[c-nsp] IP SLA

Discussion:

[c-nsp] IP SLA

Andrew Miehs

2011-10-19 16:01:52 UTC

Hi all,

I have been looking at IP SLA and was wondering whether there are any appliances around which emulate Ciscos IP SLA so that you can use it as a responder, or even better, the transmitter end?

If not, does anyone have any alternative device/ software recommendations?

Thanks

Andrew

_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Peter Rathlev

2011-10-19 21:59:42 UTC

Permalink

Post by Andrew Miehs
I have been looking at IP SLA and was wondering whether there are any
appliances around which emulate Ciscos IP SLA so that you can use it
as a responder, or even better, the transmitter end?

There's this company "Cisco" that produces some nice appliances that are
useful as IP SLA responders. :-) We use some 2801's for this; you need
the Enterprise Base license for IP SLA functionality though. :-|

Post by Andrew Miehs
If not, does anyone have any alternative device/ software
recommendations?

Here's a very basic example of "roll your own":

http://ampere.rathlev.dk/rtr-responder.c

It doesn't handle control packets (of course), it just sets the
responder timestamp and returns the packet as is. And the port is
hard-coded.

Since IP SLA is often used to measure "special" classes one should take
care that the device actually respects/uses the correct TOS values. The
example does not take anything like this into consideration.

--
Peter

_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Tony Tauber

2011-10-20 03:03:45 UTC

Permalink

At a previous employer, we used Brix Networks which was acquired by EXFO and
is presented here:

http://www.exfo.com/en/Products/ProductList.aspx?Id=261

That was many years ago and I didn't work with it directly, but that is the
intended use of the product.

Tony

Post by Andrew Miehs
Hi all,
I have been looking at IP SLA and was wondering whether there are any
appliances around which emulate Ciscos IP SLA so that you can use it as a
responder, or even better, the transmitter end?
If not, does anyone have any alternative device/ software recommendations?
Thanks
Andrew
_______________________________________________
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Dave Kruger

2011-10-25 12:19:16 UTC

Permalink

FYI - Last I checked Brix system can provision (via snmp) ipsla tests to ipsla enabled Cisco routers, but can not emulate it on their own hardware verifiers

Dave

Post by Tony Tauber
At a previous employer, we used Brix Networks which was acquired by EXFO and
http://www.exfo.com/en/Products/ProductList.aspx?Id=261
That was many years ago and I didn't work with it directly, but that is the
intended use of the product.
Tony

_______________________________________________
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Saku Ytti

2012-11-12 08:09:46 UTC

Permalink

Post by Andrew Miehs
I have been looking at IP SLA and was wondering whether there are any appliances around which emulate Ciscos IP SLA so that you can use it as a responder, or even better, the transmitter end?

Have you found any? I'd be very interested in commercial solution also.
Preferably one which does hardware timestamping.
IP SLA is proprietary protocol, so technically if you want to do commercial
solution, you'd need to buy permission for it from Cisco. And I know many
people buying dedicated Cisco CPE for IP SLA responders, so it might be
that companies have tried to build IP SLA responders but Cisco has said no.

In the mean time, co-worker just released[0] alpha version of Cisco IP
SLA/Juniper RPM responder for Linux.
It supports IP SLA Control packets and few tests, IP SLA UDP Jitter
millisecond, IP SLA UDP Jitter microsecond, RPM ICMP Ping Timestamp and RPM
UDP Ping Timestamp, but it wouldn't be exactly complicated to add support
for further tests.

It has some novel features, which makes it 0-touch. So if you need
responder for L3 MPLS VPNs, you will never touch the responder. You just
add VLAN+VRF+IP to neighbouring PE box. The responder code is MAC, VLAN and
IP address agnostic and handles them statelessly.

Accuracy to SRX or ISR responder is 1-2 magnitudes better, in terms of
jitter, so you should see your tests 50% better as you can mostly exclude
any inaccuracies incurred by responder.

Only way to make it more convenient would be to add support for BGP VPN RR
peering, and look for some magic RT in routes, if found, advertise your
prefix and copy label to use for egress. Then provisioning of test would be
'route-target both ASN:magic' in VRF definition.

