Clasificación. Protocol

en la sección de oer-learn muestra como activar el aprendizaje de los diferentes prefijos. Por defecto, el clasifica todo tipo de tráfico que pasa por los BC. Podemos evitar que se comporte de esta manera colocándole que deseas aprender en el MC. En este caso veamos el siguiente caso:

oer_diagram1.JPG

Actualmente existirán tres flujos desde el ISP1. Uno de icmp, otro de udp con voz y otro web. Los prefijos mostrados son los destinos que detectaría los BR cuando salén del dominio OER.

Activemos el modo aprendizaje de manera abierta, o sea no clasificamos nada. Como por defecto detecta todo tipo de tráfico, los tres flujos en el diagrama serán detectados. Para que la busqueda sea más rápida, se estará configurando los tiempos de espera y monitoreo a 1 minuto. (monitor-period 1 y periodic-interval 1).

Rack1R2#config t
Enter configuration commands, one per line.  End with CNTL/Z.
Rack1R2(config)#oer master
Rack1R2(config-oer-mc)#logging
Rack1R2(config-oer-mc)#learn
Rack1R2(config-oer-mc-learn)#throughput
Rack1R2(config-oer-mc-learn)#end
Rack1R2#
Rack1R2#debug oer master learn detail 
OER Master TopTalker Detail debugging is on
Rack1R2#
*Oct 25 15:11:54.423: %OER_MC-5-NOTICE: Prefix Learning STARTED
Rack1R2# 
*Oct 25 15:14:49.679: OER MC LEARN(det): OER TTC: 150.1.3.3 reported 0 throughput learned prefixes
*Oct 25 15:14:49.891: OER MC LEARN(det): OER TTC: 150.1.2.2 reported 0 throughput learned prefixes
*Oct 25 15:14:49.975: OER MC LEARN(det): OER TTC: 150.1.5.5 reported 3 throughput learned prefixes
*Oct 25 15:14:49.979: OER MC LEARN(det): Received stats from all borders so updating DB
Rack1R2#
*Oct 25 15:14:49.979: %OER_MC-5-NOTICE: Prefix Learning WRITING DATA
Rack1R2#
Rack1R2#show oer master prefix
OER Prefix Statistics:
 Pas - Passive, Act - Active, S - Short term, L - Long term, Dly - Delay (ms),
 P - Percentage below threshold, Jit - Jitter (ms), 
 MOS - Mean Opinion Score
 Los - Packet Loss (packets-per-million), Un - Unreachable (flows-per-million),
 E - Egress, I - Ingress, Bw - Bandwidth (kbps), N - Not applicable
 U - unknown, * - uncontrolled, + - control more specific, @ - active probe all
 # - Prefix monitor mode is Special, & - Blackholed Prefix
 % - Force Next-Hop, ^ - Prefix is denied

Prefix                  State     Time Curr BR         CurrI/F         Protocol
                      PasSDly  PasLDly   PasSUn   PasLUn  PasSLos  PasLLos
                      ActSDly  ActLDly   ActSUn   ActLUn      EBw      IBw
                      ActSJit  ActPMOS  ActSLos  ActLLos
--------------------------------------------------------------------------------
150.1.1.0/24            DEFAULT*      @86 U               U               U       
150.1.4.0/24            DEFAULT*      @86 U               U               U       
150.1.6.0/24            DEFAULT*      @86 U               U               U       
Rack1R2#

Podemos ver que los tráficos fueron detectados. del lado de cada Border Controller (BC) se ve que se activan la captura por netflow.

Rack1R5#show oer border passive learn 
 OER Border Learn Configuration :
    State is enabled
    Measurement type: throughput, Duration: 1 min, Remaining: 30 sec
    Aggregation type: prefix-length, Prefix length: 24
    No port protocol config
Rack1R5#

Ahora aplicaremos la clasificación por protocolo. Como los prefijos se mantienen por defecto 720 segundos o sea 12 minutos por inactividad, lo que haremos es darle shutdown / no shutdown en el modo del oer master para limpiar la tabla. El protocolo que tomaremos en cuenta es icmp. Es posible filtrar los demás también ya sea por rango de puerto de voz o puerto web.

