Re: OER understandin

HI All

   I have configured OER in my LAB and facing some isse while
understanding it. Please suggest me.

1 If my master showing me INPOLICY* so what mean by * .. What is
deference between INPOLICY and INPOLICY*
2 My borders are showing me dynamic routemap and dynamic Access-list.
so it means it is working. But I am not able to see any static/BGP
route generated by OER.

My Master router configuration is :

key chain KEY
 key 1
   key-string cisco
oer master
 policy-rules OER
 no max-range-utilization
 logging
 !
 border 67.67.1.1 key-chain KEY
  interface Serial0/1/0 internal
  interface Tunnel0 internal
  interface FastEthernet0/0 external
 !
 border 67.67.2.2 key-chain KEY
  interface Serial0/1/0 internal
  interface Tunnel0 internal
  interface FastEthernet0/0 external
 no max range receive
 no resolve utilization
!

oer-map OER 10
 match traffic-class access-list CS2
 set mode route control
 set next-hop 67.67.17.7
!
oer-map OER 20
 match traffic-class access-list CS4
 set mode route control
 set next-hop 67.67.42.10

Border Routers Configuration

oer border
 logging
 local Loopback0
 master 67.67.4.4 key-chain KEY

Below is the Output. (Master)

Rack67R4#sh oer master tr
Rack67R4#sh oer master traffic-class
OER Prefix Statistics:
 Pas - Passive, Act - Active, S - Short term, L - Long term, Dly - Delay (ms),
 P - Percentage below threshold, Jit - Jitter (ms),
 MOS - Mean Opinion Score
 Los - Packet Loss (packets-per-million), Un - Unreachable (flows-per-million),
 E - Egress, I - Ingress, Bw - Bandwidth (kbps), N - Not applicable
 U - unknown, * - uncontrolled, + - control more specific, @ - active probe all
 # - Prefix monitor mode is Special, & - Blackholed Prefix
 % - Force Next-Hop, ^ - Prefix is denied

DstPrefix Appl_ID Dscp Prot SrcPort DstPort SrcPrefix
           Flags State Time CurrBR CurrI/F Protocol
         PasSDly PasLDly PasSUn PasLUn PasSLos PasLLos EBw IBw
         ActSDly ActLDly ActSUn ActLUn ActSJit ActPMOS
--------------------------------------------------------------------------------
67.67.55.0/24 N cs4 256 1-65535 1-65535 67.67.44.0/24
               % INPOLICY* 0 67.67.2.2 Fa0/0 PBR

67.67.55.0/24 N cs2 256 1-65535 1-65535 67.67.44.0/24
               % INPOLICY* 0 67.67.2.2 Fa0/0 PBR

Outpout of Border router

Rack67R1#sh ip bgp
BGP table version is 16, local router ID is 67.67.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network Next Hop Metric LocPrf Weight Path
r>i67.67.55.0/24 67.67.8.8 0 100 0 i
r>i197.68.1.0 150.1.67.254 0 150 0 254 253 i
*>i197.68.4.0 150.1.67.254 0 150 0 254 253 i
*>i197.68.5.0 150.1.67.254 0 150 0 254 253 i
*>i197.68.21.0 150.1.67.254 0 150 0 254 253 i
*>i197.68.22.0 150.2.67.254 0 100 0 254 i

Rack67R1#sh route-map dynamic
route-map OER-02/03/01-10:08:56.722-32-OER, permit, sequence 0,
identifier 1699621500
  Match clauses:
    ip address (access-lists): oer#6
  Set clauses:
    ip next-hop 67.67.17.7
    interface FastEthernet0/0
  Policy routing matches: 0 packets, 0 bytes
route-map OER-02/03/01-10:08:56.722-32-OER, permit, sequence 1,
identifier 1710585316
  Match clauses:
    ip address (access-lists): oer#8
  Set clauses:
    ip next-hop 67.67.67.2
    interface Tunnel0
  Policy routing matches: 0 packets, 0 bytes
route-map OER-02/03/01-10:08:56.718-31-OER, permit, sequence 0,
identifier 1694403152
  Match clauses:
    ip address (access-lists): oer#5
  Set clauses:
    ip next-hop 67.67.17.7
    interface FastEthernet0/0
  Policy routing matches: 0 packets, 0 bytes
route-map OER-02/03/01-10:08:56.718-31-OER, permit, sequence 1,
identifier 1710584740
  Match clauses:
    ip address (access-lists): oer#7
  Set clauses:
    ip next-hop 67.67.67.2
    interface Tunnel0
  Policy routing matches: 0 packets, 0 bytes
 Current active dynamic routemaps = 2

Rack67R1#sh oer border routes bgp
Rack67R1#sh oer border routes static

Flags: C - Controlled by oer, X - Path is excluded from control,
       E - The control is exact, N - The control is non-exact

Flags Network Parent Tag
Rack67R1#

Rack67R1#sh ip access-lists dynamic oer#5
Extended IP access list oer#5
    1073741823 permit ip 67.67.44.0 0.0.0.255 67.67.55.0 0.0.0.255 dscp cs2
Rack67R1#sh ip access-lists dynamic oer#6
Extended IP access list oer#6
    1073741823 permit ip 67.67.44.0 0.0.0.255 67.67.55.0 0.0.0.255 dscp cs2
Rack67R1#sh ip access-lists dynamic oer#7
Extended IP access list oer#7
    1073741823 permit ip 67.67.44.0 0.0.0.255 67.67.55.0 0.0.0.255 dscp cs4
Rack67R1#sh ip access-lists dynamic oer#8
Extended IP access list oer#8
    1073741823 permit ip 67.67.44.0 0.0.0.255 67.67.55.0 0.0.0.255 dscp cs4

Rack67R1#sh oer borde
Rack67R1#sh oer border ac
Rack67R1#sh oer border active-probes
        OER Border active-probes
Type = Probe Type
Target = Target IP Address
TPort = Target Port
Source = Send From Source IP Address
Interface = Exit interface
Att = Number of Attempts
Comps = Number of completions
N - Not applicable

Type Target TPort Source Interface Att Comps
DSCP

Rack67R1#

Blogs and organic groups at http://www.ccie.net
Received on Thu Jun 28 2012 - 15:49:28 ART