Load balancing using Performance Routing pfr/OER Introduction: Cisco Performance Routing pfr is one of the most intelligent Cisco IOS services that can handle traffic routing automatically to achieve the most reliable and none stop traffic forwarding between sites and over multiple routers and links Cisco pfr optimizes routing and route selection based on real time measurements of the available paths and select the best path with regard to the defined polices, such as traffic delay, jitter or link utilization, which make it more flexible and convenient especially with the implementations of converged networks (Voice, Video and DATA) Using only a standard dynamic routing protocol such as BGP with two ISPs, if one of the ISPs experiencing problems inside the SP network and a company has real time sensitive traffic this will make some issues such delay, jitter and/or packet loss, while from BGP perspective the other BGP peer is reachable and the BGP session is up With Cisco pfr the router now will be able to measure the traffic over all the available ISPs/ paths, this measurement will be done by the edge routers that taking the role of a border router BR in pfr terminologies, while another router (either dedicated or co-existed in one of the BRs) will be the decision maker and all the BR will report the traffic measurements to it and this router called Master Controller MC, which works exactly as the brain of the pfr If any ISP link experiencing any problem such delay or jitter the BR connected to that ISP will report the traffic measurement to the MC and the MC will compare it to a predefined policy, if its considered out of policy OOP then the MC will start looking for another external link within the BRs that has better or in policy path, and there are several timers that can be configured and tuned such as bakoff timer to avoid route flapping and periodic interval which is the periodic time in minutes that the MC router start learn prefixes with a default value of 120 minute For more details please refer to the following link: Performance Routing Q&A Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco Load balancing using Performance Routing pfr/OER http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/ps8787/ prod_qas0900aecd806c4f03.html Configuration Example: In this configuration example we will see how we can configure load balancing by using pfr in one edge router this edge router has two external links represent WAN or Internet links ( both are valid options) and this edge router configured as BR router and MC router the routing configuration is very simple only two defual routes each point to one of the ISP’s next hop IP ip route 0.0.0.0 0.0.0.0 10.1.1.10 ip route 0.0.0.0 0.0.0.0 20.1.1.10 EDGE_RTR#show ip route Gateway of last resort is 20.1.1.10 to network 0.0.0.0 1.0.0.0/24 is subnetted, subnets C 1.1.1.0 is directly connected, Loopback0 20.0.0.0/24 is subnetted, subnets Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco Load balancing using Performance Routing pfr/OER C 20.1.1.0 is directly connected, FastEthernet1/1 10.0.0.0/24 is subnetted, subnets C C 10.1.1.0 is directly connected, FastEthernet1/0 192.168.1.0/24 is directly connected, FastEthernet2/0 S* 0.0.0.0/0 [1/0] via 20.1.1.10 [1/0] via 10.1.1.10 The criteria will be used here to load balancing is link utilization, first we need to define the border router and basic MC configurations interface Loopback0 ip address 1.1.1.1 255.255.255.0 key chain OER for authentication key key-string oerkey MC part: oer master Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco Load balancing using Performance Routing pfr/OER max-range-utilization percent 2% only for this example ( if the range between external links utilization over % then the MC will start to distribute the load between the links with regard to the max link utilization configured bellow as will ) logging ! border 1.1.1.1 key-chain OER - local loopback as both BR and MC co-existed interface FastEthernet1/1 external max-xmit-utilization absolute - this means max utilization for this link K ( just for the purpose of this example to see the link out of policy quickly ) interface FastEthernet1/0 external max-xmit-utilization absolute 50 - 50k ( this value for this example only ) interface FastEthernet2/0 internal ! learn throughput periodic-interval - configured to make sure all the time the router will learn prefixes ( for the purpose of this example only) aggregation-type prefix-length 32 automatic aggregation of the prefixes that will be created by the MC automatically will have a prefix length with /32 in this example mode route control mode route metric static tag 2000 - automatic static route entries created by the MC will have route tag as 2000 mode select-exit best resolve range priority - always select the best in policy exit - policy measurement criteria will give utilization range priority resolve utilization priority variance - link utilization priority Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco Load balancing using Performance Routing pfr/OER BR part: oer border local Loopback0 same ip address used in the MC part config for this BR master 1.1.1.1 key-chain OER ! EDGE_RTR#show oer master border Border Status UP/DOWN 1.1.1.1 ACTIVE UP 01:09:11 AuthFail as it shown earlier in this document the routing table has only two static default routes each one points to a different ISP/ next hop Now lets generate traffic from the inside network to simulate internal traffic and as we configured the link utilization of interface fa1/1 to a low value this interface will be considered OOP quickly EDGE_RTR#show oer master prefix Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco Load balancing using Performance Routing pfr/OER EDGE_RTR# : %OER_MC-5-NOTICE: Load OOP BR 1.1.1.1, i/f Fa1/1, load 24 policy %OER_MC-5-NOTICE: Exit 1.1.1.1 intf Fa1/1 OOP, Tx BW 24, R x BW 24, Tx Load 0, Rx Load EDGE_RTR#show oer master prefix Prefix State Time Curr BR CurrI/F Protocol PasSDly PasLDly PasSUn PasLUn PasSLos PasLLos ActSDly ActLDly ActSUn ActLUn EBw IBw -100.100.100.100/32 DEFAULT* @29 1.1.1.1 Fa1/1 U U 0 0 U U 0 25 25 U EDGE_RTR# Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco Load balancing using Performance Routing pfr/OER %OER_MC-5-NOTICE: Discovered Exit for prefix 100.100.100.100/32, BR 1.1.1.1, i/f Fa1/1 EDGE_RTR#show oer border routes static Flags Network CE Parent Tag 100.100.100.100/32 0.0.0.0/0 2000 EDGE_RTR#show ip route 100.100.100.100 Routing entry for 100.100.100.100/32 Known via "static", distance 1, metric Tag 2000 Routing Descriptor Blocks: * 10.1.1.10 Route metric is 0, traffic share count is Route tag 2000 Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco Load balancing using Performance Routing pfr/OER As it shown above a static route entry has been created automatically with a prefix length of /32 based on the prefix aggregation length specified in the MC config Also the route tag is 2000 which is the tag value configured in the MC config as well, this tag maybe useful for redistribution or route filtering Also the most important thing is that the created static route entry for the prefix 100.100.100.100/32 is through the Fa1/0 Because the first used link was fa1/1 and according to the previous logging message this link flooded with traffic and considered out of policy : %OER_MC-5-NOTICE: Load OOPBR 1.1.1.1, i/f Fa1/1, load 24 policy then the MC has chosen fa1/0 because it is not over utilized ( in policy ) now lets generate traffic again to over utilize fa1/0 : %OER_MC-5-NOTICE: Load OOPBR 1.1.1.1, i/f Fa1/0, load 53 policy 50 %OER_MC-5-NOTICE: Exit 1.1.1.1 intf Fa1/0 OOP, Tx BW 53, R Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco Load balancing using Performance Routing pfr/OER x BW 53, Tx Load 0, Rx Load New learned prefixes: Prefix State Time Curr BR CurrI/F Protocol PasSDly PasLDly PasSUn PasLUn PasSLos PasLLos ActSDly ActLDly ActSUn ActLUn EBw IBw -200.200.200.200/32 DEFAULT* @74 1.1.1.1 Fa1/0 U U 0 0 U U 0 29 28 100.100.100.100/32 INPOLICY 1.1.1.1 Fa1/0 U U 0 0 U U 0 0 U STATIC Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco Load balancing using Performance Routing pfr/OER %OER_MC-5-NOTICE: Discovered Exit for prefix 200.200.200.200/32, BR 1.1.1.1, i/f Fa1/0 EDGE_RTR#show oer border routes static Flags: C - Controlled by oer, X - Path is excluded from control, E - The control is exact, N - The control is non-exact Flags Network Parent Tag CE 100.100.100.100/32 0.0.0.0/0 2000 CE 200.200.200.200/32 0.0.0.0/0 2000 EDGE_RTR#show ip route 200.200.200.0/32 is subnetted, subnets S 200.200.200.200 [1/0] via 20.1.1.10 1.0.0.0/24 is subnetted, subnets C 1.1.1.0 is directly connected, Loopback0 100.0.0.0/32 is subnetted, subnets S 100.100.100.100 [1/0] via 10.1.1.10 20.0.0.0/24 is subnetted, subnets Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco 10 Load balancing using Performance Routing pfr/OER C 20.1.1.0 is directly connected, FastEthernet1/1 10.0.0.0/24 is subnetted, subnets C C 10.1.1.0 is directly connected, FastEthernet1/0 192.168.1.0/24 is directly connected, FastEthernet2/0 S* 0.0.0.0/0 [1/0] via 20.1.1.10 [1/0] via 10.1.1.10 It obvious from the above routing table we have two new static routes entries crated automatically by the MC each one point to a different next hop based on the link's utilization policy configuration Here we achieved load balancing over tow links by using pfr Note: You can implement NAT with this solution if its required by using ACLs and route maps This example was configured and working with NAT: EDGE_RTR#show ip nat translations Pro Inside global Inside local Outside local Outside global icmp 20.1.1.1:84 192.168.1.1:84 200.200.200.200:84 200.200.200.200:84 icmp 10.1.1.1:85 192.168.1.1:85 100.100.100.100:85 100.100.100.100:85 EDGE_RTR# Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco 11 Load balancing using Performance Routing pfr/OER For a configuration example of using NATing with two links and route maps please see the document bellow: https://supportforums.cisco.com/docs/DOC-8313 This was a simple pfr configuration example; with pfr you can configure more complex policies and measurements with active and/or passive monitoring using echo, tcp or udp props in conjunction with ip sla, also you can use a dynamic routing protocol instead of static routing such as BGP Thank you Marwan Alshawi Postings may contain unverified user-created content and change frequently The content is provided as-is and is not warrantied by Cisco 12 ... example of using NATing with two links and route maps please see the document bellow: https://supportforums.cisco.com/docs /DOC- 8313 This was a simple pfr configuration example; with pfr you can... master border Border Status UP/DOWN 1.1.1.1 ACTIVE UP 01:09:11 AuthFail as it shown earlier in this document the routing table has only two static default routes each one points to a different ISP/