Академический Документы
Профессиональный Документы
Культура Документы
BRKNMS-1942
BRKNMS-1942_c1
Cisco Public
BRKNMS-1942_c1
Cisco Public
Agenda
Data Center Application Network Management (DC), a Challenge DC Application Network Management, a Solution Service Flows and Key Performance Indicators (KPIs) Some Key DC Protocol Overview Network Management, Performance Counters Explained A Service Flow CASE Study and a Tool Implementation, Deep Dive Virtualization KPIs Service Flow, and Application Network Management Layering Concept Network Element Monitoring through EMS and NE Some Application Profiling Services Summary
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
Client
GSS
Data Center 1
Data Center 2
DCCore
Si
Si
DCCore
Si
Si
Aggregation
Aggregation
Access
Access
BRKNMS-1942_c1
Cisco Public
WhichResultsin LossofRevenue
5
BRKNMS-1942_c1
Cisco Public
BRKNMS-1942_c1
Cisco Public
BRKNMS-1942_c1
Cisco Public
BRKNMS-1942_c1
Cisco Public
KPIs Together Represent the Application Service Flows in a Data CenterDNS Example
ServiceFlowSegments KeyPerformanceIndicators
DNS Answer Total Hits DNS Individual Answer Hits L2 Input/Output Unicast L3 Input/Output Unicast Load Balancer Global Input/Output VLAN Stats Load Balancer Individual Service/VIP Client Packet Stats DNS Domain Total Hits DNS Individual Answer Hits L2 Input/Output Multicast L3 Input/Output Multicast Load Balancer Global L7-L4 Performance Stats Load Balancer Individual Service/VIP Server Packet Stats
GSSStats
BRKNMS-1942_c1
Cisco Public
10
L3Switch Stats
VlanId:332 L2UnicastPackets:304853 L2UnicastOctets:28373494 L3InputUnicastPackets:34934 L3InputUnicastOctets:3524869 L3OutputUnicastPackets:490221 L3OutputUnicastOctets:38803286 L3OutputMulticastPackets:0 L3OutputMulticastOctets:0 L3InputMulticastPackets:0 L3InputMulticastOctets:0 L2MulticastPackets:407863
GSS
ServiceVlanInput/Output LB Stats LB
Policymap:L4_POLICY Status:ACTIVE Interface:vlan332 servicepolicy:L4_POLICY class:L4_CLASS nat: natdynamic1vlan2332 currconns:0,hitcount:220 droppedconns:0 clientpktcount:1032,clientbytecount:1468317 serverpktcount:360,serverbytecount:498309 maxconnlimit:0,dropcount:0 connratelimit:0,dropcount:0 bandwidthratelimit:0,dropcount:0 loadbalance: L7loadbalancepolicy:SSLID_32_POLICY VIPRouteMetric:77 VIPRouteAdvertise:ENABLEDWHENACTIVE VIPICMPReply:ENABLEDWHENACTIVE VIPState:INSERVICE currconns:0,hitcount:331 droppedconns:21 clientpktcount:1295,clientbytecount:1673649 serverpktcount:360,serverbytecount:498309 maxconnlimit:0,dropcount:0 connratelimit:0,dropcount:0 bandwidthratelimit:0,dropcount:0
Access Layer
++ + HTTPstatistics+ ++ LBparseresultmsgssent:347,TCPdatamsgssent :193 Inspectparseresultmsgs:0,SSLdatamsgssent :0 sent TCPfin/rstmsgssent:32,Bouncedfin/rstmsgssent:0 SSLfin/rstmsgssent:0,Unproxymsgssent :46 Drainmsgssent:0,Particlesread :338 Reusemsgssent:0,HTTPrequests :301 Reproxiedrequests:0,Headersremoved :0 Headersinserted:0,HTTPredirects :0 HTTPchunks:0,Pipelinedrequests :0 HTTPunproxyconns:31,Pipelineflushes :0
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
WebServer
11
BRKNMS-1942_c1
Cisco Public
12
show statistics dns answer Answer Type Total Hits 1-Min 5-Min 30-Min 4-Hr ----------------------------------------------------------------192.168.200.1 VIP 0 0 0 0 0 192.168.150.1 VIP 0 0 0 0 0 192.168.50.41 VIP 0 0 0 0 0 10.86.209.232 VIP 0 0 0 0 0
