
4
5
Public Private
Internet
Cloud DC

Web Web Web


Serve Serve Serve
r r 1 r

Client
BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Q and A
Conclusion
Cisco Webex Teams

Questions?
Use Cisco Webex Teams (formerly Cisco Spark)
to chat with the speaker after the session

How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space

[Link]/ciscolivebot#BRKNMS-3043

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
Complete your online
session survey
• Please complete your Online Session
Survey after each session
• Complete 4 Session Surveys & the Overall
Conference Survey (available from
Thursday) to receive your Cisco Live T-
shirt
• All surveys can be completed via the Cisco
Events Mobile App or the Communication
Stations

Don’t forget: Cisco Live sessions will be available for viewing


on demand after the event at [Link]

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Don’t miss the Service Provider Hub !
5G Virtual Reality
Demos Experience
Experience 7 Essential Enjoy “Running with the 5G Bull”
Technology and 3 Generate immersive demo
Revenue with 5G demos and
join our guided demo tours

More Sessions
Check out the
Service Provider Digital Transformation Assessment
Technology Track by Take a meeting session to benchmark your
scanning the code digital readiness against your industry peers

Want to see use cases, solution details and more. Visit ©[Link]/go/sp
BRKNMS-3043 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Continue Your Education

Demos in Meet the Related


Walk-in
the Cisco engineer sessions
self-paced
Showcase labs 1:1
meetings

BRKNMS-3043 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Thank you

You might also like