Configuring Cisco IOS NAM PA for WAAS Express

The Cisco IOS NAM PA for WAAS Express feature is designed to analyze and measure network traffic. The Performance Agent (PA) enables you to baseline, monitor, and troubleshoot application performance. You can analyze and measure the network traffic by the Measurement, Aggregation, and Correlation Engine (MACE). The MACE measures the required metrics on a subset of traffic and exports the necessary metrics to a target. This feature enhances the WAAS Express feature by providing support for application monitoring. Monitoring capability for Wide-Area Application Services (WAAS) Express allows the analysis and measurement of TCP-based client-server messages to provide transaction- and session-based analytics. The Cisco IOS NAM PA for WAAS Express feature works independently of WAAS Express to provide users with application visibility This concept module provides a brief overview of mDNS service discovery for kWAAS and IP networking on mDNS for kWAAS.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Restrictions for Cisco IOS NAM PA for WAAS Express

MACE does not interoperate with Network Address Translation (NAT) on the ingress (LAN) interface if the ip nat inside command is configured on the ingress interface. However, MACE interoperates with NAT on the egress (WAN) interface if the ip nat outside command is configured on the egress interface.

Information About Cisco IOS NAM PA for WAAS Express

NetFlow Overview

NetFlow is a Cisco IOS application that provides statistics about packets that flow through a device.

NetFlow identifies packet flows for both ingress and egress IP packets. It does not involve any connection-setup protocol—either between devices or to any other networking device or end station. NetFlow does not require any external change—either to the packets themselves or to any networking device. NetFlow is completely transparent to the existing network, including end stations and application software and network devices such as LAN switches. Also, NetFlow capture and export operations are performed independently on each internetworking device; NetFlow need not be operational on each device in the network.

For more information, see the NetFlow Configuration Guide.

MACE Metrics

The Measurement, Aggregation, and Correlation Engine (MACE) provides the following metrics:

  • MACE metrics—Metrics that are extracted or calculated by the MACE engine itself, such as the number of packets and bytes.

  • ART metrics—Metrics that are extracted or calculated by the Application Response Time (ART) engine, such as network delay. These metrics are available only for TCP flows.

  • WAAS metrics—Metrics that are extracted or calculated by Wide-Area Application Services (WAAS), such as Data Redundancy Elimination (DRE) input bytes. These metrics are available only when WAAS is configured and MACE is monitoring the WAAS traffic.

MACE Configuration Plane

The Measurement, Aggregation, and Correlation Engine (MACE) can be configured either through an independent and new policy-map type or as part of the Wide-Area Application Services (WAAS) policy.

The table below lists the categories of MACE configuration.

Table 1. MACE Configuration Categories

Configuration

Description

Global set of metrics

Metrics that need to be collected.

Filters

Subset of traffic for which metrics need be collected. You can configure the MACE to monitor specific traffic. The MACE uses filters to classify traffic that has to be analyzed.

Timers

Frequency with which data needs to be exported. You can configure timer values for exporting flow metrics. After the timer expires, flow metrics are exported using NetFlow Data Export Version 9 (NDE v9). This timer has a default value of 5 minutes.

NetFlow Collector’s details

Details of the NetFlow Collector where data needs to be exported. You can configure information from the NetFlow Collector to export flow metrics. You can configure more than one exporter for the same set of metrics, in which metrics are exported to all NetFlow collectors.

The MACE collects the required metrics by using the metric template that contains a specific set of metric fields and exports them by using the Flexible NetFlow (FNF) infrastructure.

WAAS Express

The Cisco WAN optimization system consists of Wide Area Application Services (WAAS) Express devices and Wide-Area Application Engines (WAEs) that work together to optimize TCP traffic in your network. When client and server applications attempt to communicate with each other, the network intercepts the traffic and acts on behalf of the client application and the destination server. The WAAS Express devices and WAEs examine the traffic and use built-in application policies to determine whether the traffic in the network can be optimized.

WAAS Express provides the following benefits:

  • Complements the Cisco WAN optimization system by adding capability to the branch devices.

  • Provides branch office employees with LAN-like access to information and applications across a geographically distributed network.

  • Minimizes unnecessary WAN bandwidth consumption by using advanced compression algorithms.

  • Virtualizes print and other local services for branch office users.

  • Improves application performance over the WAN by addressing the following issues:
    • Low data rates (constrained bandwidth)
    • Slow delivery of frames (high network latency)
    • Higher rates of packet loss (low reliability)

For more information about WAAS Express, see the Configuring WAAS Express module.

ART Engine

The Measurement, Aggregation, and Correlation Engine (MACE) data plane forwards packets to the Application Response Time (ART) engine in the same order in which the MACE receives them. The ART engine checks every packet forwarded by the MACE.