[0] https://github.com/cmouse/ip-sla-responder

--
++ytti
_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Andrew Miehs

2012-11-18 23:33:32 UTC

Permalink

Post by Andrew Miehs

Post by Andrew Miehs
I have been looking at IP SLA and was wondering whether there are any

appliances around which emulate Ciscos IP SLA so that you can use it as a
responder, or even better, the transmitter end?
Have you found any? I'd be very interested in commercial solution also.
Preferably one which does hardware timestamping.

Unfortunately this project got stopped before it even got started. If we
had been allowed to implement it, I would have just rolled out the cheapest
Cisco routers that supported IP SLA. This way we would not have had
compatibility issues with 3rd party software - including provisioning.

Regards

Andrew
_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Christophe Fillot

2012-11-19 08:48:21 UTC

Permalink

Post by Saku Ytti

Post by Andrew Miehs
I have been looking at IP SLA and was wondering whether there are any appliances around which emulate Ciscos IP SLA so that you can use it as a responder, or even better, the transmitter end?

Have you found any? I'd be very interested in commercial solution also.
Preferably one which does hardware timestamping.

I've written a small responder that handles TCP connect, UDP echo and
UDP jitter operations (for IPv4/IPv6),
but unfortunately I don't know if I can publish it for the reasons you
gave below.
The protocol is easy to decode anyway.

Post by Saku Ytti
IP SLA is proprietary protocol, so technically if you want to do commercial
solution, you'd need to buy permission for it from Cisco. And I know many
people buying dedicated Cisco CPE for IP SLA responders, so it might be
that companies have tried to build IP SLA responders but Cisco has said no.

Saku Ytti

2012-11-19 09:33:22 UTC

Permalink

Post by Christophe Fillot
I've written a small responder that handles TCP connect, UDP echo
and UDP jitter operations (for IPv4/IPv6),
but unfortunately I don't know if I can publish it for the reasons
you gave below.
The protocol is easy to decode anyway.

http://tools.ietf.org/html/draft-cisco-sla-protocol-04
http://www.juniper.net/us/en/local/pdf/app-notes/3500145-en.pdf

I wonder if those implicitly mean that you are allowed to build responder
or not. The Cisco draft is not really what we're seeing in real-life
(real-life identifies itself as version 1, draft is for version 2).

How does your responder compare to the one I gave link for? Does it support
microsecond precision for UDP jitter?

Christophe Fillot

2012-11-19 10:08:37 UTC

Permalink

Post by Saku Ytti
http://tools.ietf.org/html/draft-cisco-sla-protocol-04
http://www.juniper.net/us/en/local/pdf/app-notes/3500145-en.pdf
I wonder if those implicitly mean that you are allowed to build responder
or not. The Cisco draft is not really what we're seeing in real-life
(real-life identifies itself as version 1, draft is for version 2).

Indeed the packet format is very different...

Post by Saku Ytti
How does your responder compare to the one I gave link for? Does it support
microsecond precision for UDP jitter?

Tbh I didn't know there was a "precision microsecond" command. From what
I can
see in your co-worker's code, this is handled by a different message
type (with code 0x03)
whereas the probe with millisecond resolution has code 0x02. Adding
support for it
shouldn't be very complicated.
About the packet handling, since I only support TCP/UDP probes, I use
the classic socket
API.

Christophe

_______________________________________________
cisco-nsp mailing list cisco-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Saku Ytti

2012-11-19 10:25:57 UTC

Permalink

Post by Christophe Fillot
About the packet handling, since I only support TCP/UDP probes, I
use the classic socket
API.

It is not using AF_PACKET to support some strange probes, it only supports
UDP jitter for Cisco.
It is using AF_PACKET so it can see full header MAC, VLAN, IP, so it can
respond to any IP, any VLAN, without needing explicit configuration in
responder end.

It can be huge OPEX save, when no one needs to be taught how to add VLAN to
linux. When you want to add new IP SLA/RPM for L3 MPLS VPN, you just
configure the PE and leave responder alone. You don't even have to know if
the polling client is Cisco or Juniper.