[c-nsp] monitor primary and secondary IP address traffic separately over SNMP
Martin T
m4rtntns at gmail.com
Tue Mar 7 10:53:30 EST 2017
Gert, Andy,
thanks for suggestions! Looks like the CBQoS solution works fine. I
built a following test-setup: http://imgur.com/a/YCLSG "CPE1" is this
ISR router which has two /31 networks on a single sub-interface. "sh
arp Fa0/0.123" in "CPE1" illustrates the situation very well where
192.168.1.43 belongs to "PE2" router and 10.10.10.59 belongs to "PE1":
CPE1#sh arp Fa0/0.123
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.1.42 - ca04.2006.0000 ARPA FastEthernet0/0.123
Internet 10.10.10.58 - ca04.2006.0000 ARPA FastEthernet0/0.123
Internet 192.168.1.43 58 ca05.201f.0000 ARPA FastEthernet0/0.123
Internet 10.10.10.59 58 ca02.1fb5.0000 ARPA FastEthernet0/0.123
CPE1#
I made following two class-maps:
CPE1#sh run | sec class-map
class-map match-all 172.16.10_traffic
match source-address mac CA02.1FB5.0000
class-map match-all 172.16.20_traffic
match source-address mac CA05.201F.0000
CPE1#
..and used those in "distinguish-networks" policy-map:
CPE1#sh run | sec policy-map
policy-map distinguish-networks
class 172.16.10_traffic
class 172.16.20_traffic
CPE1#
..which I applied in ingress direction to Fa0/0.123 in "CPE1" router.
Now when I ask byte counters from "NMS", then it displays correct
results:
$ snmpwalk -v 2c -c public 10.77.77.1 1.3.6.1.4.1.9.9.166.1.15.1.1.6
CISCO-SMI::ciscoMgmt.166.1.15.1.1.6.96.12400353 = Counter64: 3678
CISCO-SMI::ciscoMgmt.166.1.15.1.1.6.96.12465889 = Counter64: 4268
CISCO-SMI::ciscoMgmt.166.1.15.1.1.6.96.15279089 = Counter64: 252
$
Comparison with CLI output can be seen below:
CPE1#show policy-map interface
FastEthernet0/0.123
Service-policy input: distinguish-networks
Class-map: 172.16.10_traffic (match-all)
33 packets, 3678 bytes
5 minute offered rate 0000 bps
Match: source-address mac CA02.1FB5.0000
Class-map: 172.16.20_traffic (match-all)
38 packets, 4268 bytes
5 minute offered rate 0000 bps
Match: source-address mac CA05.201F.0000
Class-map: class-default (match-any)
6 packets, 252 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
CPE1#
While I have done very little testing, then essentially this seems to
work. However, this counts only ingress traffic. In addition, I wonder
does such configuration have any noticeable affect on router CPU?
Model is Cisco 2921 and traffic is ~100Mbps.
thanks,
Martin
On Tue, Mar 7, 2017 at 4:01 AM, Andy Ellsworth <andy at dar.net> wrote:
> You could try CBQoS, using ACLs to put each set of interesting traffic into
> its own class. You could then monitor the traffic hitting each class with
> CISCO-CLASS-BASED-QOS-MIB, like here:
>
> http://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-protocol-snmp/119031-technote-router-00.html
>
> Getting whatever you use for NMS to extract the CBQoS counters using
> CISCO-CLASS-BASED-QOS-MIB is, of course, an exercise for the reader. :-)
>
>
> On Mon, Mar 6, 2017 at 9:42 AM, Martin T <m4rtntns at gmail.com> wrote:
>>
>> Hi,
>>
>> I have a Cisco ISR G2 router with following sub-interface configuration:
>>
>> !
>> interface GigabitEthernet0/0.123
>> encapsulation dot1Q 123
>> ip address 10.10.10.58 255.255.255.254 secondary
>> ip address 192.168.1.42 255.255.255.254
>> end
>>
>> 10.10.10.58/31 is connection to ISP-1 and 192.168.1.42/31 is
>> connection to ISP-2. I need to count the bandwidth over SNMP for both
>> connections separately. My first thought was to configure an ACL for
>> traffic accounting purposes, but looks like ISR routers are not able
>> to return ACL statistics over SNMP.
>>
>> Is it possible to monitor primary and secondary IP address traffic
>> separately over SNMP?
>>
>>
>> thanks,
>> Martin
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
More information about the cisco-nsp
mailing list