The ART engine saves some data from each packet in its own data structures and performs the required calculations. It aggregates the flows based on the following Layer 7 (L7) information:

  • Destination address

  • Destination port

  • Layer 4 protocol

  • Segment ID

  • Source address

When the export timer expires, the ART engine provides its flows and flow metrics to the MACE Exporter.

MACE Exporter

The Measurement, Aggregation, and Correlation Engine (MACE) Exporter receives the Flexible NetFlow (FNF) templates from the MACE configuration plane and builds FNF records based on these templates. It then passes the flow templates along with each record to the NetFlow infrastructure. FNF requires these templates to understand the layout of the records so that it can export the correct fields at the time of export.

The MACE Exporter allows you to configure the export time interval. The intervals 1, 2, 5, 10, and 15, in minutes, are supported. The export timer starts when the MACE is enabled. There are two ways to enable MACE: by using the MACE policy or by using the MACE along with the WAAS policy. To synchronize the export time of multiple devices that run the MACE across the network with the collector, the export timer expires when the current time modulo configured interval is zero. For instance, if a user configures a 5 minute interval at 10:07, the first export timer will expire at 10:10 (because 10:10 modulo 5 is 0) and subsequently at a gap of every 5 minutes (10:15, 10:20, and so on).


Note

Modulo is the resulting remainder when one number is divided by another. For example, the modulo of 5 and 4 is 1 because 5 divided by 4 leaves a remainder of 1.

This export mechanism ensures that the time when the first export interval expires is independent from the time when the MACE policy was applied to the target. Any future update to the timeout interval causes the current timer to stop, and a new timer starts. The timer also stops when the policy is removed from the interface.


Note

The MACE Exporter works on a best-effort basis. Also, MACE being a monitoring tool, the export process does execute with a high priority.

When the MACE Exporter timer expires, all engines are notified to process the metrics. After this notification, a second set of calls are sent to collect the processed metrics. The MACE Exporter receives the metrics data from various sources, aggregates them into a single FNF record, and passes it to the NetFlow component. Aggregation is done on the basis of Layer 7 keys. Application ID (Network-Based Application Recognition [NBAR]) is provided as a metric only when requested through the configuration.

How to Configure Cisco IOS NAM PA for WAAS Express

Enabling MACE on an Interface

You can enable the Cisco IOS NAM PA for WAAS Express feature on both ingress and egress interfaces so that MACE can capture and monitor traffic in both directions. After enabling MACE in one direction, the same policy is internally configured in the other direction as well. Perform this task to enable MACE on an interface.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. flow record type mace name
  4. collect art all
  5. exit
  6. flow exporter exporter-name
  7. export-protocol netflow-v9
  8. destination ip-address
  9. exit
  10. flow monitor type mace name
  11. record record-name
  12. exporter exporter-name
  13. exit
  14. class-map type waas class-map-name
  15. exit
  16. policy-map type mace name
  17. class name
  18. flow monitor monitor-name
  19. exit
  20. exit
  21. interface type number [name-tag ]
  22. mace enable
  23. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3

flow record type mace name

Example:


Device(config)# flow record type mace my-flow-record

Configures a flow record for MACE and enters Flexible NetFlow flow record configuration mode.

Step 4

collect art all

Example:


Device(config-flow-record)# collect art all

Collects all Application Response Time (ART) metrics.

Step 5

exit

Example:


Device(config-flow-record)# exit

Exits Flexible NetFlow flow record configuration mode.

Step 6

flow exporter exporter-name

Example:


Device(config)# flow exporter my-flow-exporter

Creates an FNF flow exporter and enters Flexible NetFlow flow exporter configuration mode.

Step 7

export-protocol netflow-v9

Example:


Device(config-flow-exporter)# export-protocol netflow-v9

Configures NetFlow Version 9 export as the export protocol.

Step 8

destination ip-address

Example:


Device(config-flow-exporter)# destination 209.165.201.1

Configures the IP address of the workstation to which you want to send the NetFlow information.

Step 9

exit

Example:


Device(config-flow-exporter)# exit

Exits Flexible NetFlow flow exporter configuration mode.

Step 10

flow monitor type mace name

Example:


Device(config)# flow monitor type mace my-flow-monitor

Configures an FNF flow monitor of type MACE and enters Flexible NetFlow flow monitor configuration mode.

Step 11

record record-name

Example:


Device(config-flow-monitor)# record my-flow-record

Specifies the name of a user-defined flow record that was previously configured.

Step 12

exporter exporter-name

Example:


Device(config-flow-monitor)# exporter my-flow-exporter

Specifies the name of a flow exporter that was previously configured.

Step 13

exit

Example:


Device(config-flow-monitor)# exit

Exits Flexible NetFlow flow monitor configuration mode.

