is your prob working fine ? Regards, Moataz Tolba
________________________________ From: Mohammad Moghaddas <[email protected]> To: CCIE_RS OnlineStudyList <[email protected]> Sent: Thursday, 13 February 2014, 15:45 Subject: [OSL | CCIE_RS] OT: PFR Internet Inbound/Outbound LB Hi. I hope you are all doing well, and I'm sorry for posting such a long OT. Straight to the issue, we have one 7609S which its IOS is 15.1(3)S. I should note that this an ISP environment and this router has 15 private IX peers, and 5 Exit links. I've configured the router being MC and BR the same time, 1 Internal interface, and 5 External interface. Each exit link has specific customers, we have separated each link's customers using ACL. When customer's TX traffic reaches the Internal interface, they are routed using PBR (default next-hop) to their specific exit link. Also these ACLs are referenced in a route-map assigned to each exit BGP peer, so we only advertise the customers to their specific exit BGP peer. We have categorized our BGP peers in 3 template peer-policy. *The issue is that, I see PFR configuring /30 STATIC routes to exit links (it should be /24), and much more important for me, no inbound optimization is happening.* Below you will find some partial logging plus the configurations. And I'm again sorry for such long post. Feb 13 16:41:43: %OER_MC-5-NOTICE: Uncontrol Prefix 85.133.140.168/30, Couldn't find the best exit Feb 13 16:41:43: %OER_MC-5-NOTICE: Uncontrol Prefix 85.133.140.168/30, Couldn't choose exit in prefix timeout Feb 13 16:41:43: %OER_MC-5-NOTICE: Range Entrance OOP BR 172.31.255.14, i/f Tu108, percent 100. Other BR 172.31.255.14, i/f Gi8/0/0 percent 15 Feb 13 16:41:43: %OER_MC-5-NOTICE: Load Entrance OOP BR 172.31.255.14, i/f Tu108, load 33000 policy 31350 Feb 13 16:41:43: %OER_MC-5-NOTICE: Entrance 172.31.255.14 intf Tu108 OOP, Tx BW 24, Rx BW 33000, Tx Load 0, Rx Load 100 Feb 13 16:41:43: %OER_MC-5-NOTICE: Uncontrol Prefix 220.98.114.8/30, Couldn't find the best exit Feb 13 16:41:43: %OER_MC-5-NOTICE: Uncontrol Prefix 220.98.114.8/30, Couldn't choose exit in prefix timeout Feb 13 16:41:46: %OER_MC-5-NOTICE: Uncontrol Prefix 217.169.166.40/30, Couldn't choose exit in prefix timeout Feb 13 16:41:48: %OER_MC-5-NOTICE: Route changed Prefix 188.253.53.96/30, BR 172.31.255.14, i/f Gi8/0/0, Reason Utilization, OOP Reason Timer Expired route-map CHNG_GW permit 10 description ***CUST1 through EXIT1*** match ip address CUST1 set ip default next-hop 10.30.148.169 route-map CHNG_GW permit 11 description ****CUST2 through EXIT2**** match ip address CUST2 set ip default next-hop 172.16.108.2 route-map CHNG_GW permit 12 description ****CUST3 through EXIT3**** match ip address CUST3 set ip default next-hop 172.16.101.2 route-map CHNG_GW permit 13 description ****CUST4 through EXIT2**** match ip address CUST4 !! All other customers are routed using the PRIMARY default route. !! ip route 0.0.0.0 0.0.0.0 192.168.64.1 name PRIMARY ip route 0.0.0.0 0.0.0.0 10.30.148.169 5 name PFR ip route 0.0.0.0 0.0.0.0 172.16.101.2 6 name PFR ip route 0.0.0.0 0.0.0.0 172.16.105.2 7 name PFR ip route 0.0.0.0 0.0.0.0 172.16.108.2 8 name PFR template peer-policy CUST_BGP route-map BGP_CUST_NO-OUT out default-originate soft-reconfiguration inbound send-community both exit-peer-policy ! template peer-policy BW_UPLINKS prefix-list ISP_IX-in in next-hop-self all soft-reconfiguration inbound send-community both exit-peer-policy ! template peer-policy IX route-map IX_BGP-OUT out prefix-list ISP_IX-in in next-hop-self all soft-reconfiguration inbound send-community both pfr master policy-rules PFR_BGP max-range-utilization percent 80 logging ! border 172.31.255.14 key-chain OER interface GigabitEthernet8/0/0 external