CCIE R&S - (PfR) vSeminar

(PfR) vSeminar :: Part 1


 


Table of Contents
Course Files
Transcript
  • 1 (PfR) vSeminar :: Part 1 Closed Caption 0h 58m
    2 (PfR) vSeminar :: Part 2 Closed Caption 1h 42m
    3 (PfR) vSeminar :: Part 3 Closed Caption 1h 20m
    4 (PfR) vSeminar :: Part 4 Closed Caption 1h 19m
    5 (PfR) vSeminar :: Part 5 Closed Caption 0h 53m
    6 (PfR) vSeminar :: Part 6 Closed Caption 1h 32m
    Total Duration   7h 44m
  • 0:00:13 Alright, I'd like to welcome everybody
    0:00:14 to INE's PfR vSeminar.
    0:00:17 This is also just a portion of
    0:00:19 my live class that I'm doing this week
    0:00:21 in Belleview Washington here.
    0:00:24 So, today we are going to be going
    0:00:25 over PfR, we'll go over the basics
    0:00:27 of PfR, the fundamentals, we'll go
    0:00:29 over the "why" behind it.
    0:00:30 We'll go over a little bit about where
    0:00:31 I think the future is going with
    0:00:33 technologies like PfR,
    0:00:35 and then we'll go ahead and start with
    0:00:37 jump right into the configuration here.
    0:00:39 I'm going to expect you to have a basic
    0:00:41 understanding of just what PfR
    0:00:43 does here.
    0:00:44 In understanding the logic behind
    0:00:46 it here, but we are going to go into
    0:00:47 details, we are going to spend
    0:00:49 vast majority of our time in
    0:00:51 the configuration here.
    0:00:52 So, this morning before lunch
    0:00:53 what we'll do is we'll just go over
    0:00:56 fundamental real world type scenarios,
    0:00:59 to get to understand what PfR
    0:01:01 can do for you in your network today.
    0:01:03 Then, in the afternoon,
    0:01:04 we'll start getting a little bit
    0:01:05 more advanced.
    0:01:07 We'll start getting the little more..
    0:01:08 harder configurations,
    0:01:10 as far as lab scenario type of stuff.
    0:01:12 But what I want to do is make sure
    0:01:13 you understand what PfR can do for you
    0:01:16 today in your network here.
    0:01:18 The IOS version that we are gonna
    0:01:20 be using on my rack of equipment is
    0:01:22 gonna be the exact same IOS version
    0:01:24 you can expect in the CCIE Lab.
    0:01:26 In fact, it's the.. I used the
    0:01:28 360 topology for this boot camp here,
    0:01:30 the physical topology here.
    0:01:32 So this is the.. what you see on
    0:01:35 your screen here is the diagram
    0:01:37 here that we are gonna use,
    0:01:38 there's also a link there, a short link,
    0:01:40 where you can download the initial
    0:01:42 configs, if you wanna download
    0:01:44 the initial configs for
    0:01:46 the equipment that I'm using here,
    0:01:49 and also has the copies of
    0:01:50 the diagrams in there.
    0:01:52 So, what we'll do here is we'll
    0:01:54 start off with just the basics of
    0:01:56 what we're gonna do with PfR,
    0:01:58 how it's gonna function for us,
    0:02:00 and then like I said, this afternoon
    0:02:02 we'll go into more advanced stuff.
    0:02:03 And one of they keys with PfR,
    0:02:06 one of the things to understand,
    0:02:07 the CCIE Lab uses 12.4(15),
    0:02:13 So, use the 12.4(15)T.
    0:02:15 The problem with that version of IOS,
    0:02:18 PfR is in a major change in 12.4T
    0:02:21 So, it really came out in 12.3,
    0:02:26 it had a lot of changes in 12.4,
    0:02:31 at 12.4T, and then finally it's matured
    0:02:34 in IOS version 15.
    0:02:36 So that is a mature version.
    0:02:38 if you are gonna run it in the
    0:02:39 real world, I recommend use IOS
    0:02:41 version 15.
    0:02:42 The version that we use is not
    0:02:44 nearly as good as IOS version 15,
    0:02:47 there's a lot more features in IOS
    0:02:48 version 15 for PfR, the commands changed
    0:02:52 from OER to PfR cause it was originally
    0:02:55 called Optimized Edge Routing,
    0:02:57 then it changed to Performance Routing.
    0:03:00 They do expect that it will change,
    0:03:04 they will do a name change one more time
    0:03:07 so, they'll finalize it. So, probably
    0:03:09 in the next year or so we'll see
    0:03:11 PfR edged out, and then they'll do
    0:03:13 another name change here
    0:03:15 for the feature as the feature grows.
    0:03:18 Because the feature is this really..
    0:03:20 the functionality was very limited
    0:03:22 in the begining, but it's really grown
    0:03:24 over the last few years here.
    0:03:26 And it's gonna only grow
    0:03:27 in the future here.
    0:03:29 There's some other things they're
    0:03:30 gonna do with PfR in the future.
    0:03:32 Simplify the configuration, that's
    0:03:34 the biggest complaint that they have
    0:03:36 with it, the configuration is
    0:03:38 complicated, is convoluted,
    0:03:39 it's not well documented,
    0:03:42 and you run into a lot of problems
    0:03:44 if you don't run the exact IOS version
    0:03:47 that they use in the examples that like
    0:03:50 show, like on CISCO's website there.
    0:03:54 So, let's look at what PfR
    0:03:57 can do for us here, let me switch my
    0:03:59 image here,
    0:04:02 open up another image real quick,
    0:04:06 and..
    0:04:09 let's talk a little bit about what PfR
    0:04:12 can do for us here.
    0:04:13 So, let me break down here,
    0:04:18 go to a different layer there, alright.
    0:04:24 So, let's say we have this simple
    0:04:26 situation, one router connected
    0:04:29 to the internet.
    0:04:30 So, this is a small office,
    0:04:32 we got a single router, we have two
    0:04:34 connections to the internet here.
    0:04:35 So, over on this side here,
    0:04:40 on the back side here,
    0:04:43 this is our internal network here.
    0:04:46 So, this is the internal network here,
    0:04:49 and then this is connected to
    0:04:51 ISP A, and this is connected to ISP B.
    0:04:58 So, how do we normally do a situation
    0:05:00 like this, we've got two connections
    0:05:01 to an ISP, one's primary, one's backup.
    0:05:05 So, let's say this one here,
    0:05:07 let's say this is small of..
    0:05:09 this is a 20 meg metro-e,
    0:05:11 and this is a 10 meg metro-e backup.
    0:05:17 So, it were too small to really run BGP.
    0:05:20 The ISPs are not gonna run one, or run
    0:05:22 BGP with a CR.
    0:05:23 So how do we normally solve this issue,
    0:05:25 does anybody know?
    0:05:27 We do static routes, right?
    0:05:28 So we'll do a static route
    0:05:30 So, what we'd normally do,
    0:05:32 is we put a static route on
    0:05:34 so 0.0.0.0 here /0 pointing out this way
    0:05:40 and then we'll do another static route,
    0:05:43 out this what with a higher
    0:05:44 administrative distance, right?
    0:05:47 so, it's a higher administrative
    0:05:48 distance here, so we'll give it
    0:05:49 administrative distance of 5 here.
    0:05:54 So, what's the drawback
    0:05:55 of doing this here.
    0:05:59 We can't use, yeah, correct.
    0:06:00 If we have a customer
    0:06:02 or if an internal user wants to..
    0:06:07 If an internal user here wants to go
    0:06:09 from here, and goes out to the internet,
    0:06:13 he may be actually going to that
    0:06:14 ISP there.
    0:06:16 So, that's say, a real drawback
    0:06:19 if you end up.. you going this length
    0:06:20 to just get to that ISP.
    0:06:22 So maybe what we do is we do a little
    0:06:24 bit more static routes,
    0:06:26 So we do some static routes
    0:06:27 pointing over to ISP B, that says
    0:06:29 ok, routes, networks, that this
    0:06:31 guy has.. we will go ahead and put
    0:06:33 static routes in here.
    0:06:34 For this here.
    0:06:36 So, we'll put some static routes in here
    0:06:37 pointing to ISP B.
    0:06:39 An then if they get.. if that interface
    0:06:41 goes down, then what we'll do
    0:06:42 is we'll switch over to the default
    0:06:44 route four.
    0:06:45 So, we can do some things
    0:06:47 but what about now if we are looking at
    0:06:51 a connection that's maybe
    0:06:54 right behind ISP B.
    0:06:55 So, maybe ISP C,
    0:06:58 is connected over to ISP B,
    0:07:00 but yet it's four AS hops away
    0:07:03 from ISP A.
    0:07:05 So, now we do more static routes,
    0:07:06 and more static routes, and it just..
    0:07:08 it just doesn't work.
    0:07:09 so what normally would people do
    0:07:12 is they just go in
    0:07:14 and they just do the two static routes,
    0:07:17 they do the primary static route
    0:07:19 and then the floating static route.