GSS-Pod1.bxb.com>#
show statistics dns domain Domain Total Hits 1-Min 5-Min 30-Min 4-Hr ---------------------------------------------------------------www.bxb.com 0 0 0 0 0 www.rtp.com 0 0 0 0 0
BRKNMS-1942_c1
Cisco Public
13
L2 Specific Stats
BRKNMS-1942_c1
Cisco Public
14
stats
cce02swdclb1017-da03-ace1s7/SLB1#
Total times rserver was unavailable : 0 +------------------------------------------+ +----------- Sticky statistics ------------+ +------------------------------------------+ Total sticky entries reused prior to expiry Total active sticky entries Total active sticky conns Total static sticky entries :0 :0 :0 :0
Policy-map : G4W05423OLATPITG_MM_2382 Status : ACTIVE ----------------------------------------Context Global Policy: service-policy: G4W05423OLATPITG_MM_2382 class: G4W05423OLATPITG_2382 loadbalance: L7 loadbalance policy: G4W05423OLATPITG_2382 VIP Route Metric : 77 VIP Route Advertise : DISABLED VIP ICMP Reply : ENABLED VIP state: OUTOFSERVICE :0 , hit count : 26 curr conns dropped conns : 15 client pkt count : 73 , client byte count: 11413 , server byte count: 10604 server pkt count : 48
+------------------------------------------+ +--------- HTTP Inspect statistics --------+ +------------------------------------------+ Total request/response : 0 Total allow decisions Total drop decisions :0 :0
15
BRKNMS-1942_c1
Cisco Public
16
OSI Layers
BRKNMS-1942_c1
Cisco Public
17
Relevant Protocols
IP Protocol Stack
BRKNMS-1942_c1
Cisco Public
18
Relevant Protocols
IP Header Fields
BRKNMS-1942_c1
Cisco Public
19
Relevant Protocols
UDP: User Datagram Protocol TCP: Transmission Control Protocol DNS: Domain Name System HTTP: Hypertext Transfer Protocol SSL: Secure Sockets Layer SIP
BRKNMS-1942_c1
Cisco Public
20
DNS
Applications, like browsers, connect to servers using server names
The operating system resolver contacts the configured DNS server to get the IP address Applications use the address provided by the resolver When multiple addresses are provided, applications can behave differently: use first IP, use random IP, use first IP, and move to the next one if unsuccessful
21
BRKNMS-1942_c1
Cisco Public
DNS
Client Local DNS Server
User Datagram Protocol, Src Port: 1302 (1302), Dst Port: domain (53) Domain Name System (query) Transaction ID: 0x002a Flags: 0x0100 (Standard query) 0... .... .... .... = Response: Message is a query .000 0... .... .... = Opcode: Standard query (0) .... ..0. .... .... = Truncated: Message is not truncated .... ...1 .... .... = Recursion desired: Do query recursively .... .... ...0 .... = Non-authenticated data is unacceptable Questions: 1 Answer RRs: 0 Authority RRs: 0 Additional RRs: 0 Queries www.cisco.com: type A, class inet Name: www.cisco.com Type: Host address Class: inet
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
22
DNS
Client Local DNS Server
User Datagram Protocol, Src Port: domain (53), Dst Port: 1302 (1302) Domain Name System (response) Transaction ID: 0x002a Flags: 0x8580 (Standard query response, No error) Questions: 1 Answer RRs: 1 Authority RRs: 2 Additional RRs: 2 Queries <--snipped--> Answers www.cisco.com: type A, class inet, addr 198.133.219.25 Name: www.cisco.com Type: Host address Class: inet Time to live: 1 day Data length: 4 Addr: 192.168.1.1 Authoritative nameservers <--snipped--> Additional records <--snipped-->
