Hi.
I hope you are all doing well, and I'm sorry for posting such a long OT.
Straight to the issue, we have one 7609S which its IOS is 15.1(3)S. I
should note that this an ISP environment and this router has 15 private IX
peers, and 5 Exit links.
I've configured the router being MC and BR the same time, 1 Internal
interface, and 5 External interface.
Each exit link has specific customers, we have separated each link's
customers using ACL. When customer's TX traffic reaches the Internal
interface, they are routed using PBR (default next-hop) to their specific
exit link. Also these ACLs are referenced in a route-map assigned to each
exit BGP peer, so we only advertise the customers to their specific exit
BGP peer.
We have categorized our BGP peers in 3 template peer-policy.
*The issue is that, I see PFR configuring /30 STATIC routes to exit links
(it should be /24), and much more important for me, no inbound optimization
is happening.*
Below you will find some partial logging plus the configurations.
And I'm again sorry for such long post.
Feb 13 16:41:43: %OER_MC-5-NOTICE: Uncontrol Prefix 85.133.140.168/30,
Couldn't find the best exit
Feb 13 16:41:43: %OER_MC-5-NOTICE: Uncontrol Prefix 85.133.140.168/30,
Couldn't choose exit in prefix timeout
Feb 13 16:41:43: %OER_MC-5-NOTICE: Range Entrance OOP BR 172.31.255.14, i/f
Tu108, percent 100. Other BR 172.31.255.14, i/f Gi8/0/0 percent 15
Feb 13 16:41:43: %OER_MC-5-NOTICE: Load Entrance OOP BR 172.31.255.14, i/f
Tu108, load 33000 policy 31350
Feb 13 16:41:43: %OER_MC-5-NOTICE: Entrance 172.31.255.14 intf Tu108 OOP,
Tx BW 24, Rx BW 33000, Tx Load 0, Rx Load 100
Feb 13 16:41:43: %OER_MC-5-NOTICE: Uncontrol Prefix 220.98.114.8/30,
Couldn't find the best exit
Feb 13 16:41:43: %OER_MC-5-NOTICE: Uncontrol Prefix 220.98.114.8/30,
Couldn't choose exit in prefix timeout
Feb 13 16:41:46: %OER_MC-5-NOTICE: Uncontrol Prefix 217.169.166.40/30,
Couldn't choose exit in prefix timeout
Feb 13 16:41:48: %OER_MC-5-NOTICE: Route changed Prefix 188.253.53.96/30,
BR 172.31.255.14, i/f Gi8/0/0, Reason Utilization, OOP Reason Timer Expired
route-map CHNG_GW permit 10
description ***CUST1 through EXIT1***
match ip address CUST1
set ip default next-hop 10.30.148.169
route-map CHNG_GW permit 11
description ****CUST2 through EXIT2****
match ip address CUST2
set ip default next-hop 172.16.108.2
route-map CHNG_GW permit 12
description ****CUST3 through EXIT3****
match ip address CUST3
set ip default next-hop 172.16.101.2
route-map CHNG_GW permit 13
description ****CUST4 through EXIT2****
match ip address CUST4
!! All other customers are routed using the PRIMARY default route. !!
ip route 0.0.0.0 0.0.0.0 192.168.64.1 name PRIMARY
ip route 0.0.0.0 0.0.0.0 10.30.148.169 5 name PFR
ip route 0.0.0.0 0.0.0.0 172.16.101.2 6 name PFR
ip route 0.0.0.0 0.0.0.0 172.16.105.2 7 name PFR
ip route 0.0.0.0 0.0.0.0 172.16.108.2 8 name PFR
template peer-policy CUST_BGP
route-map BGP_CUST_NO-OUT out
default-originate
soft-reconfiguration inbound
send-community both
exit-peer-policy
!
template peer-policy BW_UPLINKS
prefix-list ISP_IX-in in
next-hop-self all
soft-reconfiguration inbound
send-community both
exit-peer-policy
!
template peer-policy IX
route-map IX_BGP-OUT out
prefix-list ISP_IX-in in
next-hop-self all
soft-reconfiguration inbound
send-community both
pfr master
policy-rules PFR_BGP
max-range-utilization percent 80
logging
!