    0:07:21 Normally what you gonna do is something
    0:07:23 like.. we're gonna focus on just PfR,
    0:07:25 we're not gonna go into the...
    0:07:27 to using like...
    0:07:28 IP SLA enhanced object tracking
    0:07:30 and so forth.
    0:07:31 But if you are gonna use static routes
    0:07:32 in the real world you are gonna probably
    0:07:34 use something like
    0:07:35 IP SLA enhanced object tracking
    0:07:36 just to track reachability
    0:07:38 to the far end.
    0:07:41 Then remove the static route when you
    0:07:42 can ping the far end router there.
    0:07:44 It's the thing about metro-e,
    0:07:46 we don't get state information.
    0:07:48 When the router on the other side
    0:07:50 goes down, there's gonna be
    0:07:52 some switches in the middle and
    0:07:53 we're gonna lose that state information.
    0:07:56 So we really won't know, if we
    0:07:57 put a static route in,
    0:07:58 when this.. our interface could be up
    0:08:00 but the ISP could be down.
    0:08:02 So, what we're gonna probably do in the
    0:08:03 real world it's some sort of
    0:08:05 IP SLA enhanced object tracking
    0:08:08 so we ping the far end all the time.
    0:08:10 So, basically our state for the
    0:08:12 static route is not just necessarily
    0:08:13 the interface, but is also
    0:08:15 reachability to the far end.
    0:08:16 But that's beyond what we're
    0:08:18 gonna go over here, we're focusing on..
    0:08:20 we are just focusing on PfR here.
    0:08:24 So, the drawback of this is too..
    0:08:26 What's gonna happen when this link gets
    0:08:28 100% utilized.
    0:08:31 This link sits and has what,
    0:08:33 0% utilization on it.
    0:08:35 So it's unused.
    0:08:36 You are paying for something
    0:08:37 you can't use.
    0:08:39 So, it sits here.. and this is what
    0:08:41 we've done for years,
    0:08:42 we've assumed and we've accepted it.
    0:08:44 For years we have accepted..
    0:08:47 accepted this kind of situation.
    0:08:50 just like with spanning tree,
    0:08:51 traditional spanning tree.
    0:08:52 We.. legacy spanning tree, we have
    0:08:54 accepted that it's gonna remove
    0:08:56 it's gonna block a lot of our links.
    0:08:59 So we.. as soon as we put in
    0:09:01 if we put in a bunch of Gig links
    0:09:03 we lose a good portion of them
    0:09:05 between the switches doing spanning tree
    0:09:07 we've always accepted that.
    0:09:09 But the future, when we are looking
    0:09:11 at stuff like trial replacement for
    0:09:13 spanning tree and some of the
    0:09:14 other things that aren't even looked at
    0:09:15 even running BGP at layer 2
    0:09:17 which people are talking about here,
    0:09:19 for layer 2 here.
    0:09:21 They're.. you are trying to utilize
    0:09:23 all the links.
    0:09:24 And that's what we're trying to do here,
    0:09:26 We're trying to utilize
    0:09:27 all the links here.
    0:09:28 What ideally we would have had happen,
    0:09:31 is that these links get used
    0:09:33 equally here.
    0:09:35 So, that these links get used equally,
    0:09:37 connected to the internet here.
    0:09:40 So if this one runs at..
    0:09:42 you know, maybe what I wanna do
    0:09:43 is some sort of..
    0:09:46 so if this one gets near 100%,
    0:09:49 then I wanna start using
    0:09:51 this link here.
    0:09:52 Once I start getting near 100% I wanna
    0:09:54 fail over and start using that link.
    0:09:56 So rather than it look like
    0:09:57 two links to me.
    0:09:59 So rather than it look like a 20 Meg
    0:10:01 link, and a 10 Meg link,
    0:10:03 so I should say "or" 10 Meg link,
    0:10:04 use one or the other,
    0:10:06 what I'd rather it look like is just
    0:10:07 one 30 Meg link.
    0:10:10 So what I'd rather have to do is use
    0:10:12 the primary, use the primary,
    0:10:15 but once utilization starts to get high
    0:10:17 on the primary, switch over.
    0:10:19 Switch over, to start using
    0:10:21 new traffic, starts going on
    0:10:23 the other path.
    0:10:25 So automatically do that.
    0:10:26 So before it gets congestion,
    0:10:28 before users can't reach
    0:10:30 the internet and they start calling you,
    0:10:32 you know, to try to fix this
    0:10:33 problem and manually use some static
    0:10:34 route or something.
    0:10:35 What you would rather do,
    0:10:37 is you'd rather.. the router
    0:10:38 go ahead and say look,
    0:10:39 I've got utilization,
    0:10:40 utilization is at 95%,
    0:10:42 You've configured me
    0:10:44 to start routing traffic over to ISP B,
    0:10:46 once we hit that 95%.
    0:10:50 That's intelligent routing, that's
    0:10:51 performance routing.
    0:10:53 That's what you wanna do.
    0:10:56 So you wanna rather have a 10 "or"
    0:10:59 a 20 Meg link, you'd rather have
    0:11:01 a 10 "and" a 20 Meg link.
    0:11:05 So, let's look at another scenario here.
    0:11:08 So, move this down here.
    0:11:12 let's say we had another
    0:11:13 situation here.
    0:11:16 And, let's say the other situation was..
    0:11:20 I have a.. the company is outsourced
    0:11:23 their documents, they've outsourced
    0:11:26 their office suite to google docs.
    0:11:29 So, let's say they've.. or they went
    0:11:31 through Microsoft 365.
    0:11:33 So, whatever. Some airline service.
    0:11:35 We've got a couple Microsoft employees
    0:11:36 in here so we're going to be nice
    0:11:37 to them today.
    0:11:38 When we're gonna be searching today
    0:11:39 we're gonna probably use Bing.
    0:11:40 We won't find anything, but we'll
    0:11:42 probably use Bing today.
    0:11:45 So we've got Microsoft employees,
    0:11:46 the building right behind, you guys
    0:11:48 can't see it but, you guys online,
    0:11:50 the building right behind you is a
    0:11:51 big Microsoft building.
    0:11:52 So, we've got some employees in here.
    0:11:55 It's been a rough two weeks for them,
    0:11:56 getting picked on.
    0:11:58 Alright, so let's say we're going to go
    0:12:00 to Google Docs.
    0:12:03 So, Google Docs here,
    0:12:05 and..
    0:12:07 what we want to do
    0:12:10 so, if..
    0:12:12 pen pad it's a little slipery,
    0:12:13 new pen pad here.
    0:12:15 What we wanna do,
    0:12:16 is.. I want the router
    0:12:18 to route traffic to Google Docs,
    0:12:21 based upon the latency to Google Docs.
    0:12:23 That's all I want.
    0:12:24 I don't care if you go out ISP A
    0:12:26 or ISP B.
    0:12:27 I want the best perfomance.
    0:12:29 So, that's what you wanna tell the..
    0:12:31 when you say.. when your manager
    0:12:33 comes to you and says you know we've got
    0:12:34 two links to the network,
    0:12:36 to the internet here, which one are we
    0:12:38 gonna use for Google Docs, you say
    0:12:39 I will have the router select the best.
    0:12:42 The router will select the best
    0:12:43 based upon which ISP is giving me the
    0:12:45 best performance.
    0:12:47 So, what I'll do..
    0:12:48 is I'll configure PfR.
    0:12:51 An then I'll do PfR just for
    0:12:52 traffic to Google Docs.
    0:12:54 So, let's say it's
    0:12:56 you know, let's just say it's 8.0.0.0/8
    0:13:00 just for simply.. of course it's not
    0:13:01 a whole class A for Google Docs,
    0:13:03 but just for simplicity say here.
    0:13:04 So, what I'll do
    0:13:05 is I will configure PfR
    0:13:07 to monitor de delay
    0:13:09 to Google Docs at both links.
    0:13:11 And if one falls out of
    0:13:14 a relative.. if one has a major relative
    0:13:16 change, or if one has an absolut delay,
    0:13:19 that I don't.. that I say it's too long,
    0:13:22 it will start looking at the other link
    0:13:23 to see if the other link has a better,
    0:13:25 a lower delay.
    0:13:27 So you can have it switch over here.
    0:13:29 So it could either be relative delay,
    0:13:31 meaning it's normally 50 miliseconds
    0:13:33 but now it's gone to 80 miliseconds,
    0:13:35 you could say, I don't want that,
    0:13:37 now I've had too much of a change,
    0:13:39 now look at the other link.
    0:13:41 So I can tell the user,
    0:13:43 that I can give you the best
    0:13:44 performance between the two links.
    0:13:47 Because that's what you want
    0:13:48 at the end of the day.
    0:13:50 You wanna tell the users that you..
    0:13:52 you have two links and it will route
    0:13:54 based upon the best performance,
    0:13:55 automatically here.
    0:13:56 Mean you look like a genius,
    0:13:58 when you set this kind of stuff up.
    0:14:01 You know, and you use PfR
    0:14:02 people think "Oh, I'm not gonna use PfR"
    0:14:04 it's got.. it's just too much changes..
    0:14:06 there's too many things, I don't
    0:14:07 understand it, I'll stick to my OSPF
    0:14:09 and static routes, you know.
    0:14:11 But, it's the future.
    0:14:13 The future is not routing based upon
    0:14:15 legacy protocols.
    0:14:16 OSPFv2, 20 years old.
    0:14:19 You think about what protocols do you
    0:14:20 use today that's that old.
    0:14:22 Besides spanning tree.
    0:14:24 Not very many.
    0:14:26 Here. So that's one good use for it here
    0:14:31 Another use to like it do here, for..
    0:14:36 another good use I could do here, for..
    0:14:40 get my eraser here,
    0:14:43 rather than just based upon
    0:14:45 the latency of a particular traffic here
    0:14:49 what I can do here is..
    0:14:55 I can try to keep the links in
    0:14:56 balance with eachother.
    0:14:58 So, what I want is,
    0:15:01 to do is I want the links to..
    0:15:04 if this one's running at 50%,
    0:15:08 I want this one to run at 50%.
    0:15:13 So, I want them both to run at 50%.
    0:15:15 How would you do that today?
    0:15:17 There's not really many ways you can
    0:15:19 do that; I'll tell you could hack it up.
    0:15:21 You could do.. you could put
    0:15:24 another default route down this way..
    0:15:28 You could put three.. to take of that..
    0:15:32 Take that floating static off,
    0:15:34 put a primary, point this default
    0:15:37 to the primary address,
    0:15:39 and this one to a secondary address
    0:15:41 on the same interface.
    0:15:43 So, basically you would have
    0:15:44 three routes in the table, and this one
    0:15:45 points to the primary on the other end.
    0:15:48 Is not a great solution but,
    0:15:49 I mean, it will install three
    0:15:52 default routes in, two down this way,
    0:15:55 one this way; you do.. you point
    0:15:57 the second one to the secondary address,
    0:15:59 the other side has two addresses on,
    0:16:01 so you point to the second one down it.
    0:16:04 So, you could do two to one,
    0:16:05 but even if you did that,
    0:16:07 it'd be really odd if you did that, but
    0:16:11 let's say, let's go back to something
    0:16:12 normal here,
    0:16:14 but you.. but you can do that, there's a
    0:16:16 possibility I recommend if you,
    0:16:17 if you wanna know how it works like
    0:16:19 just try it out, put on a secondary
    0:16:20 address, point to a static route
    0:16:22 to the primary, then in.. the exact same
    0:16:25 static route pointing to the secondary
    0:16:26 address, you'll see it installs
    0:16:28 two routes.
    0:16:29 So, it does basically static
    0:16:30 can do unequal cause load balancing.
    0:16:32 So it can install two routes one way,
    0:16:34 one route the other way.
    0:16:36 So, it could do an.. I guess..
    0:16:38 the correct term is actually load
    0:16:39 sharing, is not load balancing,
    0:16:41 which we will go into in a minute here.
    0:16:43 You can actually do it without the
    0:16:44 protocols too, you can do it with RIP,
    0:16:46 you can do secondary addresses and it'll
    0:16:48 install two routes in there.
    0:16:49 So, but you don't see it every use,
    0:16:51 it's more like a stupid router trick,
    0:16:53 for lack of a better term there.
    0:16:55 Alright, so let's say we have two
    0:16:56 static routes,
    0:16:57 both pointing down here,
    0:16:58 so they're both active,
    0:17:00 how does the router..
    0:17:02 how does the router actually
    0:17:04 balance the traffic here.
    0:17:08 How does the router balance the traffic?
    0:17:10 by default, using CEF
    0:17:12 so this is a.. an ISR.
    0:17:14 It's gonna be balanced based upon what,
    0:17:15 the source and destination address
    0:17:17 hash, right?
    0:17:18 The source and destination address hash.
    0:17:20 So, what is gonna do it's is gonna send
    0:17:22 one connection,
    0:17:24 it's gonna send
    0:17:25 one connection this way,
    0:17:27 and it's gonna send one connection
    0:17:28 that way.
    0:17:29 Then it's gonna send one connection
    0:17:30 this way,
    0:17:31 then it's gonna send one connection
    0:17:33 that way.
    0:17:35 But in our case it's not gonna work.
    0:17:37 Because, we've got a 10 Meg,
    0:17:39 and a 20 Meg.
    0:17:40 So that's not gonna work.
    0:17:42 So that won't work for us here.
    0:17:45 Cause we have one that's higher
    0:17:47 a higher bandwidth here, plus it
    0:17:50 you'd.. what you are doing
    0:17:52 today was CEF, is not load balancing.
    0:17:54 If anybody tell you CEF is doing
    0:17:56 load balancing, they're incorrect.
    0:17:59 what CEF is doing is load sharing.
    0:18:02 there is a key difference between
    0:18:03 load sharing and load balancing.
    0:18:07 Load balancing actually looks at
    0:18:09 the utilization on the link and
    0:18:11 determines and makes decisions
    0:18:13 based upon utilization.
    0:18:14 Load sharing,
    0:18:16 is just that they share the bandwidth.
    0:18:18 I mean, they share the load.
    0:18:19 But they don't..
    0:18:20 they don't try to balance it.
    0:18:22 When you do two static routes,
    0:18:25 that's not load balancing,
    0:18:26 that is load sharing.
    0:18:28 anybody that tells you it's load
    0:18:30 balancing is incorrect.
    0:18:31 That's why when you go to the routing
    0:18:33 table and you look at
    0:18:35 like EIGRP it says the share count.
    0:18:37 We look at CEF, it talks about the share
    0:18:40 ok, it's not balancing,
    0:18:42 they're just sharing the load.
    0:18:45 it's like, if I send one connection
    0:18:47 this way,
    0:18:48 and this connection is..
    0:18:50 ends up burning up 5 Megs,
    0:18:53 this connection, this way,
    0:18:55 ends up burning 8 Megs.
    0:18:59 The next connection comes in this way,
    0:19:02 and that connection burns 1 Meg
    0:19:04 of traffic, the next one comes in
    0:19:06 this way, and this one tries to..
    0:19:08 tries to burn about 5 Megs.
    0:19:12 That's not load balancing, is it?
    0:19:14 That's just they're sharing the load.
    0:19:16 The other one would be.. the second
    0:19:17 one would be overloaded anyways.
    0:19:18 That's just they're sharing the load,
    0:19:20 you are sharing the load, you're not
    0:19:22 balancing it, CEF doesn't look at..
    0:19:24 when CEF goes to make the decision on
    0:19:26 which flow to send down which link,
    0:19:28 when it has multiple
    0:19:30 links to send it down, it doesn't look
    0:19:31 and say with the interface utilization
    0:19:33 on this one is X, and this one is Y,
    0:19:36 Y is lower than X, so I'm gonna keep
    0:19:37 doing this one.
    0:19:39 They don't do that.
    0:19:39 Could they've done it? Yeah,
    0:19:40 probably they could have done it.
    0:19:42 Here.
    0:19:43 So this is load sharing,
    0:19:46 you just hope that at the end of the day
    0:19:48 it ends up balancing itself out.
    0:19:50 But, ideally what you would have is
    0:19:54 rather than just do it per connection,
    0:19:56 you would say ok, when this one..
    0:19:58 when this one has..
    0:20:02 when this one has 10 Megs of traffic,
    0:20:04 and this one has 7 Megs,
    0:20:07 well let's say 5 Megs of traffic here
    0:20:10 they could be considered balanced
    0:20:12 as far as.. load sharing..
    0:20:16 load balancing goes I should say,
    0:20:17 load balancing goes,
    0:20:18 'cause each one is 50%,
    0:20:21 so it is balancing,
    0:20:23 so then, if this one kicks up to
    0:20:25 15 Megs, here..
    0:20:28 it can push 7.5 Megs here.
    0:20:32 And it can do this by looking at
    0:20:34 the through put of the interface.
    0:20:36 So, PfR can look at the through
    0:20:38 put of the interface, and make
    0:20:39 this decision on where to send
    0:20:41 the next traffic.
    0:20:43 So the next traffic that gets routed
    0:20:45 down, it could go ahead and say
    0:20:46 you know what, I wanna route
    0:20:47 that traffic this way.
    0:20:48 Or I wanna route that traffic that way.
    0:20:51 So it can make this intelligent decision
    0:20:55 Cause that's what you're looking for
    0:20:56 at the end of the day, you want
    0:20:57 the router to make intelligent decisions
    0:21:00 and you also want the router..
    0:21:04 so let's say we make it a little
    0:21:05 bit harder here..
    0:21:08 so let's say we have this situation here
    0:21:12 just like we have this situation,
    0:21:13 now we have three connections
    0:21:14 to the internet here.
    0:21:16 So we have 3 connections to the internet
    0:21:18 So, let's say..
    0:21:20 this is a.. this is one..
    0:21:22 let's say this is a primary,
    0:21:24 so this is 20 Megs,
    0:21:27 this is primary 20 Megs,
    0:21:31 and this one's just a backup link
    0:21:33 of 10 Meg.
    0:21:36 Now, how in the world would you
    0:21:38 be able to do true load balancing
    0:21:40 between two routers.
    0:21:42 You really couldn't.
    0:21:44 Yeah you could try some techniques,
    0:21:46 that's not load balancing, that's..
    0:21:48 you're balancing the connections,
    0:21:49 but you are not balancing the load;
    0:21:51 you are not actually looking at
    0:21:52 the load to determine where you're
    0:21:54 gonna send the traffic.
    0:21:55 That's what you want at
    0:21:56 the end of the day.
    0:21:57 You don't care if it's equal number of..
    0:22:00 If this one's got 10 connections
    0:22:01 and the other one has 10 connections,
    0:22:03 because one may have 10 connections
    0:22:04 that's 15 Megs, one may have 10
    0:22:06 connections that's 2 Megs.
    0:22:09 That's not really what we want.
    0:22:10 We want some device to make
    0:22:13 to make a big pitcher look at
    0:22:14 the network here and make decisions
    0:22:16 between the two devices,
    0:22:18 because you can't have this guys talk,
    0:22:20 this guys aren't going to talk
    0:22:21 to eachother and say hey look
    0:22:22 you know I'm running about 15 Meg
    0:22:24 utilization, what are you running?
    0:22:26 oh, you are running at 5 well
    0:22:27 I'll go ahead and send the traffic
    0:22:28 to you.
    0:22:29 What are you gonna do for that,
    0:22:31 static routes?
    0:22:32 OSPF?
    0:22:34 BGP? I mean ,what are you gonna do?
    0:22:35 I mean, there's nothing you can
    0:22:36 really do here.
    0:22:38 You don't have protocols that actually
    0:22:39 look at the utilization of the link.
    0:22:42 An then make this decisions
    0:22:44 based upon it here.
    0:22:47 So that's what we want, we want a router
    0:22:49 to make that intelligent decision.
    0:22:51 We want a router
    0:22:52 or we want some sort of offline device
    0:22:54 to make that intelligent decision.
    0:22:56 Where the future's going?
    0:22:58 I don't know if
    0:22:59 if PfR or what CISCO's plan is..
    0:23:02 but I would imagine it moves
    0:23:03 off a router.
    0:23:04 It moves to a centralized device,
    0:23:07 that makes so you take the control
    0:23:09 plane, or part of the control off
    0:23:10 of the router.
    0:23:11 And then you make intelligent decisions
    0:23:13 based upon the full network view.
    0:23:17 Here, and that's what companies like
    0:23:19 Google are doing today with open flow.
    0:23:21 Their decision making is done offline
    0:23:24 by a central device, they moved
    0:23:26 the control plane to a central device,
    0:23:28 it makes the decisions, and then it
    0:23:29 implements those decisions down to
    0:23:32 the devices in the network there.
    0:23:37 So, let's look at one more example here.
    0:23:39 So let's say I had this design here.
    0:23:43 So let's say that CISCO's sales guy
    0:23:45 got a hold of me and he sold me
    0:23:46 all these routers here.
    0:23:48 He sold me redundancy
    0:23:49 out the wazoo here, huh?
    0:23:50 There are all kinds of redundancy here.
    0:23:53 Alright, so let's say we wanna go from..
    0:23:58 from A to B
    0:24:00 So this is datacenter A,
    0:24:03 this is datacenter B here.
    0:24:05 Now how are we going to do any sort of
    0:24:09 how are we gonna be able to do
    0:24:10 any sort of load balancing on this.
    0:24:13 In this fabric, with this network
    0:24:15 the way it is here.
    0:24:17 That would be really hard to do
    0:24:18 wouldn't it?
    0:24:19 I mean how can one router get a
    0:24:21 full pitcher of what's going on.
    0:24:23 Ideally you have some device
    0:24:26 that's sitting there and has a full
    0:24:27 view of the network
    0:24:28 and it makes intelligent decisions
    0:24:30 on where to send traffic.
    0:24:32 So it truly balances the traffic.
    0:24:34 So it says ok, the first connection
    0:24:36 you may start going down this link here,
    0:24:38 then the second connection goes
    0:24:39 down that link,
    0:24:41 then maybe the third goes down that link
    0:24:43 and then based upon the load,
    0:24:44 one starts going like this here.
    0:24:47 An then another one starts going
    0:24:48 this way here.
    0:24:50 Based upon the load here.
    0:24:52 So, it truly balances
    0:24:54 the network, you can have..
    0:24:57 you can not take a routing protocol
    0:25:00 and balance the network, you can balance
    0:25:02 some links, you can share the load
    0:25:05 in a couple links but you can't
    0:25:07 share the load among the whole network.
    0:25:10 You can't truly balance it
    0:25:11 among the whole network.
    0:25:14 And that's really what you want
    0:25:16 at the end of the day, you want a fully
    0:25:17 utilized, you see.. we've grown up
    0:25:20 in an age of redundant links
    0:25:22 that aren't utilized, spanning tree's
    0:25:24 classic example.
    0:25:26 It doesn't make sense,
    0:25:27 why do I put in.. why do I put in three
    0:25:30 links and then one isn't gonna get used.
    0:25:33 You know, why do that.. I mean only
    0:25:35 people get advantage of is people who
    0:25:36 sell ports, you know.. cause
    0:25:38 spanning tree ends up blocking one.
    0:25:39 So why do I have all this links
    0:25:41 if I can't use them.
    0:25:42 You know, and this is what I wanna do,
    0:25:45 I want the network to look
    0:25:46 like one fabric.
    0:25:47 One infrastructure, and I want one
    0:25:49 central device or a pair of devices
    0:25:52 as redundancy, making those decisions on
    0:25:55 where to send traffic, because
    0:25:57 an individual router can't make
    0:25:58 that proper decision.
    0:26:00 He doesn't have a true view of
    0:26:01 the network, he has his view
    0:26:03 of the network, router seven has his
    0:26:05 view of the network here,
    0:26:06 that's all he has.
    0:26:07 He doesn't know what's really
    0:26:08 going on out here.
    0:26:11 So, what you would rather have..
    0:26:14 what you would rather have
    0:26:17 is some device
    0:26:19 and some sort of controller here,
    0:26:22 since offline looks at what's going
    0:26:24 on the network and then makes
    0:26:25 intelligent decisions.
    0:26:26 Makes those intelligent decisions
    0:26:28 on where to route traffic,
    0:26:29 and how traffic should be routed
    0:26:31 through the fabric here.
    0:26:32 That's what you want at
    0:26:33 the end of the day.
    0:26:34 That's what open flow does,
    0:26:36 that's what Google does today,
    0:26:37 you may not know it, but if you..
    0:26:39 if you go to Google,
    0:26:40 you use open flow.
    0:26:42 You know, I mean.. people talk about
    0:26:43 open flow and they talk about
    0:26:45 is it mature? is it ready to go?
    0:26:47 it's there today, 7% of the internet
    0:26:50 runs on it,
    0:26:50 whatever percent is a traffic
    0:26:52 Google uses, 6%, whatever here.
    0:26:55 You want to make real views
    0:26:57 of the network, you want to see what's
    0:26:58 really going on, you wanna treat it as
    0:27:00 one fabric, not individual
    0:27:02 devices making individual decisions.
    0:27:04 Because that's not ideal.
    0:27:06 What you could have is you know what
    0:27:08 if the controller gets lost they all
    0:27:10 fall back to the individual decisions.
    0:27:12 It's all you need,
    0:27:13 fall back to the old style.
    0:27:14 So these route through OSPF
    0:27:16 or whatever you have going here MPLS
    0:27:17 traffic, engineering tunels or whatever.
    0:27:22 With PfR what will happen is if
    0:27:24 you lose communication, with PfR
    0:27:25 should go into, yeah they fall back.
    0:27:27 They merely fall back to their..
    0:27:29 their.. what the routing was done before
    0:27:31 PfR made any changes.
    0:27:34 Alright, and then you know, the
    0:27:36 you can lay in open flow on top of..
    0:27:39 you can lay an open flow on top of MPLS
    0:27:41 and there's a lot of advantages
    0:27:42 to doing it here.
    0:27:45 But highly recommend if you're
    0:27:48 I highly recommend if you're into
    0:27:49 networking, you're not just in the CCIE
    0:27:51 passing the CCIE Lab.
    0:27:53 You check out openflow.org, look
    0:27:54 at some of the videos, look at some of
    0:27:55 the things that are going on.
    0:27:57 Look at some of the new technologies
    0:27:58 that are.. that are coming out
    0:27:59 because the future really truly is
    0:28:03 moving the control plane offline.
    0:28:05 Moving the control plane off of the
    0:28:07 individual routers
    0:28:08 and having one centralized device
    0:28:10 making those control plane decisions.
    0:28:13 Now, you may have control.. you may..
    0:28:15 here's what people think, they think
    0:28:17 oh I'm scared, I don't want some router
    0:28:18 to make this decisions for me.