max-xmit-utilization percentage 95 maximum utilization receive percentage 95 interface Tunnel101 external max-xmit-utilization percentage 95 maximum utilization receive percentage 95 interface Tunnel108 external max-xmit-utilization percentage 95 maximum utilization receive percentage 95 interface Tunnel105 external max-xmit-utilization percentage 95 maximum utilization receive percentage 95 interface POS8/1/0 external max-xmit-utilization percentage 95 maximum utilization receive percentage 95 interface GigabitEthernet5/1 internal ! learn throughput inside bgp periodic-interval 0 monitor-period 1 prefixes 200 applications 200 expire after time 30 max range receive percent 80 backoff 150 150 mode route control mode monitor fast periodic 150 no resolve delay no resolve range ! active-probe tcp-conn 216.239.32.20 target-port 80 active-probe tcp-conn 216.239.32.20 target-port 443 active-probe echo 4.2.2.4 active-probe echo 8.8.8.8 active-probe tcp-conn 173.194.34.53 target-port 443 active-probe tcp-conn 46.228.47.114 target-port 80 active-probe echo 4.2.2.1 active-probe echo 8.8.4.4 active-probe echo 4.2.2.2 pfr border local Loopback17231255 master 172.31.255.14 key-chain OER active-probe address source interface GigabitEthernet5/1 pfr-map PFR_BGP 10 match pfr learn inside set mode route control set mode monitor passive set resolve utilization priority 1 variance 10 no set resolve delay no set resolve range show pfr master: OER state: ENABLED and INACTIVE Conn Status: SUCCESS, PORT: 3949 Version: 3.1 Number of Border routers: 1 Number of Exits: 5 Number of monitored prefixes: 0 (max 5000) Max prefixes: total 5000 learn 2500 Prefix count: total 0, learn 0, cfg 0 PBR Requirements met Nbar Status: Inactive Border Status UP/DOWN AuthFail Version DOWN Reason 172.31.255.14 INACTIVE DOWN 0 3.1 OER master in special monitor mode Global Settings: max-range-utilization percent 80 recv 80 rsvp post-dial-delay 0 signaling-retries 1 mode route metric bgp local-pref 5000 mode route metric static tag 5000 trace probe delay 1000 logging exit holddown time 60 secs, time remaining 0 Default Policy Settings: backoff 150 150 150 delay relative 50 holddown 300 periodic 150 probe frequency 56 number of jitter probe packets 100 mode route control mode monitor fast mode select-exit good loss relative 10 jitter threshold 20 mos threshold 3.60 percent 30 unreachable relative 50 resolve utilization priority 13 variance 20 Learn Settings: current state : DISABLED time remaining in current state : 0 seconds throughput no delay inside bgp monitor-period 5 periodic-interval 5 aggregation-type prefix-length 24 prefixes 200 appls 200 expire after time 30 show pfr master policy: HT-CoreRT(config-pfr-mc)#do s pfr mas pol Default Policy Settings: backoff 150 150 150 delay relative 50 holddown 300 periodic 150 probe frequency 56 number of jitter probe packets 100 mode route control mode monitor fast mode select-exit good loss relative 10 jitter threshold 20 mos threshold 3.60 percent 30 unreachable relative 50 resolve utilization priority 13 variance 20 oer-map PFR_BGP 10 sequence no. 8444249301975040, provider id 1, provider priority 30 host priority 0, policy priority 10, Session id 0 match oer learn inside backoff 150 150 150 delay relative 50 holddown 300 periodic 150 probe frequency 56 number of jitter probe packets 100 *mode route control *mode monitor passive mode select-exit good loss relative 10 jitter threshold 20 mos threshold 3.60 percent 30 unreachable relative 50 next-hop not set forwarding interface not set *resolve utilization priority 1 variance 10 Best Regards, *Mohammad Moghaddas* _______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc _______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc
