This ActionPacked/Cisco webinar session focuses on how the new Cisco IOS-based Application Visibility & Control offers a truly innovative service to optimize operations, maximize network investments, and extend the intelligence of the IP next-generation nework. The session covers and highlights:
Use cases on how to enable and use AVC in your network
How AVC can be leveraged for troubleshooting application issues
Use of LiveAction QoS to ensure application performance
4. Agenda
• Introduction
• Application Visibility and Control Presentation
• Questions and Answers
*A recording of this session will be posted on www.actionpacked.com
31. LiveAction: Visual Management of Cisco Networks
QoS Monitor QoS Configure IP SLA Flow LAN Routing
A “best practice” approach for QoS, NetFlow, LAN, Routing and IP SLA using a patented, expert graphical interface.
• QoS Monitoring and Configuration
• Visualize end-to-end flows, policies, routes and QoS performance
• Flexible NetFlow
• Application Response Time (ART) New!
• NBAR/NBAR2 New!
• Medianet Media Monitoring
• IP SLA capacity planning with full configuration and monitoring
• Campus LAN visualization and L2 QoS monitoring
51. Download Free Trial of LiveAction® 2.5
http://www.actionpacked.com/liveactiondownload
Watch a replay of this webinar:
http://www.actionpacked.com/ciscoavcwebinar
For More Information on ActionPacked! Networks Contact:
Steve Adams Keith Parsons
Sales Engineering & Solutions Delivery
+1-704-953-2269 mobile +1-205-514-9634 mobile
sadams@actionpacked.com kparsons@actionpacked.com
http://www.actionpacked.com
Looking at the other side of the equation, cloud and virtualization completely changed the paradigm of where the application could be sitting. It was no longer tied to a specific server. It could move around or be in a public cloud. All of sudden you couldn’t rely on that application being exactly in the location you expected it to be.
Mention about when it is available, and on whatAdvanced classification technique (multipacket engine, behavioral)IPv6 support nativelyTooling for protocol library management and 3rd party signature developmentOpen API for 3rd party Business Logic integration – OnePFoundation for application awareness across multiple Cisco solution (APM, Security)Common Protocol Library for NBAR2 across platforms, platform independent signatureYour existing policy/config using NBAR still continue to workProtocol pack
Example is netflix, webex, and youtube share the same category voice-and-videoNetflix and youtube share the same sub-category streamingFilter by encryption, p2p protocol, or tunneling protocols
FNF is opened standard. Cisco publishes the spec. Explain the difference between FNF and traditional netflowTraditional netflow has fixed fieldsWith FNF, we can choose the fields that we are interested in. The format of the flow record is communicated to the reporting toolReporting tool understands what is being sentFNF has what is called option templateExport non-traffic information such as interfaceList of VRFs, application ID to name mapping, list of interfaces
FNF has two type of fields – keyed and non-keyed fields
Challenge: Network admin is reactive because the lack of tool to proactively monitor network and application performanceWhen users call to complain about problem with the application, network admin starts troubleshooting the networkIn reality, problem may or may not be in the network. It will get worse when we start using cloud services which is off premiseWhat can we enable in the network to help the network admin better get the handle of network and application performance
ART measurement is technology we brings from NAM which provides about 37 related latency metrics, in addition to typical netflow metrics such as byte count, packet count, DSCP, input/output interfacesIt can ask NBAR for the application information and populate the flow recordAnother great feature, PA does aggregation of metric inside the router. This will reduce the # of flow records. FNF normally uses 5-tuple, while PA is 4-tuple (no source port). Latency metrics can be used for troubleshoot network issue, or quantify the application performance
Metrics collected by PA can be used to quantify user experienceCND and SND are calculated during 3-way handshakeRT is typically also driven by network latencyToo many retransmission indicated network problemsResponse Time => From the time you click a link, when does the page start loadingTransaction Time => how long to download an object?Application Delay => How long does the server take to process a request. The server farm may have some issue if AD is too high.
These are metrics reported by IOS PA, i.e. other interesting one is # of retransmissionsRetransmissions = how congest the network is
Show command to show the app ID <-> app Name mapping is ‘show flow exporter application table’. The output format will be something like X:Y, for example. The App ID is 4-byte field encoded as follow | 1-byte engine ID | 3-byte selector ID |In the output below, for example, IPSec has 13:9 which translates to 0x0D000009, when 0x0D = 13, and 0x000009 = 9Engine: cisco (CISCO_L7_GLOBAL, ID: 13)appID Name Description----- ---- -----------13:0 unclassified Unclassified traffic13:1 unknown Unknown application13:9 ipsecIPSec traffic13:12 cuseeme CU-SeeMe desktop video conference13:13 dhcp Dynamic Host Configuration Protocol13:21 kerberosKerberos13:26 netbiosnetbios13:32 pcanywhere Symantec pcANYWHERE
PA config is called MACE (Measurement Aggregation and Corelation Engine)Config is very similar to perf-mon that it uses C3PL to define what to monitor, so we can selectively choose the subnet to monitor both traffic volume and ART, and then for the rest of the traffic, just monitor traffic volumeCurrently, if you want to export app id value, then NBAR has to be enabled. In 15.2(4)M or PI19, ‘collect application name’ will auto enable NBAR, the same way FNF works.You configure ‘mace enable’ which in turn attach two service policies in in and out directions.
Multi-step analysis and verification using QoS, NetFlow, Routing and IPSLA provides a “best-practice” approach incorporated with a patented expert graphical interface.Interactive QoS Visualization, Configuration, Monitoring and ValidationExpert, rules-based QoS proactively identifies and corrects problemsEliminates need to use error-prone Command Line Interface Integrated NetFlow and IP SLA functionality for “through-the-network” flow visualization, response testing, and performance verification Real-time Monitoring and Alerting on policy issuesUnique “Event Playback” forensic visualizations Comprehensive Reporting
Explain how we want to carve out the pipe for various applicationsThis example shows percentage, but absolute is also supportedWe want to guarantee 50% to business critical trafficWhatever is leftover, guarantee 30% to web browsingWithin the leftover 30%, 60% is guaranteed for intranet