    0:28:20 I don't want some.. sorry some router,
    0:28:22 but some offline server to make
    0:28:23 this decisions for me.
    0:28:24 But in reality what you're gonna have
    0:28:26 happen here
    0:28:29 is that, you may just do it for a
    0:28:31 subset of traffic.
    0:28:32 What I may do is implement PfR,
    0:28:34 I may implement PfR for
    0:28:36 just voice traffic.
    0:28:39 Or, maybe just some sort of traffic
    0:28:40 to a certain server.
    0:28:42 I don't implement wow for the
    0:28:43 whole network, just certain traffic.
    0:28:46 So certain traffic that I want to
    0:28:48 implement for PfR.
    0:28:51 But today though, PfR is not at the
    0:28:54 level where it can do an advanced
    0:28:56 fabric like this.
    0:28:57 I think this is where CISCO's going.
    0:29:00 Today what we can do with PfR
    0:29:02 is we can look at..
    0:29:05 we can configure PfR to look at like
    0:29:07 two routers like this here,
    0:29:09 and then make intelligent decisions on
    0:29:10 how to load out, how to send the traffic
    0:29:12 out this fixed links.
    0:29:14 But it can't go this level,
    0:29:17 then that level and then finally
    0:29:18 down to here.
    0:29:19 You can't have a hierarchy on PfR,
    0:29:22 it's just one edge you have.
    0:29:24 But I think in the next iteration we'll
    0:29:26 probably see you'll get to that full
    0:29:27 level of hierarchy.
    0:29:29 So, rather than optimized edge routing
    0:29:31 which is what we're doing basi-
    0:29:33 basically here's edge
    0:29:34 so this would be considered the edge
    0:29:36 of our network here.
    0:29:38 Whether in optimized edge routing
    0:29:40 it's gonna be true full view
    0:29:42 of the network, it's gonna look beyond
    0:29:44 one edge, it's gonna look, it's gona say
    0:29:48 so rather than just looking at this
    0:29:49 guy's utilization, and this guy's
    0:29:51 utilization, it actually starts to
    0:29:53 look at that guy AND that guy.
    0:29:55 And that guy, and that guy there.
    0:29:58 So it actually starts looking deeper
    0:29:59 into the network here.
    0:30:01 The way you'd implement it today,
    0:30:03 if this was your network here,
    0:30:05 you would implement one PfR
    0:30:09 configuration down here,
    0:30:10 then a totally separate one up here.
    0:30:14 So, this guys are looking down
    0:30:16 in this way, the this guys
    0:30:18 are looking at traffic that way.
    0:30:21 So that's how you would implement it
    0:30:22 with PfR, but I imagine the future
    0:30:25 is gonna have a better view
    0:30:27 than this edge routing type kinda
    0:30:29 concept here.
    0:30:30 So we'll have a full view of the network
    0:30:32 and make those decisions.
    0:30:33 What CISCO's doing is they rather than..
    0:30:36 like open flow, open flow moves it to
    0:30:38 an offline device,
    0:30:40 an offline server,
    0:30:41 that's very poweful that makes these
    0:30:43 intelligent decisions, what CISCO's
    0:30:45 doing with PfR it's moved offline
    0:30:48 but it's not to a server, it's offline
    0:30:49 to another router,
    0:30:51 so this would be like, R8 here.
    0:30:53 So this router makes these decisions
    0:30:55 for you.
    0:30:56 People are more confortable with
    0:30:57 a router making decisions,
    0:30:59 you know, it's a big jump to say
    0:31:01 routers talk to a server
    0:31:04 and then the server is the
    0:31:05 control plane, and the server makes it.
    0:31:08 People are more accepting
    0:31:10 to say.. I will have
    0:31:13 the routers talk to another router,
    0:31:15 and then that router makes the decisions
    0:31:16 about what to do on the network.
    0:31:18 You are just more comfortable with it.
    0:31:21 You know, it's not a big leap
    0:31:22 as it is to move it off to a server.
    0:31:30 Alright, so let's look at
    0:31:33 here.
    0:31:35 Start talking a little bit about
    0:31:37 PfR here.
    0:31:40 We'll collapse this layer down.
    0:31:44 Alright, so in PfR,
    0:31:47 we are gonna have the concept..
    0:31:49 we're gonna have the concept of
    0:31:51 a border router or border routers,
    0:31:53 and we're gonna have the concept of a
    0:31:55 master controller.
    0:31:56 That master controller is where the
    0:31:58 control plane decisions are made.
    0:32:00 You can decide how you are.. what..
    0:32:03 what control plane decisions
    0:32:05 the master controller is making for you.
    0:32:07 But you are moving the control plane
    0:32:08 decision off to a central device
    0:32:11 that has a better view of the network
    0:32:13 then one individual router.
    0:32:16 So the.. what we have here is..
    0:32:20 we have a concept of a border router,
    0:32:24 and a master controller.
    0:32:27 So, a border router and
    0:32:28 a master controller.
    0:32:29 The border routers
    0:32:30 are the devices that are on path,
    0:32:33 traffic flows through these devices,
    0:32:35 the master controller doesn't have
    0:32:38 to be on path, it doesn't have to be in
    0:32:40 the data path,
    0:32:42 it can just be off to the side.
    0:32:44 It could be anywhere here.
    0:32:46 But it could be the same device,
    0:32:48 So we could have a situation where
    0:32:50 this one router,
    0:32:52 but not that router here.
    0:32:53 This one router here,
    0:32:55 is the master controller and
    0:32:57 the border router, so he's
    0:32:59 doing both functionalities.
    0:33:02 We could have a situation where
    0:33:03 this guy's a border router
    0:33:06 and this guy's the master controller,
    0:33:08 so he's got two exit links,
    0:33:10 one interior link here,
    0:33:12 and we could have a situation where the
    0:33:13 master controller's there, the border..
    0:33:15 this guy's a border router also.
    0:33:18 We could also move..
    0:33:22 we could also have a mix like this
    0:33:24 where this guy is the master controller
    0:33:26 and a border router, and this guy's also
    0:33:28 a border router for that master
    0:33:29 controller there.
    0:33:31 So, it's really up to us what
    0:33:33 we wanna do, we could have all kinds
    0:33:35 of mixes out here,
    0:33:36 of designs here, but..
    0:33:41 you can't have.. they don't..
    0:33:43 communicate, so the way you could do
    0:33:45 primary and secondary it's like through
    0:33:47 anycast.
    0:33:48 So, what we can do is
    0:33:50 here I could
    0:33:54 we could just use HSRP I guess
    0:33:56 too, but let's say another router
    0:33:58 sitting here.
    0:33:59 I'll draw this out here.
    0:34:01 And..
    0:34:05 connected in here, let's just say this
    0:34:06 guy here is R4.
    0:34:08 So R4 here,
    0:34:10 so this is our master controller,
    0:34:12 and what.. and this guy also
    0:34:14 is a master controller,
    0:34:15 configured as a master controller.
    0:34:16 And what they can do is both advertise
    0:34:18 out the same loopback.
    0:34:19 So, let's say they advertise out
    0:34:21 3.3.3.3, he advertises out also 3.3.3.3
    0:34:28 and if.. what you do is if you want
    0:34:32 this one the primary and this one the
    0:34:34 backup, what you do is you advertise
    0:34:36 this one with some sort of higher cost,
    0:34:39 so that the routers always route
    0:34:41 to that guy for 3.3.3.3
    0:34:44 Then if that guy goes down,
    0:34:45 they start routing to this guy.
    0:34:48 So they switch over and start
    0:34:50 routing to that guy there.
    0:34:51 Or you could do it with HSRP.
    0:34:54 You could do, this is active
    0:34:56 and that one is stand by
    0:34:58 on the HSRP address.
    0:35:00 But, right now the master controllers
    0:35:03 don't talk to eachother.
    0:35:04 So what will happen is if this
    0:35:05 guy goes down,
    0:35:06 these guys will undo any changes
    0:35:08 they made, fall back to your normal
    0:35:09 routing, then they'll start talking
    0:35:11 to that guy and then he'll go back
    0:35:13 and see if he needs to make
    0:35:14 any decisions.
    0:35:15 So they have to start over basically.
    0:35:17 But that's not a big deal because your
    0:35:18 standard routing should be ok.
    0:35:21 But today yeah, there's no
    0:35:23 there's no wide communication
    0:35:25 between states.
    0:35:26 These guys don't communicate between
    0:35:28 states about their master controller.
    0:35:29 But I bet they're probably
    0:35:31 talking about it.
    0:35:32 Ok, I bet there's probably communication
    0:35:34 within CISCO they kept to
    0:35:36 entertain the idea of two master
    0:35:38 controllers talking to eachother.
    0:35:40 Just about what's going on.
    0:35:42 And then one guy just takes over
    0:35:43 for the other guy here.
    0:35:46 But anycast, that's the same thing
    0:35:48 we do with multicast, when we do
    0:35:50 redundant RPs, use anycast there.
    0:35:53 Ok, so the other components we need,
    0:35:56 we need a border router, we need a
    0:35:57 master crontroller, could be the same
    0:35:58 device, could be multiple devices.