border 172.31.255.14 key-chain OER
interface GigabitEthernet8/0/0 external
max-xmit-utilization percentage 95
maximum utilization receive percentage 95
interface Tunnel101 external
max-xmit-utilization percentage 95
maximum utilization receive percentage 95
interface Tunnel108 external
max-xmit-utilization percentage 95
maximum utilization receive percentage 95
interface Tunnel105 external
max-xmit-utilization percentage 95
maximum utilization receive percentage 95
interface POS8/1/0 external
max-xmit-utilization percentage 95
maximum utilization receive percentage 95
interface GigabitEthernet5/1 internal
!
learn
throughput
inside bgp
periodic-interval 0
monitor-period 1
prefixes 200 applications 200
expire after time 30
max range receive percent 80
backoff 150 150
mode route control
mode monitor fast
periodic 150
no resolve delay
no resolve range
!
active-probe tcp-conn 216.239.32.20 target-port 80
active-probe tcp-conn 216.239.32.20 target-port 443
active-probe echo 4.2.2.4
active-probe echo 8.8.8.8
active-probe tcp-conn 173.194.34.53 target-port 443
active-probe tcp-conn 46.228.47.114 target-port 80
active-probe echo 4.2.2.1
active-probe echo 8.8.4.4
active-probe echo 4.2.2.2
pfr border
local Loopback17231255
master 172.31.255.14 key-chain OER
active-probe address source interface GigabitEthernet5/1
pfr-map PFR_BGP 10
match pfr learn inside
set mode route control
set mode monitor passive
set resolve utilization priority 1 variance 10
no set resolve delay
no set resolve range
show pfr master:
OER state: ENABLED and INACTIVE
Conn Status: SUCCESS, PORT: 3949
Version: 3.1
Number of Border routers: 1
Number of Exits: 5
Number of monitored prefixes: 0 (max 5000)
Max prefixes: total 5000 learn 2500
Prefix count: total 0, learn 0, cfg 0
PBR Requirements met
Nbar Status: Inactive
Border Status UP/DOWN AuthFail Version DOWN Reason
172.31.255.14 INACTIVE DOWN 0 3.1
OER master in special monitor mode
Global Settings:
max-range-utilization percent 80 recv 80
rsvp post-dial-delay 0 signaling-retries 1
mode route metric bgp local-pref 5000
mode route metric static tag 5000
trace probe delay 1000
logging
exit holddown time 60 secs, time remaining 0
Default Policy Settings:
backoff 150 150 150
delay relative 50
holddown 300
periodic 150
probe frequency 56
number of jitter probe packets 100
mode route control
mode monitor fast
mode select-exit good
loss relative 10
jitter threshold 20
mos threshold 3.60 percent 30
unreachable relative 50
resolve utilization priority 13 variance 20
Learn Settings:
current state : DISABLED
time remaining in current state : 0 seconds
throughput
no delay
inside bgp
monitor-period 5
periodic-interval 5
aggregation-type prefix-length 24
prefixes 200 appls 200
expire after time 30
show pfr master policy:
HT-CoreRT(config-pfr-mc)#do s pfr mas pol
Default Policy Settings:
backoff 150 150 150
delay relative 50
holddown 300
periodic 150
probe frequency 56
number of jitter probe packets 100
mode route control
mode monitor fast
mode select-exit good
loss relative 10
jitter threshold 20
mos threshold 3.60 percent 30
unreachable relative 50
resolve utilization priority 13 variance 20
oer-map PFR_BGP 10
sequence no. 8444249301975040, provider id 1, provider priority 30
host priority 0, policy priority 10, Session id 0
match oer learn inside
backoff 150 150 150
delay relative 50
holddown 300
periodic 150
probe frequency 56
number of jitter probe packets 100
*mode route control
*mode monitor passive
mode select-exit good
loss relative 10
jitter threshold 20
mos threshold 3.60 percent 30
unreachable relative 50
next-hop not set
forwarding interface not set
*resolve utilization priority 1 variance 10
Best Regards,
*Mohammad Moghaddas*
Blogs and organic groups at http://www.ccie.net
Received on Thu Feb 13 2014 - 17:16:09 ART
This archive was generated by hypermail 2.2.0 : Sat Mar 01 2014 - 08:41:48 ART