ASR9k Netflow and QOS order in the inbound direction
My customer match a issue that business traffics take IP6,7 flag, then the traffics auto mapping to EXP6,7 that cause control police congestion, and ISIS flapping due to BFD flap. So they want to check which traffics have incorrect flag by netflow, so need to check ording for netflow and QOS at input direction. I check some documents, nobody notice that, so the article will show test info, you can check if you need. Finaly test result: At ingress direction, packets will be cached first by netflow, then do other action in QOS.
Btw, due to auto mapping from TOS to EXP by range, e.g: TOS 192-223 will map to EXP6; TOS 223-255 will map to EXP7. So if we want to check the issue by netflow, suggest filter EXP data, as in my follow test, check by follow command:
RP/0/RSP1/CPU0:ASR9006-G#sh flow monitor test-mpls cache brief location 0/0/cpu0 | i 7-0 Fri Jan 8 04:57:39.604 UTC LDP 44.44.44.44/32 30000-7-0 40034-7-1 - - - - Te0/0/0/2 Te0/0/0/1 Fwd 3888 36 Egr 12.1.1.1 55.55.55.55 0xff icmp 0 2048
Topology
(lo:44.44.44.44) CE1-------(Te0/0/0/2) PE1 (Te0/0/0/1)------(Te0/1/0/13)P(Te0/1/0/11)-------PE2-------CE(55.55.55.55)
Test Steps
1. Intial ping test from CE1
ping 55.55.55.55 re 100000
2. Check PE1’s info
– PE1’s Config and labels info
interface TenGigE0/0/0/2 service-policy input frank vrf 11 ipv4 address 12.1.1.2 255.255.255.0 flow ipv4 monitor test-ipv4 sampler 1-1000 ingress flow ipv4 monitor test-ipv4 sampler 1-1000 egress ! interface TenGigE0/0/0/1 ipv4 address 23.1.1.2 255.255.255.0 flow mpls monitor test-mpls sampler 1-1000 ingress flow mpls monitor test-mpls sampler 1-1000 egress ! flow monitor-map test-ipv4 record ipv4 cache entries 1000000 ! flow monitor-map test-mpls record mpls ipv4-fields cache entries 1000000 ! sampler-map 1-1000 random 1 out-of 1000 ! policy-map frank class class-default set dscp 26 ! end-policy-map ! RP/0/RSP1/CPU0:PE1#sh mpls for prefix 44.44.44.44/32 Fri Jan 8 04:08:07.576 UTC Local Outgoing Prefix Outgoing Next Hop Bytes Label Label or ID Interface Switched ------ ----------- ------------------ ------------ --------------- ------------ 20033 30000 44.44.44.44/32 Te0/0/0/1 23.1.1.3 78598884
– PE1’s netflow cache info at in direction
RP/0/RSP1/CPU0:PE1#show flow monitor test-ipv4 cache brief location 0/0/cpu0
Fri Jan 8 04:05:36.489 UTC
Cache summary for Flow Monitor test-ipv4:
Cache size: 1000000
Current entries: 2
Flows added: 6
Flows not added: 0
Ager Polls: 715
- Active timeout 0
- Inactive timeout 4
- TCP FIN flag 0
- Emergency aged 0
- Counter wrap aged 0
- Total 4
Periodic export:
- Counter wrap 0
- TCP FIN flag 0
Flows exported 0
IPV4SrcAddr IPV4DstAddr L4SrcPort L4DestPort IPV4Prot IPV4TOS InputInterface ForwardStatus ByteCount PacketCount Dir
55.55.55.55 12.1.1.1 0 0 icmp 0x68 Te0/0/0/1 Fwd 600 6 Egr
12.1.1.1 55.55.55.55 0 2048 icmp 0 Te0/0/0/2 Fwd 600 6 Ing
Matching entries: 2
– PE1’s netflow cache info at out direction, EXP 3, IPv4 TOS 0x68
RP/0/RSP1/CPU0:PE1#sh flow monitor test-mpls cache brief location 0/0/cpu0