    0:36:00 The other components we need,
    0:36:02 we need at least one internal device,
    0:36:05 one internal
    0:36:09 and two external devi-
    0:36:11 external interfaces.
    0:36:18 A second, hands a little slippery here.
    0:36:20 External, so one internal interface
    0:36:23 to external interfaces, so that could be
    0:36:25 our internal, this could be one of our
    0:36:27 externals, this could be another one
    0:36:29 of our externals and that's an
    0:36:30 internal there.
    0:36:32 So it can be on one device,
    0:36:33 it could be spread across
    0:36:34 multiple devices.
    0:36:36 It could be spread across three
    0:36:37 or four devices.
    0:36:39 it's up to you, what you wanna do here.
    0:36:42 So let's say this router here,
    0:36:44 also has a connection out.
    0:36:46 So that guy has a connection out
    0:36:47 whether we could treat that one,
    0:36:49 we could also treat this guy here R4,
    0:36:52 we could treat this guy as external,
    0:36:54 the NAT as internal.
    0:36:56 So they don't have to be on
    0:36:57 the same device,
    0:36:58 you don't have to have a simple scenario
    0:36:59 so spread across multiple devices.
    0:37:10 You define it.
    0:37:12 You will define internal and external
    0:37:14 interfaces.
    0:37:16 So you will go in when we can
    0:37:19 figure the infrastructure,
    0:37:21 we will define the internal
    0:37:23 and the external interfaces.
    0:37:26 So we're gonna actually define this here
    0:37:27 you need to define the internal
    0:37:29 and external for..some of the things
    0:37:32 that PfR is gonna do for us,
    0:37:33 it's gonna do
    0:37:34 some netflow monitoring,
    0:37:36 that's one reason it needs internal
    0:37:37 and external, it also needs to know what
    0:37:38 interfaces you're trying to control.
    0:37:40 So if I don't put this interface here
    0:37:43 as external, it just leaves it alone.
    0:37:45 It doesn't do anything on it.
    0:37:48 So that interface is just left alone.
    0:37:50 Here.
    0:37:52 But the basic infrastructure
    0:37:54 you need a master controller,
    0:37:56 you need a border router,
    0:37:57 you need one internal and two externals.
    0:37:59 You won't get it to come up
    0:38:01 until you have this configured.
    0:38:03 So everything won't come up here,
    0:38:04 I see people when they try to configure
    0:38:05 to go..
    0:38:06 Hey, I configured the first border
    0:38:08 router and I configured the master
    0:38:09 controller but it's not coming up.
    0:38:10 Because you haven't met the minimum
    0:38:12 criteria, you gotta have two externals,
    0:38:14 and one internal there.
    0:38:21 It could be anywhere, yeah, it could be
    0:38:22 a hundred miles away
    0:38:24 it's just a TCP session
    0:38:25 between these devices.
    0:38:27 So, basically these guys
    0:38:28 are letting the master controller know
    0:38:32 about what's going on in the
    0:38:33 network here.
    0:38:35 So they're telling him what's
    0:38:36 going on here.
    0:38:37 And it could be netflow stats,
    0:38:40 Could be IP SLA reporting that it
    0:38:42 does and it does for.. does this
    0:38:43 for you automatically here.
    0:38:45 Could be link utilization,
    0:38:47 could be delay from IP SLA,
    0:38:49 but it doesn't need to be
    0:38:51 directly connected.
    0:38:52 The master controller doesn't.
    0:38:54 It's offline. Here.
    0:38:56 The people that uses in the real world,
    0:38:58 you see what they'll do is they'll take
    0:38:59 a big router like an ASR1K or a 3845,
    0:39:04 some sort of big router with a lot
    0:39:05 of memory, and they'll push it,
    0:39:07 they'll push to match the controller
    0:39:08 role to it.
    0:39:10 so there is a lot, there is
    0:39:12 people running PfR today.
    0:39:14 You know, you can see there's users
    0:39:16 for it, users for it in small networks,
    0:39:18 there's users for it in large
    0:39:19 networks here.
    0:39:22 Let me tell you one other quick corner
    0:39:23 case for a small network.
    0:39:25 Let's say we had this small network here
    0:39:28 So we got two different connections out,
    0:39:33 so let's say here,
    0:39:34 we have two different connections here,
    0:39:36 and they are running,
    0:39:38 they're running some sort of
    0:39:39 VoIP service.
    0:39:41 So they are doing some sort of
    0:39:42 VoIP sip trunk.
    0:39:45 So they're doing VoIP
    0:39:48 sip trunk here.
    0:39:51 Sip trunk to some device out
    0:39:52 there on the internet.
    0:39:54 What's the best way to route that.
    0:39:58 The one with the lowest latency, right?
    0:40:00 Maybe the lowest latency, maybe
    0:40:02 the lowest jitter,
    0:40:03 whatever here; so it's some sort of
    0:40:06 basic on the internet.. all we can test,
    0:40:08 we talk about.. we can.. we can actually
    0:40:10 test jitter, we can actually test
    0:40:12 the MOS score for voice,
    0:40:13 there's a lot of things we can do, but
    0:40:15 let's just say we're going to
    0:40:15 the internet, what is gonna test delay.
    0:40:17 Ideally you route that sip trunk
    0:40:19 based upon the delay.
    0:40:21 That's what you want.
    0:40:22 I mean, this is a total
    0:40:24 real world example
    0:40:25 of where you would use it.
    0:40:26 And all you use is PfR
    0:40:28 for the sip trunk, that's it.
    0:40:29 It just routes the sip trunk
    0:40:30 based upon the delay.
    0:40:32 If the delay is higher on one link
    0:40:34 than the other one, you can have
    0:40:35 a switch over.
    0:40:37 So you can have a switch over here.
    0:40:39 Because that.. cause you really
    0:40:40 do want to use this links based upon
    0:40:41 the fastest performance.
    0:40:43 Here.
    0:40:44 Another quick example,
    0:40:46 this is another real world..
    0:40:48 this is why the first time I had to
    0:40:49 try to sell PfR to somebody,
    0:40:52 sell the whole concept to somebody.
    0:40:54 They had a situation where,
    0:40:56 it was a larger network here,
    0:40:59 so something along the lines of
    0:41:01 this here.
    0:41:02 so a little bit lar- you know,
    0:41:03 they would have a bunch of connections
    0:41:04 out here, so they had a situation like..
    0:41:10 let me remove this here, draw the..
    0:41:11 remove my drawing here.
    0:41:15 And they had two links out,
    0:41:16 two separate routers here.
    0:41:20 And..
    0:41:22 Let me remove it one more time, here.
    0:41:24 So there are two links out
    0:41:26 to the internet, here,
    0:41:28 and this was the criteria that they had.
    0:41:31 The criteria they had was
    0:41:33 one of the links was a 20 Meg,
    0:41:39 they had a 20 Meg connection,
    0:41:41 they bought a flat rate 20 Meg,
    0:41:45 so this is just flat rate 20 Megs here.
    0:41:49 It was connected via 100 Meg Fast-E.
    0:41:52 FE here.
    0:41:56 This one here, they bought 0 flat rate,
    0:42:01 second one here, cause this was
    0:42:02 the backup one here,
    0:42:04 and it was 100 Meg Fast-E.
    0:42:08 So, they were allowed
    0:42:10 they were allowed the burst
    0:42:12 above their 20 Megs,
    0:42:13 but it cost them more
    0:42:16 it.. when it went above 20 Megs here,
    0:42:19 so, once they get above 20 Megs,
    0:42:21 it was very costly to use that link.
    0:42:25 So once they got a..
    0:42:26 that's not a good drawing here..
    0:42:27 so once this got above 20 Megs here,
    0:42:29 it got very costly here.
    0:42:32 But this one down here
    0:42:34 they were paying for usage and the
    0:42:35 cost wasn't that much.
    0:42:38 So, the idea is you wanna use
    0:42:39 the flat rate for the first 20,
    0:42:42 then use the 0, the.. the other one
    0:42:44 when you got above 20.
    0:42:46 But yet if the other one isn't
    0:42:48 available, then you wanna switch back
    0:42:50 to the higher cost one.
    0:42:53 So how would you do this today
    0:42:54 with static routes.
    0:42:57 How would you do it today with OSPF.
    0:42:59 No, OSPF's old.
    0:43:02 OSPF has been around longer
    0:43:04 than I've had my CCIE.
    0:43:06 Which is over 15 years now.
    0:43:09 So, it's been around a long time.
    0:43:11 It's not designed to make
    0:43:12 this advanced decisions,
    0:43:13 it wasn't in play.
    0:43:15 When you read the specs for OSPF,
    0:43:17 they talk about still redistributing
    0:43:19 BGP and OSP.
    0:43:20 You know, if you read anatomy of
    0:43:22 a routing protocol by John Moy,
    0:43:23 they talk about the internet
    0:43:25 and it's the thousand routes.
    0:43:28 So it's a lot.
