AVC Tech3
-
Upload
cisco-systems-india-pvt-ltd -
Category
Technology
-
view
346 -
download
0
description
Transcript of AVC Tech3
Cisco Confidential © 2012 Cisco and/or its affiliates. All rights reserved. 1
Application ExperienceApplication Visibility and Control
Jimmy Ray Purser PE /MSEE
TechWiseTV
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2"All Specifications Subject to Change without Notice"
Increasing BW alone will not fix DSCP marking related performance problems
Marginal increases in ROI on BW sales
No Latency improvement with BW increases
Multiple links do not solve brown-out issues
AVC provides better use of bandwidthUse high-pri QoS markings on the correct apps - only possible with NBAR2!
Higher ROI is possible - SPs can offer AVC-enabled WAAS at a premium for better user experienceExample: 90% HD Video optimization
Much faster application experience is possible - Increasing links still means the same latency. WAAS offers 70% faster Citrix
Send applications over the best-performing links dynamically - iWAN works around issues on a per-application basis - before the user even notices
Why is Bandwidth alone not the Solution?
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3"All Specifications Subject to Change without Notice"
Transitions and Trends
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4"All Specifications Subject to Change without Notice"
Software Defined Networking with onePK
New Paradigm Traditional Approach
App
CJava
IOS
Events
AppEEM (TCL)Actions
Routing
Data Plane
Policy
Interface
Monitoring
Discovery
CLI
AAA
SNMP
HTML
XML
Syslog
Span
Netflow
CDP
Routing Protocols An
yth
ing
yo
u ca
n th
ink
of
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5"All Specifications Subject to Change without Notice"
onePK API
• HTML documentation: Drill-down to desired function
• Task-centric, feature-rich API
• AVC APIs− QoS Policy Service Set
Policy, Target, Class, Filter, Action
− Monitoring Service Set (Available soon)
Records, Caches, Exporters
http://developer.cisco.com/onepk/capi/index.html
Cisco Confidential 6© 2011 Cisco and/or its affiliates. All rights reserved.
onePK: How Easy?
• Download and install SDK
• Turn on ONE-P on the router (three lines of CLI)− router(config)#onep
− router(config-onep)#transport socket
− router(config-onep)#start
• Select your desired functions using the HTML documentation
• Write a wrapper around the function using your language of choice (C, Python) - takes two minutes
• You’re done! Time to design your web interface. You can use the wrapper from within your existing web server (e.g. from PHP) or use it with any application server (e.g. WebLogic)
AVC QoS
Reports
SDK
Wrapper Code
Integration with Web Server (e.g. using PHP) or with Application Server (e.g. Java)
Server
IOS / IOS-XE
Cisco Confidential Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 7
What is AVC?
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8"All Specifications Subject to Change without Notice"
What Does AVC Comprise Of?
Granular App Detection, Performance Monitoring, Link Optimization, Rich Flow Information Fault Isolation, Troubleshooting Bandwidth Control
HTTP HTTP
HTTP
Know Your Applications Monitor Your Applications Control Your Applications
Cisco Confidential Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 9
SCE
NBAR1
ISR G2/AXASR 1000
ISR-XE
CSR FW
WirelessCatalyst
Time
Strategic Positioning: The AVC Family Tree
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10"All Specifications Subject to Change without Notice"
Types of Inspection
Port based (ACL)
Up to Layer 4 analysis
2,000 signatures embedded in ISRs and ASRs
Up to Application Level
ACL and NBAR2 Interact with application to go deeper into the end user flows
2,000 signatures embedded in ISRs and ASRs
Up to Application Level
ACL, DPI and Metadata
Embedded in ISR and ASR
Cisco Confidential Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 11
Application Visibility
Cisco Confidential Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 12
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13"All Specifications Subject to Change without Notice"
What Do We Want to Monitor?