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
23
HTTP
"http:" "//" host [":"port]/[abs_path["?"query]] TCP Port TCP Port DNS Resolution DNS Resolution
Path and File Name / Path and File Name/
Scheme Scheme
BRKNMS-1942_c1
Cisco Public
24
HTTP 1.0
Client Web Server
SYN SYN_ACK ACK GET/HTTP 1.0 ACK HTTP/1.0 200 OK Continuation ACK FIN_ACK FIN_ACK ACK
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
25
HTTP: Cookies
www.cookiecentral.com
26
SIP Overview
SIP Client Server
Call Setup
INVITE 180 Ringing 200 OK ACK Call Dialog (not Part of SIP Exchange) BYE 200 OK
BRKNMS-1942_c1
Cisco Public
27
SIP Methods
Consists of requests and responses Requests (unless mentioned, each has a response)
REGISTER (UA registers with registration server) INVITE (request from a UA to initiate a call) ACK (confirms receipt of a final response to INVITE) BYE (sent by either side to end a call) CANCEL (sent to end a call not yet connected) OPTIONS (sent to query capabilities)
Messages contain SIP headers and body; body might be SDP or an attachment or some other application
28
BRKNMS-1942_c1
Cisco Public
BRKNMS-1942_c1
Cisco Public
29
30
BRKNMS-1942_c1
Cisco Public
31
BRKNMS-1942_c1
Cisco Public
32
33
BRKNMS-1942_c1
Cisco Public
34
Collection through SNMP, scripts (expect), XML (agents) Storage RRD, flat files, SQL DB Correlation through scripts, correlation systems MRTG graphs, reporting systems
Cisco Public
35
BRKNMS-1942_c1
Cisco Public
36
Network Monitoring
Data Store
XML Agent
Management System
XML Reports Offloaded Periodically XML-Based Provisioning and Stats Collection from NE XML Agent
37
NE
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
NE
XML Example
xml_cmd=<request_raw>show runningconfig</request_raw>
<response_xml> <exec_command> <command> show running-config </command> <status code="100" text="XML_CMD_SUCCESS"/> <xml_show_result>
# this procedure will execute a curl command to send the XML # command to ACE. If the command fails to execute properly, # the script will exit with and error. # If the command executes with no problem, then the output # of the XML command is returned proc issue_command { cmd } {
return $output
}
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
38
Tool Architecture
Service KPIs discussed at length earlier A set of scripts (Perl, Expect, Shell), database and WEB-based GUI collectively make up the data center service dashboard Data center performance data collection engine
Performance data was collected from an Enterprise customer The data were collected at 15 min intervals. 12 weeks worth of this data was collected. The collection was done through a tool, driven off a seed file containing the network devices and contexts to poll The data was collected through an EXPECT script running over a Linux server
Visual dashboard
A Perl CGI(DRRAW) script was used to stack together the KPI dashboards to create the service dashboard
BRKNMS-1942_c1
Cisco Public
39
Tool Architecture
Input Seed File
Client
HTTP
Linux Server
Apache DRRAW CGI
Perl Script
MSFC
Client
Create RRD DB
ACE
RRD
Pull Data Parse Data Populate Data DRRAW CGI Client View
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved.