    0:43:32 Yeah, they'll just bypass it, yeah
    0:43:34 just go right to IS-IS
    0:43:35 or something here.
    0:43:36 But the future is intelligent decisions,
    0:43:39 it's not routing based upon what you..
    0:43:42 what people learning in CCNA,
    0:43:44 in CCNP, and even CCIE.
    0:43:47 This really is the future,
    0:43:48 it may not be here tomorrow, it may not
    0:43:51 be here in two years but it'll be here,
    0:43:52 in five, six, seven, eight years.
    0:43:54 It only makes sense that..
    0:43:56 that now that we have the horse power,
    0:43:58 or the memory, the.. CPU power,
    0:44:01 to just take everybody's routing
    0:44:03 information and consolidate it, and make
    0:44:05 and have a device make a full decision
    0:44:07 about everything in the network.
    0:44:09 So rather than the network
    0:44:10 be a bunch of links,
    0:44:11 the network's just a fabric.
    0:44:13 It's just a fabric, that one device..
    0:44:15 one centralized controller makes
    0:44:16 decisions on what's occurring out there.
    0:44:20 So, this is.. you can do this with PfR.
    0:44:23 This is very simple.
    0:44:24 But the problem is
    0:44:25 you know.. you go into this places
    0:44:27 and they're like.. what is PfR.
    0:44:29 You know.. what does it do for,
    0:44:30 and they don't undestand.
    0:44:32 And you have to show them how you
    0:44:34 can save them money.
    0:44:35 Because if you're gonna do it any
    0:44:37 other way it's gonna be real tough.
    0:44:39 I mean there was another.. long
    0:44:40 story short, there was another way
    0:44:41 you could hack this up.
    0:44:43 You know basicaly clasify,
    0:44:46 you basicaly had.. device has to..
    0:44:48 funnel through another router back here,
    0:44:50 so this is R3 here, and that..
    0:44:52 that router is just the police that
    0:44:54 clasifies, it doesn't drop traffic,
    0:44:56 it just clasifies the first 20 Meg
    0:44:58 with a certain DHCP value then
    0:44:59 policy routes it basically.
    0:45:01 This policy routes the first 20 Megs,
    0:45:03 the other 20 Megs, above 20 Megs
    0:45:05 gets a different DHCP value,
    0:45:06 and it's policy routed another way.
    0:45:08 But it's just not a good solution.
    0:45:10 Not a good solution at all here.
    0:45:14 Alright, so I
    0:45:16 PfR force here, just on the two routers,
    0:45:18 so like this guy could be the
    0:45:20 border router and the master controller,
    0:45:22 and this guy just here is the
    0:45:23 border router.
    0:45:24 And then PfR could say, look when you
    0:45:26 hit that 20 Meg
    0:45:27 it starts to push traffic that way.
    0:45:29 At that link here.
    0:45:31 If that link isn't available it goes
    0:45:32 back out that link there.
    0:45:34 So, it makes this intelligent
    0:45:36 decisions for you.
    0:45:37 You can actually route
    0:45:39 based upon cost.
    0:45:40 You can actually route
    0:45:42 based upon cost.
    0:45:43 Now you may have a better link
    0:45:46 and certain traffic you may want
    0:45:47 to use this other link above 20 Megs.
    0:45:50 Certain customers, you may wanna
    0:45:52 use that link above 20 Megs.
    0:45:54 But yet other customers you might wanna
    0:45:56 use that flat rate one.
    0:45:59 You know, try to configure customers
    0:46:01 under OSPF.
    0:46:02 Not gonna work.
    0:46:03 Or customers based upon.. I mean you..
    0:46:05 you can come up with some advanced
    0:46:06 policy routing,
    0:46:07 but you'd be in here all day
    0:46:08 troubleshooting this.
    0:46:10 Making it work.
    0:46:10 First time something doesn't work here.
    0:46:12 Let PfR do this for you, it'll make
    0:46:14 this decisions for you.
    0:46:15 It would implement the policy routing,
    0:46:17 it will verify that it works,
    0:46:18 it'll monitor it for you.
    0:46:20 But.. you couldn't go and implement
    0:46:22 something advanced like this and then..
    0:46:24 and then walk away from it and think
    0:46:25 I won't have any other problems with it.
    0:46:28 Because as soon as something changes,
    0:46:29 you need to go in there and
    0:46:30 readjust your policy.
    0:46:31 That's what PfR is gonna do for us here.
    0:46:34 It can do policy routing for us.
    0:46:36 So it can do a policy based routing.
    0:46:38 So it can make these intelligent
    0:46:40 decisions here.
    0:46:42 Alright, so we talk a little bit about
    0:46:44 the infrastructure here,
    0:46:45 we need a master controller,
    0:46:47 we need a border router,
    0:46:49 and like I said, this master controller,
    0:46:51 this is where your control plane
    0:46:53 decisions are occurring,
    0:46:54 it's removing part of the
    0:46:56 control plane off,
    0:46:57 as it relates to routing,
    0:46:59 And then it.. injec- makes
    0:47:00 decisions and injects those decisions
    0:47:02 back to the border router.
    0:47:04 But the border routers don't do any..
    0:47:05 they have no intelligence.
    0:47:06 All they do is feed
    0:47:08 the master controller
    0:47:09 information about what it acts upon
    0:47:12 the changes that it makes,
    0:47:15 we'll talk about this changes here
    0:47:16 today too,
    0:47:17 so, but.. some of the changes
    0:47:19 we can make are with static routes.
    0:47:23 BGP, or policy based routing,
    0:47:29 so we can do static routes, BGP,
    0:47:31 or policy based routing in the IOS
    0:47:33 version we are using here.
    0:47:36 Now in..
    0:47:38 in future versions you'll see it'll all
    0:47:40 get into.. if you get into IOS version
    0:47:42 15, 15.1, you'll see that it does a lot
    0:47:44 more than just this basic static
    0:47:46 BGP PfR.
    0:47:47 Because where we came from
    0:47:49 was optimized edge routing.
    0:47:51 Was just simplified optimized edged
    0:47:53 routing here; that's where we
    0:47:54 came from here.
    0:47:56 But of course, as we go in
    0:47:57 to perform it's routing,
    0:48:01 PfR there, as we go to performance
    0:48:03 routing, it's gonna,
    0:48:04 you are gonna have more enhancements
    0:48:06 into like EIGRP and different
    0:48:08 protocols that it can manipulate here.
    0:48:18 Yeah, well.. yeah, you'd still probably
    0:48:20 have QoS policies in there,
    0:48:23 what you will see though,
    0:48:25 what you will see in the future
    0:48:27 is PfR, this is what I heard at..
    0:48:30 was talking to one of the developers,
    0:48:34 one of the tech leads, not a developer,
    0:48:36 you will see probably QoS integrated in.
    0:48:39 So you could have QoS kick in early,
    0:48:41 you can have things hap-
    0:48:42 you kick in a QoS policy,
    0:48:44 when certain condition's met.
    0:48:46 Let's say you have..
    0:48:47 let's say you are on a small
    0:48:49 network here.
    0:48:51 So we are not on a big network,
    0:48:52 we are on a little small network here.
    0:48:53 And yet, congestion is causing
    0:48:55 both of these links, so I've got my..
    0:48:58 I've got my..
    0:49:00 my Google docs here.
    0:49:02 Congestion now has
    0:49:06 caused Google docs latency to get above
    0:49:08 a 120 MS, among both links.
    0:49:11 Then I can say, kick in a QoS policy,
    0:49:14 choke some traffic down.
    0:49:16 You can't do that today, you can't say
    0:49:19 without doing advanced scripting.
    0:49:21 You know, we could do some advanced
    0:49:22 EEM scripts and, you know, do some
    0:49:24 pings, IP SLA, and then you could
    0:49:26 kick some things in, execute some
    0:49:28 commands when something happened.
    0:49:29 But just.. but it's easier to just let
    0:49:31 PfR do this for you.
    0:49:33 So you could kick in QoS,
    0:49:35 so I could kick in some QoS parameters,
    0:49:37 or what.. some QoS template that I want
    0:49:39 to apply to this interface,
    0:49:41 when the latency gets above here.
    0:49:43 So, I wanna start choking down
    0:49:45 the other traffic here.
    0:49:46 So, this is before you may think
    0:49:47 oh why don't I just use some
    0:49:48 congestion management.
    0:49:49 Why not.. becase the problem is
    0:49:51 it's a 100 Meg Fast-E.
    0:49:53 So, it's a Fast-E and it's
    0:49:54 willing to have 10 Megs.
    0:49:56 We can configure some sort of shaper
    0:49:57 and then use some artificial congestion
    0:49:59 management around it
    0:50:00 But I'd rather just PfR do it.
    0:50:02 PfR tells me, you know what,
    0:50:04 if the utilization, if the
    0:50:06 delay is too high above a certain
    0:50:07 number, kick in a QoS
    0:50:09 policy that I have predefined.
    0:50:12 To bring, to try to bring
    0:50:13 that traffic in, here.
    0:50:16 But that's in the future.