Fri Jan 8 04:05:42.066 UTC
Cache summary for Flow Monitor test-mpls:
Cache size: 1000000
Current entries: 2
Flows added: 20
Flows not added: 0
Ager Polls: 2576
- Active timeout 0
- Inactive timeout 18
- TCP FIN flag 0
- Emergency aged 0
- Counter wrap aged 0
- Total 18
Periodic export:
- Counter wrap 0
- TCP FIN flag 0
Flows exported 0
LabelType Prefix/Length Label1-EXP-S Label2-EXP-S Label3-EXP-S Label4-EXP-S Label5-EXP-S Label6-EXP-S InputInterface OutputInterface ForwardStatus ByteCount PacketCount Dir IPV4SrcAddr IPV4DstAddr IPV4TOS IPV4Prot L4SrcPort L4DestPort
LDP 44.44.44.44/32 30000-3-0 40034-3-1 - - - - Te0/0/0/2 Te0/0/0/1 Fwd 1296 12 Egr 12.1.1.1 55.55.55.55 0x68 icmp 0 2048
Unknown 0.0.0.0/0 20035-3-1 - - - - - Te0/0/0/1 Te0/0/0/2 Fwd 1248 12 Ing 55.55.55.55 12.1.1.1 0x68 icmp 0 0
Matching entries: 2
3. Check P’s info
– P’s configuration and label info, netflow config same as above, not paste:
interface TenGigE0/1/0/13 service-policy input frank ipv4 address 23.1.1.3 255.255.255.0 flow mpls monitor test-mpls sampler 1-1000 ingress flow mpls monitor test-mpls sampler 1-1000 egress ! interface TenGigE0/1/0/11 ipv4 address 34.1.1.3 255.255.255.0 flow mpls monitor test-mpls sampler 1-1000 ingress flow mpls monitor test-mpls sampler 1-1000 egress ! policy-map frank class class-default set mpls experimental topmost 7 ! end-policy-map ! RP/0/RSP0/CPU0:P#sh mpls for prefix 44.44.44.44/32 Sun Jan 7 23:09:39.550 MyZone Local Outgoing Prefix Outgoing Next Hop Bytes Label Label or ID Interface Switched ------ ----------- ------------------ ------------ --------------- ------------ 30000 Pop 44.44.44.44/32 Te0/1/0/11 34.1.1.4 78970835
– P’s netflow cache info that include in/out, EXP only change at egress direction:
RP/0/RSP0/CPU0:P#sh flow monitor test-mpls cache brief location 0/1/cpu0 Sun Jan 7 23:06:57.820 MyZone Cache summary for Flow Monitor test-mpls: Cache size: 1000000 Current entries: 4 Flows added: 16 Flows not added: 0 Ager Polls: 1713 - Active timeout 0 - Inactive timeout 12 - TCP FIN flag 0 - Emergency aged 0 - Counter wrap aged 0 - Total 12 Periodic export: - Counter wrap 0 - TCP FIN flag 0 Flows exported 0 LabelType Prefix/Length Label1-EXP-S Label2-EXP-S Label3-EXP-S Label4-EXP-S Label5-EXP-S Label6-EXP-S InputInterface OutputInterface ForwardStatus ByteCount PacketCount Dir IPV4SrcAddr IPV4DstAddr IPV4TOS IPV4Prot L4SrcPort L4DestPort LDP 44.44.44.44/32 30000-3-0 40034-3-1 - - - - Te0/1/0/13 Te0/1/0/11 Fwd 1404 13 Ing 12.1.1.1 55.55.55.55 0x68 icmp 0 2048 LDP 44.44.44.44/32 40034-7-1 - - - - - Te0/1/0/13 Te0/1/0/11 Fwd 1352 13 Egr 12.1.1.1 55.55.55.55 0x68 icmp 0 2048 LDP 22.22.22.22/32 30001-3-0 20035-3-1 - - - - Te0/1/0/11 Te0/1/0/13 Fwd 1404 13 Ing 55.55.55.55 12.1.1.1 0x68 icmp 0 0 LDP 22.22.22.22/32 20035-3-1 - - - - - Te0/1/0/11 Te0/1/0/13 Fwd 1352 13 Egr 55.55.55.55 12.1.1.1 0x68 icmp 0 0 Matching entries: 4
版权声明:
本文链接:ASR9k Netflow and QOS order in the inbound direction
版权声明:本文为原创文章,仅代表个人观点,版权归 Frank Zhao 所有,转载时请注明本文出处及文章链接