Professional Documents
Culture Documents
Dave Broache
Systems Engineer
July 2009
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 1
What Can EEM Do for YOU
Auto Fault Detection and Recovery Automated Troubleshooting
Automatically Monitors Network Automate Best Practice
Status, Generate Alerts on Network Troubleshooting Steps and Collect
Failures or Switch to a Better Link Critical Information in Time
EEM
BRKSEC-2005
BRKDEV-1191_c2 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 2
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 3
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 4
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 5
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 6
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 7
EEM Event Detectors
EEM 1.0 EEM 2.2
SNMP ED Embedded Object Tracking (EOT)
Syslog ED ED
Resource ED
EEM 2.0
Redundancy framework ED
Application ED
Interface ED EEM 2.4
Counter ED SNMP notification ED
Timer ED XML-RPC ED
Watchdog ED EEM 3.0
EEM 2.1 Custom CLI ED
CLI ED Routing ED
None ED NetFlow ED
Object Insertion Removal (OIR) ED IP SLA ED
GOLD ED
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 8
EEM Platform Support Matrix
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 9
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 10
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 11
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 12
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 13
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 14
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 15
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 16
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 17
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 18
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 19
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 20
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 21
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 22
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 23
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 24
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 25
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 26
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 27
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 28
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 29
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 30
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 31
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 32
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 33
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 34
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 35
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 36
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 37
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 38
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 39
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 40
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 41
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 42
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 43
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 44
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 45
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 46
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 47
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 48
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 49
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 50
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 51
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 52
BRKSEC-2005
BRKRST-3467_c1 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 53
EEM Site @ cisco.com—
Product Information
New EEM release
announcements
General product information
EEM configuration guide
EEM policy design guides
Whitepaper and use
case studies
http://www.cisco.com/go/eem
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 54
Cisco Beyond — Product Extension
Community EEM Scripting Community
Open source scripts share,
upload, download, learn by
example
Categories include: network
management, diagnostics,
routing, QoS, high availability,
user interface, security, etc.
User comments and ratings
Example:
http://www.cisco.com/go/ciscobeyond
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 55
Trivia
Q and A
1) Question: What are the 2 types of EEM policies
a user can write?
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 56
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 57
Cisco IOS IP SLA
Todd McCree
Cisco SE
Presentation_ID © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 58
Agenda
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 59
What’s an SLA?
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 60
SLA Criteria
Easy to understand
Attainable
Meaningful
Controllable
Application/service driven
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 61
SLA Parameters
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 62
The Concept of Cisco IP SLA
IP SLA
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 63
IP SLA Technical Overview
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 64
Comprehensive Hardware Support
Enterprise and Aggregation/Edge Core
Cisco CRS-1
Cisco 12000
Cisco Catalyst 6500; Series
Cisco 10000 Cisco 7600 Series
Cisco 7300
Cisco 7200 Series
Series
Series
Access
(Responder Only)
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 65
Agenda
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 66
How Does It Work?
Hop-by-hop analysis
Edge-to-edge measurement
Measure
(IP SLA Responder)
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 67
IP SLA Sender
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 68
IP SLA Responder
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 69
IP SLA Operation with Responder
IP SLA-Control
UDP, 1967
Responder Says OK
Control
Start Listening on
Phase
UDP Port 2020
IP SLA-Test
UDP, 2020
Probing
Phase
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 70
Agenda
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 71
Configuring an Operation
R3(config)#ip sla 1
R3(config-ip-sla)# ?
IP SLAs entry configuration commands:
dhcp DHCP Operation
dlsw DLSW Operation
dns DNS Query Operation
exit Exit Operation Configuration
frame-relay Frame-relay Operation
ftp FTP Operation
http HTTP Operation
icmp-echo ICMP Echo Operation
icmp-jitter ICMP Jitter Operation
mpls MPLS Operation
path-echo Path Discovered ICMP Echo Operation
path-jitter Path Discovered ICMP Jitter Operation
slm SLM Operation
tcp-connect TCP Connect Operation
udp-echo UDP Echo Operation
udp-jitter UDP Jitter Operation
voip Voice Over IP Operation
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 72
ICMP Echo Operation
“Ping” test
Target can be any IP host
Response time is computed by measuring the time
taken between sending an ICMP echo request
message to the destination and receiving an ICMP
echo reply
Processing delays on the source router is subtracted
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 73
ICMP Echo Operation (Example)
ip sla 2
icmp-echo 10.32.130.2
tos 32
frequency 120
ip sla schedule 2 life forever start-time now
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 74
ICMP Echo Operation (Output)
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 75
UDP Jitter Operation
ip sla 1
udp-jitter 10.0.0.2 5556
num-packets 1000
request-data-size 172
tos 32
ip sla schedule 1 life forever start-time now
B C
A A = 20 ms
B = 20 s (1000 x 20 ms)
C = 40 s (60 s – 20 s)
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 77
Schedule and Stop
ip sla schedule <n> [life seconds] [start-time {pending | now | hh:mm [month day
|day month]}][ageout seconds]
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 78
Scheduling Caveat
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 79
Agenda
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 80
IP SLA Application Version
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 81
Display the Configuration State
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 82
Deleting Operations
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 83
Debugging an Operation’s Activities
debug ip sla 0
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 84
Debugging an Operation’s Errors
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 85
Debug Sample Output
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 86
Agenda
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 87
References
Suggested reading:
Cisco IOS IP Service Level Agreements User Guide
Cisco IOS IP Service Level Agreements for Voice over IP
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 88
A Complementary Solution
NetFlow IP SLA
From where? Latency
To Who? Loss
When? Jitter
How Much? Server Delay
Which Apps? (HTTP, DNS,
What ToS? TCP Connect)
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 89
Conclusion
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 90
Trivia
Q and A
1) Question: How much does IPSLA cost on a
Cisco 3845 router
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 91
BRKSEC-2005 © 2009 Cisco Systems, Inc. All rights reserved. Cisco Public 92