    0:50:17 That's talk about the future,
    0:50:19 implementing integrated QoS in.
    0:50:22 But I mean it's inte- it's..
    0:50:23 it makes sense though.
    0:50:24 Why only have..
    0:50:26 why do I have to please or shape
    0:50:28 when I don't have problems here.
    0:50:30 Why do I have to wait till the interface
    0:50:32 becomes fully utilized..
    0:50:34 fully utilized to actually kick in some
    0:50:35 congestion management.
    0:50:37 And why do I have to just do some sort
    0:50:38 of shaping to create some artificial
    0:50:40 congestion to kick in some sort of
    0:50:42 congestion management,
    0:50:42 via the priority or the bandwidth
    0:50:45 with the MQC Queue here.
    0:50:46 So what I'd rather do is just kick in
    0:50:48 congestion management based
    0:50:49 upon the delay;
    0:50:50 that's when I want congestion
    0:50:51 management to come in.
    0:50:53 When the delay hits a certain threshold,
    0:50:56 then you kick in
    0:50:57 then you start kicking in the..
    0:50:58 your priority, your low NC Queuing,
    0:51:01 your bandwidth statements here.
    0:51:02 Your bandwidth under the MQC.
    0:51:05 Alright, there's another question?
    0:51:36 Corr- You can, you can do that.
    0:51:39 So his question was,
    0:51:40 if this guy, if this router right
    0:51:41 here was the master control and
    0:51:45 the border router,
    0:51:46 and the utilization on the primary link
    0:51:48 became 50%, can I move
    0:51:51 some sort of unimportant traffic
    0:51:53 to the secondary link; you can do that.
    0:51:56 So I can move my FTP traffic over.
    0:52:00 In the newer versions of PfR,
    0:52:02 it can do nbar, you could just match
    0:52:04 nbar, you could match FTP
    0:52:06 using nbar, and it can just move it over
    0:52:08 based upon.. see you don't have to
    0:52:11 you can use PfR
    0:52:13 to optimize certain traffic, but you
    0:52:15 can also use PfR to drop out traffic
    0:52:17 when congestion occurrs.
    0:52:19 What I could also do is,
    0:52:21 when I hit 50% or whatever
    0:52:23 my utilization is, I could have PfR
    0:52:25 blackhole FTP traffic.
    0:52:27 So I could drop it to null 0.
    0:52:30 So I could drop traffic.
    0:52:32 So, let's say I'm a service provider,
    0:52:36 hope my service provider has more than
    0:52:38 one router and two links,
    0:52:39 but.. so, let's say I'm a
    0:52:41 service provider here, and
    0:52:44 once the utilization gets kicked
    0:52:46 up here, so let's say it's
    0:52:48 not 50% but it's near 100% here.
    0:52:51 So, it's near 100%,
    0:52:53 what I can do is I can start moving
    0:52:55 some of the traffic to lower maybe
    0:52:58 CS1, DSCP value CS1 to the othr link.
    0:53:03 So the other link is like a slower link.
    0:53:05 The cheaper slower link, maybe it's..
    0:53:07 you know, it's a.. a smaller ISP
    0:53:10 you are connected to.
    0:53:11 So you can start moving,
    0:53:12 so rather than moving, rather than
    0:53:14 optimizing traffic, you can use it
    0:53:17 to flip aroud backwards,
    0:53:18 to basically move junk traffic around
    0:53:20 when utilization kicks in.
    0:53:23 So what I can say is, as soon as the..
    0:53:24 the link gets heavily utilized,
    0:53:26 let's say 90%, not really a 100%,
    0:53:28 by 90%, I want PfR to move
    0:53:33 my CS1 traffic, that's low..
    0:53:36 low priority for me,
    0:53:37 so my scavenger class
    0:53:39 I want it to move it on the other link.
    0:53:41 But, if it's not at 90%,
    0:53:44 just leave it over here.
    0:53:47 So yeah, you can do that.
    0:53:48 You can also just blackhole it too.
    0:53:51 You could also say, you know what
    0:53:52 when this guy hits a 100%,
    0:53:54 and this guy hits a 100%,
    0:53:57 I start blackholing CS1.
    0:53:59 I just drop it,
    0:54:01 right on the router there.
    0:54:04 You know, so that's really..
    0:54:05 that's really useful to do.
    0:54:07 A good example would be like
    0:54:08 peer to peer traffic.
    0:54:10 So if you are doing
    0:54:11 a peer to peer traffic, coming out
    0:54:13 as soon as my links get over saturated,
    0:54:15 what I can do is I can have
    0:54:16 the bit torrent traffic,
    0:54:18 use nbar for bit torrent use
    0:54:21 or whatever matching I wanna do,
    0:54:23 asuming it works a 100% with nbar.
    0:54:26 I could drop that peer to peer traffic.
    0:54:29 'Course you'd create a.. everybody'd
    0:54:31 be up on arms on you but,
    0:54:33 you know, that net neutrality and
    0:54:35 stuff like that, huh?
    0:54:37 Alright, so you could drop
    0:54:39 that traffic there,
    0:54:41 when utilization gets up.
    0:54:43 But it can do it for you.
    0:54:45 It can.. because sometimes you
    0:54:46 you're running things like..
    0:54:48 you know, you got a normal situation
    0:54:49 going on, all of a sudden the network
    0:54:51 is really slow and you find somebody's
    0:54:53 you know.. somebody is seeking some
    0:54:54 servers, you know, some 80, 90 Gig
    0:54:56 servers accross the, you know
    0:54:57 the internet or whatever,
    0:54:58 they're seeking servers between them.
    0:55:00 You know, so the.. you know,
    0:55:01 you never know what's gonna cause a
    0:55:03 mayor congestion problem for you there.
    0:55:07 Aright.
    0:55:15 It just injects
    0:55:17 it.. you never
    0:55:19 you really never do poor
    0:55:22 packet load balancing.
    0:55:23 Never, I mean, not never
    0:55:25 I should say, you know 'course you never
    0:55:27 say never, 'cause as soon as you do that
    0:55:28 you find it, you know.. not never,
    0:55:29 but it's rare, it's very rare
    0:55:32 to do poor packet load balancing
    0:55:34 because of the fact that the packets
    0:55:35 end up in.. out of order.
    0:55:37 What it's gonna do is for you..
    0:55:38 and we'll look at this today,
    0:55:40 it'll inject.. it'll inject the static
    0:55:43 route like this way or static route
    0:55:44 that way; so the router is gonna do
    0:55:46 whatever we normally do.
    0:55:47 So, you're gonna probably do
    0:55:48 per destination load balancing, sourcing
    0:55:50 destination pair, load sharing.
    0:55:54 CEF does load sharing,
    0:55:56 PfR does load balancing.
    0:55:59 So, if anybody says to you, we're doing
    0:56:01 load balancing, and like..
    0:56:02 you can go, no you're not
    0:56:03 doing load balancing,
    0:56:04 you're doing load sharing.
    0:56:06 You can even like.. when you look at
    0:56:07 this show ip cef and address internal,
    0:56:09 it shows you what the share count is.
    0:56:12 Or show ip route,
    0:56:14 unlike any EIGRP ip route, it'll show
    0:56:15 you what the share count is.
    0:56:17 It's not balancing.
    0:56:18 Balancing it's actually looking at
    0:56:19 the load and then making intelligent
    0:56:21 decisions based upon the load.
    0:56:23 So that's what you want,
    0:56:24 at the end of the day.
    0:56:27 Alright, any other questions so far?
    0:56:29 Before we start delving into the
    0:56:30 configuration here?
    0:56:32 No questions?
    0:56:34 Alright, so let's do this,
    0:56:36 let's take a quick..
    0:56:38 we've been going on for about an hour,
    0:56:39 let's take a quick ten minute break,
    0:56:41 and then we're gonna jump right into the
    0:56:43 configuration; so what we're gonna do is
    0:56:44 we are gonna go into the configuration
    0:56:46 portion here.
    0:56:47 So we are gonna focus on
    0:56:49 the configuration of course,
    0:56:51 cause that's how I teach,
    0:56:52 I teach off the command line,
    0:56:54 and then we'll break it down from here.
    0:56:56 So I'm not gonna spend time on
    0:56:58 you know.. going over what CISCO
    0:56:59 de cycle and all they stuff they say
    0:57:01 'cause I think it's very confusing,
    0:57:02 we'll do it, we'll look at it,
    0:57:04 we'll analize it, then we'll go back
    0:57:05 to look at some of the things they say
    0:57:07 on CISCO's website or
    0:57:08 some of the other documentations on PfR.
    0:57:11 An then like I said, after lunch
    0:57:13 a little later today,
    0:57:14 we'll get into some really advanced
    0:57:16 configuration stuff here,
    0:57:18 with PfR here.
CCIE R&S - (PfR) vSeminar
Title: CCIE R&S - (PfR) vSeminar
Duration: 7h 44m
Instructor: Brian Dennis, #2210 CCIEx5
Get instant access to our entire library!
Sign Up


© 2003 - 2014 INE All Rights Reserved