GSS
Cisco Public
40
This combination is used to create a pseudo real-time system wide view of the data center data flow, enabling us to do capacity planning, and keep on top of SLA
BRKNMS-1942_c1
Cisco Public
41
BRKNMS-1942_c1
Cisco Public
42
gss_domain_login.portal
16.225.138.71-7-SLB1_stats
TIME_STAMP,TOTAL_CONN,CURRENT_CONN, DESTROYED_CONN,TIMEOUT_CONN, FAILED_CONN 1196992645,116398376,1424,112831941,3560072,4939 1196992843,116404942,1386,112838475,3560142,4939 1196993806,116431395,1390,112864622,3560444,4939 1196994722,116458865,1476,112891634,3560816,4939 1196995638,116483835,1532,112916244,3561120,4939
16.225.138.71-7-SLB1SMTPRELAY_MM_25SMTPRELAY_25_policy
BRKNMS-1942_c1
Cisco Public
43
Info
BRKNMS-1942_c1
Cisco Public
44
BRKNMS-1942_c1
Cisco Public
45
DS:TRKGRP_OFAIL:ABSOLUTE:900:0:100000 \
BRKNMS-1942_c1
Cisco Public
46
BRKNMS-1942_c1
Cisco Public
47
BRKNMS-1942_c1
Cisco Public
48
BRKNMS-1942_c1
Cisco Public
49
BRKNMS-1942_c1
Cisco Public
50
51
BRKNMS-1942_c1
Cisco Public
52
BRKNMS-1942_c1
Cisco Public
53
BRKNMS-1942_c1
Cisco Public
54
BRKNMS-1942_c1
Cisco Public
55
BRKNMS-1942_c1
Cisco Public
56
BRKNMS-1942_c1
Cisco Public
57
BRKNMS-1942_c1
Cisco Public
58
BRKNMS-1942_c1
Cisco Public
59
L3 Pkt Burst
BRKNMS-1942_c1
Cisco Public
60
BRKNMS-1942_c1
Cisco Public
61
BRKNMS-1942_c1
Cisco Public
62
BRKNMS-1942_c1
Cisco Public
63
BRKNMS-1942_c1
Cisco Public
64
BRKNMS-1942_c1
Cisco Public
65
Problem trends
An increase in retransmits or increase in 5xx errors is a visible indication that voice mail server or SIP trunks is having issues
BRKNMS-1942_c1
Cisco Public
66
BRKNMS-1942_c1
Cisco Public
67
BRKNMS-1942_c1
Cisco Public
68
BRKNMS-1942_c1
Cisco Public
69
BRKNMS-1942_c1
Cisco Public
70
71
A pattern is seen
We can see that most of the trunk seizers are for outgoing trunks Incoming trunk seizures are low Overflow of trunks is very low
Problem indication
Total trunk usage goes high, overflow of trunks goes high are indications of capacity issue
BRKNMS-1942_c1
Cisco Public
72
BTS polls the above three performance counters every 100 seconds
BRKNMS-1942_c1
Cisco Public
73
BRKNMS-1942_c1
Cisco Public
74
BRKNMS-1942_c1
Cisco Public
75
BRKNMS-1942_c1
Cisco Public
76
Virtualization KPIs
Continuing with our service KPI strategy we need to identify some key metrics for a virtualized environment The key metrics that we want to highlight are
CPU Memory Disk Load
We will focus on VMWare 3.5x and its powerful CLI command esxtop to collect the KPI information Other sources of collection are VIM API and vm-support
77
BRKNMS-1942_c1
Cisco Public
A MEMORY over Commitment of 1.0 Represents 100% over Commitment Increase in MEMCTL and SWAP Will Indicate Ballooning and Memory over Subscription
BRKNMS-1942_c1
Cisco Public
78
Traffic Performance Egress and Ingress Traffic Drop Egress and Ingress
BRKNMS-1942_c1
Cisco Public
79
BRKNMS-1942_c1
Cisco Public
80
81
A DC Downtime 5 9s Perspective
Availability % 90% 95% 98% 99% 99.50% 99.80% 99.90% 99.95% 99.99% 100.00% 100.00% Downtime per Year 36.5 days 18.25 days 7.30 days 3.65 days 1.83 days 17.52 hrs 8.76 hrs 4.38 hrs 52.6 min 5.26 min 31.5 sec Downtime per Month* 72 hrs 36 hrs 14.4 hrs 7.20 hrs 3.60 hrs 86.23 min 43.2 min 21.56 min 4.32 min 25,9 sec 2.59 sec Downtime per Week 16.8 hrs 8.4 hrs 3.36 hrs 1.68 hrs 50.4 min 20.16 min 10.1 min 5.04 min 1.01 min 6.05 sec 0.605 sec
82
83
BRKNMS-1942_c1
Cisco Public
84
BRKNMS-1942_c1
Cisco Public
85
BRKNMS-1942_c1
Cisco Public
86
BRKNMS-1942_c1
Cisco Public
87
BRKNMS-1942_c1
Cisco Public
88
Product Overview