Application Usage per client IP/subnet/site
Top Clients per application
Most visited Sites Per-URL application
response times
Per-application end-to-end latency
Application response time and Transaction time
Application processing time Top conversation per
application
Per-stream jitter and Packet Loss
RTP conversations
TrafficStatistics
URLVisibility
ApplicationResponse
Time
MediaPerformance
TCP/HTTP Based, Mainly Data ApplicationsFNF Based, Basic Statistics - Data,
Voice, VideoVoice/Video based statistics and RTP
level statistics
Cisco Confidential Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 14
Traffic Statistics• Category and sub-category attributes are supported to make visibility easier• Associate data with user-names using Cisco Identity Services Engine (ISE)• See the volume of traffic identified using:
show ip nbar protocol-discovery top-n• Unknown apps? Create your own, using payload inspection or HTTP-based (next slide)• Upgrade protocol packs without upgrading the IOS/XE image
Top applications
Top Clients/Servers per app
Cisco Prime Examples
Cisco Confidential Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 15
URL Visibility• Top URLs by hits or response time• Ability to extract key fields from HTTP, SMTP, POP3, NNTP, SIP and other protocols• Custom application using ‘regexp’ (Regular Expressions)
Custom Applications
Top URLs by Response Time
HTTP Attributes Collection
Top URL Hits
Cisco Prime Examples
Cisco Confidential Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 16
Application Response Time Statistics• Quantify user experience• Troubleshoot application performance• Track service levels for application delivery
Worst Sites by Transaction Time
ART Metrics Application Performance ReportLiveAction
Cisco Confidential Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 17
Media Performance Monitoring• Rich information with Flow Metadata• Intelligent classification method• Ideal for VoIP, WebEx, Telepresence,
Desktop Video Conferencing, HCS, Lync, Jabber
Worst Sites by Mean Opinion Score
RTP Conversations QoS View
LiveActionWorst
Sites by Jitter
Jitter View Plixer
Cisco Confidential Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 18
Application Control
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19"All Specifications Subject to Change without Notice"
QoS Example Requirements
“I want to allocate fixed, priority bandwidth for Oracle, SAP and citrix traffic in the network”
“I want to police all the Torrent and Skype traffic at the WAN edge to 5 % of link bandwidth”
“I want to shape all video and collaboration applications to 5 Mbps”
“I want to analyze (using my management station) the queue drops for all applications in the network”
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20"All Specifications Subject to Change without Notice"
Application Control
COSDSCP
IPPROTOCOL
VLAN…
ApplicationCategory
Sub-CategoryApplication-
GroupHTTPRTP…
CitrixExchange
OracleLync
YouTubeSkypeKazaa
…
Enterprise AppBrowsing
EmailGaming
IMVoice and Video
File Sharing…
URLHost
MIMEClient HeaderServer Header
FromLocationRefererServer
User-AgentBandwidth guarantee
Packet dropQueuing Policy
Logging
Policing and ShapingSet QoS (L2, L3 or
Metadata)Track or timeout sessions
Monitor flows…
InterfaceTunnels
…
Filter (Classification
)
Action
Target
Performance Routing (PfR)
QoS-markedTraffic
Classes
Business Critical
Real TimeVideo
Best Effort…
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21"All Specifications Subject to Change without Notice"
Before QoS Policy After QoS Policy
QoS Policy applied from Cisco PI has policed the torrent traffic, thereby creating more room for business critical traffic on the WAN Interface
Validate Application Performance
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22"All Specifications Subject to Change without Notice"
Example: Stop P2P Applications with AVC
22
class-map match-any p2p-app match protocol dht match protocol attribute sub-category p2p-file-transferpolicy-map control-policy class p2p-app police 8000 conform-action transmit exceed-action drop
Critical Apps Response Time improvesAfter apply control policy
Bandwidth UsageAfter apply control policy
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23"All Specifications Subject to Change without Notice"
ONE-P ACL ExampleOne-Click Policy Creation
• Create ACL− ret = onep_acl_create_l3_acl(AF_INET,
elemA, &aclC);
• Create ACE− ret = onep_acl_create_l3_ace(100, FALSE,
&ace3);
• Add ACE to the ACL− ret = onep_acl_add_ace(aclC, ace3);
• Apply ACL to the interface− ret = onep_acl_apply_to_interface(aclC,
eth0, ONEP_DIRECTION_IN);
Server
IOS / IOS-XE
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24"All Specifications Subject to Change without Notice"
Performance Routing (PfR) Enhances Classical Routing
Metrics
Adaptivity
Classical PfR
+
• Topological State• Least Cost Path• Static User Preference
• Path Cost• Interface Bandwidth• Interface State
Responds to: • Physical State Changes in
Network
• Traffic-aware (measured)• Policy controlled• Measured Performance
• Delay• Jitter• Bandwidth
Responds to:• Directly Measured
Performance changes
Path Control
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25"All Specifications Subject to Change without Notice"
What Performance Routing (PfR) DoesProtecting Critical Applications while increasing Bandwidth Utilization
ISP1 (Primary) ISP2 (Secondary)
Cloud Services and Load-Balancing Policy
• Protect business cloud applications from Internetbrownout
Loss less than 10%
• Cloud services preferredpath: ISP1
• Increase all ISP bandwidth by load-sharing otherInternet traffic
• Protect voice and video quality
Latency less than 200 ms; Jitter less than 30 ms
• Protect VDI applications from brownouts
Loss less than 5%
• Voice and video preferred path SP-A
• VDI preferred path SP-B
• Increase utilization by load sharing
Multimedia and Critical Data Policy
Cloud Services
Internet
Best-Effort Traffic
Detect loss greater than 10%
SP-A (MPLS VPN) SP-B (MPLS VPN)
