[c-nsp] PfR

Saku Ytti saku at ytti.fi
Thu Mar 24 09:35:56 EDT 2016


On 24 March 2016 at 14:16, Nick Cutting <ncutting at edgetg.co.uk> wrote:

Hey,

> Apart from cisco certifications, and Cisco Live seminars where it seems PfR predominantly lives - has anyone actually used this in the real world?
>
> We are getting more clients interested in recovering from "brown outs" in the WAN, and I am wondering whether to look at specific SD WAN products, or take a look at Cisco's PfR

I've used it was still called something else. Your test of correctness
won't be perfect, the test itself will fail sometime, so design for
false-positives.

Something like this

ip route 0.0.0.0 0.0.0.0 int1 192.0.0.2.10 track N1 50
ip route 0.0.0.0 0.0.0.0 int2 192.0.0.2.20 track N1 50
ip route 0.0.0.0 0.0.0.0 int1 192.0.0.2.10 track N2 75
ip route 0.0.0.0 0.0.0.0 int2 192.0.0.2.20 track N2 75
ip route 0.0.0.0 0.0.0.0 int1 192.0.0.2.10 100
ip route 0.0.0.0 0.0.0.0 int2 192.0.0.2.20 100

Now you can be pretty liberal on what your N1 test is, could be
something like ping 8.8.8.8 or what ever is the main Internet
application for your users (facebook?). Then track N2 can be something
which is less likely to be false-positive but still guarantees that
Internet works to a degree at least, like maybe ping some anycast root
DNS.
If both N1 and N2 tests fail, you still won't stop trying using the Internet.

With this approach you don't have to worry much about PfR or its tests
being reliable.

-- 
  ++ytti


More information about the cisco-nsp mailing list