Cisco Application Networking Manager (ANM) helps enable centralized provisioning, operations, and basic monitoring of Cisco data center networking equipment and services Version 2.0 of Cisco ANM focuses on providing provisioning capability for Cisco Application Control Engine (ACE) devices, including ACE modules and ACE 4710 appliances It also supports operations management and monitoring for ACE devices as well as for Cisco Content Services Switch (CSS), Cisco Content Switching Module (CSM), Cisco Content Switching Module with SSL (CSM-S) and Cisco ACE Global Site Selector (GSS)
BRKNMS-1942_c1
Cisco Public
89
Product Overview
Enables device and virtualization provisioning for up to 50 ACE devices and operations support for up to 40 CSS and CSM devices per Cisco ANM server and up to three clusters of GSS Graphical interface for simplified and standardized service provisioning for basic, advanced and expert users Device and service monitoring Secure user access and delegation of responsibilities Up to 25 users can simultaneously manage multiple devices via web browser; runs from a centralized server running LINUX
BRKNMS-1942_c1
Cisco Public
90
Complete, Single-View
Provisioning/Operations/Monitoring
Configure, Monitor, Admin Task-Defined Screens Device and Virtual Context Grouping and Selection
Intuitive Sequencing of Actions with Ability to Drill Down Levels, Sort and Filter
Cisco Public
91
BRKNMS-1942_c1
Cisco Public
92
Benefits
Eases Deployment, Management, and Support Detects How Applications and Users Use the Network and Receive Services Reveals How Applications Are Performing Isolates Problems Before They Impact Users
BRKNMS-1942_c1
Cisco Public
93
94
Monitoring Router Interfaces Is a Good Starting Place to Learn How Network Traffic Is Being Used
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
95
96
NAM Detects the Applications, the Bandwidth They Consume, and the Hosts Using Costly Network Resources
Detailed Host and Conversation Statistics
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
97
Support Troubleshooting Efforts with Trigger-Based Captures, Filters, Decodes, and a Capture Analysis Toolset
BRKNMS-1942_c1
Cisco Public
98
BRKNMS-1942_c1
Cisco Public
99
Identify all the Common Off The Shelf (COTS) software components such as Oracle, Apache, MS Exchange, etc. Scope
Number of servers < 1500 Operating systemsUNIX, Linux, and Windows ProtocolsIP only (no legacy protocols such as IPX, SNA, etc.)
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
100
101
BRKNMS-1942_c1
Cisco Public
102
11001011101100101011011010
1011001
110010111011001
Data Center
A more efficient way to instrument everything on the network A holistic approach to application visibility is required Common services around support replace the current stovepipe model
103
BRKNMS-1942_c1
Cisco Public
Discover
Monitor
Analyze
BRKNMS-1942_c1
Cisco Public
104
Service/Product Discussion
Open Forum
BRKNMS-1942_c1
Cisco Public
105
In Summary
The current study is based on the data obtained from a major customer It encompasses a very small set of devices to show proof of concept The data taken has been morphed into the dash board This has been done through a collection, correlation and reporting methodology We can clearly observe patterns
Base-line traffic can observed Also potential anomalies can be seen Current capacity can be gauged SLA requirements can be derived Audit reports (capacity, etc.) can also be generated, as traffic is already profiled Alerting mechanism can also included for certain threshold crossings as an enhancement
BRKNMS-1942_c1 2009 Cisco Systems, Inc. All rights reserved. Cisco Public
106
BRKNMS-1942_c1
Cisco Public
107
Dont forget to activate your Cisco Live Virtual account for access to all session material, communities, and on-demand and live activities throughout the year. Activate your account at the Cisco booth in the World of Solutions or visit www.ciscolive.com.
108
BRKNMS-1942_c1
Cisco Public
BRKNMS-1942_c1
Cisco Public
109