Voice and Video
WANDetecthigh jitter
VDI
Best-Effort Traffic
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26"All Specifications Subject to Change without Notice"
Intelligent WAN (iWAN)
The Decision Maker: Master Controller (MC) Discover BRs, collect statistics Apply policy, verification, reporting No packet forwarding/ inspection required
The Forwarding Path: Border Router (BR) Gain network visibility in forwarding path (Learn, measure) Enforce MC’s decision (path enforcement) Does all packet forwarding
Optimize by: Reachability, Delay, Loss, Jitter, MOS, Throughput, Load, and/or $Cost
DSL Cable
BR
DataCenter
Branch
MC+BR
BR
MC
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27"All Specifications Subject to Change without Notice"
Add in WAN OptimizationSpeed and Bandwidth Benefits on top of the WAN
PrivateCloud
Accelerate Any TCP ConnectionBranchWAVE
AppNav-XE Controller
WANCSR
vWAAS
WAAS Express
Faster Applications, More Users, Less Bandwidth90% HD Video optimization and better user experienceTwice as many Citrix users over same WAN, 70% fasterToyota: ROI in less than one year, 65% BW cost savings
Easy to DeployWorks with existing branch routers (and existing AX license)
ScalableHighly scalable AppNav Controller and WAVE pool designNative HA capability
Data Center
Cisco Confidential Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 28
Making Revenue from AVC
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29"All Specifications Subject to Change without Notice"
Traffic and URL Reports
• Benefits to the End Customer− Identify how the enterprise’ users are using the network (per-site, per-user and per-application)
− Identify likely causes of performance issues
− Justify network and IT projects
− Instantly see adoption of new IT projects and cloud services
− Negotiate better deals with cloud service providers based on usage and performance
− Higher visibility for the Network Team to provide valuable information to senior management
− Opportunity to extend Network Team role
• Benefits to the SP− Reuse existing hardware to offer a new service
− Opportunity to engage with customers over CPE upgrade discussions
− Opportunity to engage with customers with WAAS
− An easy way to have the infrastructure ready for upsell to Application Control with additional revenue
− An easy way to get experience with SDN and have the capability for rapidly rolling out new services
− Provides vendor lock-in to retain the customer
− Ability for SP sales staff/account managers to have a portal and visibility over customer application usage
− Ability for SP customer support to have deeper knowledge of what the end customer is doing
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30"All Specifications Subject to Change without Notice"
Application Response Time Reports
• Benefits to the End Customer− End-to-end, deep knowledge of how the network is performing for business critical applications
− More intelligent troubleshooting for a quicker resolution
− Justify advanced projects and better negotiation with cloud SPs
• Benefits to the SP− Greater end customer satisfaction and greater stickiness/lock-in
− Opportunity to gain deep visibility into what applications the customer runs and what issues they experience
− Opportunity to address performance issues in new ways using SDN
− Identify the applications and quantify how WAAS would improve performance, for targeting WAAS sales better
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31"All Specifications Subject to Change without Notice"
Media Monitoring and HCS
• Benefits to the SP− Ability to provide high priority application-specific QoS to HCS traffic compared to Skype, Lync usage
− Ability to see if the customer network is ready for high-end desktop videoconferencing and Telepresence
− Ability for the SP Network Team to have additional information to provide to the Voice Team for fault isolation when things go wrong
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32"All Specifications Subject to Change without Notice"
Application-Specific QoS
• Benefits to the End Customer− Ability to best use their network as application usage changes
− Ability to see dramatic performance improvements instantly
− Ability to spot non-business-critical application usage and trends, and do something about it immediately
• Benefits to the SP− Opportunity for the SP to provide a value-add portal for Application-aware QoS to the customer, that is
chargeable and provides lock-in to retain the customer
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33"All Specifications Subject to Change without Notice"
Performance Routing (PfR)
• Benefits to the End Customer− Provides a cloud-ready WAN
− Offers confidence that cloud services will run reliably and quickly - more than just additional bandwidth alone would offer
− Provides a WAN that is ready for voice and video
• Benefits to the SP− Allows SP account managers to also offer DSL and 3G/4G connectivity that has more value to the
customer than just as a backup connection
− Allows the SP to offer multiple and additional forms of connectivity for remote branches where MPLS is not ideal
− Provides a lot of lock-in to retain the customer
− Opportunity to sell secure VPN to the customer
Cisco Confidential Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 34
Platforms and Performance
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35"All Specifications Subject to Change without Notice"
Cisco IOS/IOS-XE End-to-End Solutions
ASR1002
ASR1004
ASR1006
ASR1013
ASR1001
Integrated Services Router
3900
29512921
29112901
19411921
890, 880860VAE, 810
Aggregation Services Router
ASR1002-X
4451-X
BYODAVC
WAASScanSafeFlexVPNTrustSec
CloudCloud Connectors
(Cloud Storage,HCS,ScanSafe)
WAASApplication Velocity
VideoAVC
MedianetPerformance RoutingApplication Velocity
CUBE VDIAVC
WAASGET VPN
PfR
IoTIPv6
NAT 64Application Velocity
NetworkSystems
End-to-End ConnectivityRoutingSecurity
EncryptionCisco Virtual Office
Thank you.