Rack1R2#
Rack1R2#config t
Enter configuration commands, one per line.  End with CNTL/Z.
Rack1R2(config)#oer master
Rack1R2(config-oer-mc)#shut
Rack1R2(config-oer-mc)#
*Oct 25 15:19:47.251: %OER_MC-5-NOTICE: BR 150.1.5.5 DOWN
*Oct 25 15:19:47.251: %OER_MC-5-NOTICE: BR 150.1.5.5 IF Fa0/0 Unverified
*Oct 25 15:19:47.251: %OER_MC-5-NOTICE: BR 150.1.5.5 IF Se0/0/0 Unverified
*Oct 25 15:19:47.251: %OER_MC-5-NOTICE: BR 150.1.5.5 IF Se0/1/0 Unverified
*Oct 25 15:19:47.251: %OER_MC-5-NOTICE: Uncontrol prefixes, Clear exit, BR 150.1.5.5 i/f Se0/1/0
*Oct 25 15:19:47.303: %OER_MC-5-NOTICE: BR 150.1.3.3 DOWN
*Oct 25 15:19:47.303: %OER_MC-5-NOTICE: BR 150.1.3.3 IF Se1/0 Unverified
*Oct 25 15:19:47.303: %OER_MC-5-NOTICE: BR 150.1.3.3 IF Se1/3 Unverified
*Oct 25 15:19:47.303: %OER_MC-5-NOTICE: BR 150.1.3.3 IF Se1/2 Unverified
*Oct 25 15:19:47.303: %OER_MC-5-NOTICE: BR 150.1.3.3 IF Gi0/0 Unverified
Rack1R2(config-oer-mc)#
Rack1R2(config-oer-mc)#learn
Rack1R2(config-oer-mc-learn)#protocol 1
Rack1R2(config-oer-mc-learn)#exit
Rack1R2(config-oer-mc)#no shut
Rack1R2(config-oer-mc)#
*Oct 25 15:20:02.723: %OER_MC-5-NOTICE: System enabled
*Oct 25 15:20:02.887: %OER_MC-5-NOTICE: BR 150.1.5.5 UP
*Oct 25 15:20:02.895: %OER_MC-5-NOTICE: BR 150.1.2.2 UP
*Oct 25 15:20:03.167: %OER_MC-5-NOTICE: BR 150.1.2.2 IF Se0/1/0 UP
*Oct 25 15:20:03.167: %OER_MC-5-NOTICE: BR 150.1.5.5 IF Fa0/0 UP
*Oct 25 15:20:03.175: %OER_MC-5-NOTICE: BR 150.1.2.2 IF Se0/0/0 UP
*Oct 25 15:20:03.175: %OER_MC-5-NOTICE: BR 150.1.2.2 IF Fa0/0 UP
*Oct 25 15:20:03.175: %OER_MC-5-NOTICE: BR 150.1.2.2 Active
*Oct 25 15:20:03.211: %OER_MC-5-NOTICE: BR 150.1.3.3 UP
*Oct 25 15:20:03.267: %OER_MC-5-NOTICE: BR 150.1.3.3 IF Se1/0 UP
Rack1R2(config-oer-mc)#
*Oct 25 15:20:03.311: OER MC LEARN(det): Enable type 1, state 0
Rack1R2(config-oer-mc)#
*Oct 25 15:20:03.647: %OER_MC-5-NOTICE: BR 150.1.3.3 IF Gi0/0 UP
Rack1R2(config-oer-mc)#end
Rack1R2#
Rack1R2#
*Oct 25 15:20:33.355: OER MC LEARN(det): TTC Retry timer expired
Rack1R2#
*Oct 25 15:20:33.355: %OER_MC-5-NOTICE: Prefix Learning STARTED
Rack1R2#
*Oct 25 15:21:33.551: OER MC LEARN(det): OER TTC: 150.1.5.5 reported 1 throughput learned prefixes
*Oct 25 15:21:34.143: OER MC LEARN(det): OER TTC: 150.1.3.3 reported 0 throughput learned prefixes
*Oct 25 15:21:34.195: OER MC LEARN(det): OER TTC: 150.1.2.2 reported 0 throughput learned prefixes
*Oct 25 15:21:34.195: OER MC LEARN(det): Received stats from all borders so updating DB
Rack1R2#
*Oct 25 15:21:34.195: %OER_MC-5-NOTICE: Prefix Learning WRITING DATA
Rack1R2#
Rack1R2#show oer master prefix
OER Prefix Statistics:
 Pas - Passive, Act - Active, S - Short term, L - Long term, Dly - Delay (ms),
 P - Percentage below threshold, Jit - Jitter (ms), 
 MOS - Mean Opinion Score
 Los - Packet Loss (packets-per-million), Un - Unreachable (flows-per-million),
 E - Egress, I - Ingress, Bw - Bandwidth (kbps), N - Not applicable
 U - unknown, * - uncontrolled, + - control more specific, @ - active probe all
 # - Prefix monitor mode is Special, & - Blackholed Prefix
 % - Force Next-Hop, ^ - Prefix is denied

Prefix                  State     Time Curr BR         CurrI/F         Protocol
                      PasSDly  PasLDly   PasSUn   PasLUn  PasSLos  PasLLos
                      ActSDly  ActLDly   ActSUn   ActLUn      EBw      IBw
                      ActSJit  ActPMOS  ActSLos  ActLLos
--------------------------------------------------------------------------------
150.1.1.0/24            DEFAULT*      @79 U               U               U       
Rack1R2#

Si observas mientras está en monitoreo en los BC (cualquiera de ellos) puedes observar que filtrará por protocolo:

Rack1R5#show oer border passive learn 
 OER Border Learn Configuration :
    State is enabled
    Measurement type: throughput, Duration: 1 min, Remaining: 4 sec
    Aggregation type: prefix-length, Prefix length: 24
    protocol 1
Rack1R5#
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License