Step 14

class-map type waas class-map-name

Example:


Device(config)# class-map type waas my-waas-class

Configures a WAAS Express class map and enters class map configuration mode.

Step 15

exit

Example:


Device(config-cmap)# exit

Exits class-map configuration mode.

Step 16

policy-map type mace name

Example:


Device(config)# policy-map type mace mace_global

Configures a MACE policy map and enters policy-map configuration mode.

Step 17

class name

Example:


Device(config-pmap)# class my-waas-class

Configures a class name and enters policy-map class configuration mode.

Step 18

flow monitor monitor-name

Example:


Device(config-pmap-c)# flow monitor my-flow-monitor

Configures a flow monitor name.

Step 19

exit

Example:


Device(config-pmap-c)# exit

Exits policy-map class configuration mode.

Step 20

exit

Example:


Device(config-pmap)# exit

Exits policy-map configuration mode.

Step 21

interface type number [name-tag ]

Example:


Device(config)# interface ethernet0/0

Configures an interface type and enters interface configuration mode.

Step 22

mace enable

Example:


Device(config-if)# mace enable

Applies the global MACE policy on an interface.

Step 23

end

Example:


Device(config-if)# end

Exits interface configuration mode and returns to privileged EXEC mode.

Enabling MACE on WAAS

MACE is invoked immediately before and after WAAS is enabled in both ingress and egress directions. This allows for measurements to be captured with no interference from any other feature. However, in the absence of WAAS, the before-WAAS and after-WAAS traffic is identical. Perform this task to enable MACE on WAAS.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. flow record type mace name
  4. collect art all
  5. exit
  6. flow exporter exporter-name
  7. export-protocol netflow-v9
  8. destination ip-address
  9. exit
  10. flow monitor type mace name
  11. record record-name
  12. exporter exporter-name
  13. exit
  14. mace monitor waas {all | optimized } name
  15. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

flow record type mace name

Example:


Device(config)# flow record type mace my-flow-record

Configures a flow record for MACE and enters Flexible NetFlow flow record configuration mode.

Step 4

collect art all

Example:


Device(config-flow-record)# collect art all

Collects all Application Response Time (ART) metrics.

Step 5

exit

Example:


Device(config-flow-record)# exit

Exits Flexible NetFlow flow record configuration mode.

Step 6

flow exporter exporter-name

Example:


Device(config)# flow exporter my-flow-exporter

Creates a Flexible NetFlow flow exporter and enters Flexible NetFlow flow exporter configuration mode.

Step 7

export-protocol netflow-v9

Example:


Device(config-flow-exporter)# export-protocol netflow-v9

Configures NetFlow Version 9 export as the export protocol.

Step 8

destination ip-address

Example:


Device(config-flow-exporter)# destination 209.165.201.1

Configures the IP address of the workstation to which you want to send the NetFlow information.

Step 9

exit

Example:


Device(config-flow-exporter)# exit

Exits Flexible NetFlow flow exporter configuration mode.

Step 10

flow monitor type mace name

Example:


Device(config)# flow monitor type mace my-flow-monitor

Configures a Flexible NetFlow flow monitor of type MACE and enters Flexible NetFlow flow monitor configuration mode.

Step 11

record record-name

Example:


Device(config-flow-monitor)# record my-flow-record

Specifies the name of a user-defined flow record that was previously configured.

Step 12

exporter exporter-name

Example:


Device(config-flow-monitor)# exporter my-flow-exporter

Specifies the name of a flow exporter that was previously configured.

Step 13

exit

Example:


Device(config-flow-monitor)# exit

Exits Flexible NetFlow flow monitor configuration mode.

Step 14

mace monitor waas {all | optimized } name

Example:


Device(config)# mace monitor waas all my-flow-monitor

Enables MACE on WAAS for a flow monitor that was previously configured.

Step 15

end

Example:


Device(config)# end

Exits global configuration mode and returns to privileged EXEC mode.

Configuration Examples for Cisco IOS NAM PA for WAAS Express

Example: Enabling MACE on an Interface


Device> enable
Device# configure terminal
Device(config)# flow record type mace my-flow-record
Device(config-flow-record)# collect art all
Device(config-flow-record)# exit
Device(config)# flow exporter my-flow-exporter
Device(config-flow-exporter)# export-protocol netflow-v9
Device(config-flow-exporter)# destination 209.165.201.1
Device(config-flow-exporter)# exit
Device(config)# flow monitor type mace my-flow-monitor
Device(config-flow-monitor)# record my-flow-record
Device(config-flow-monitor)# exporter my-flow-exporter
Device(config-flow-monitor)# exit
Device(config)# class-map type waas my-waas-class
Device(config-cmap)# exit
Device(config)# policy-map type mace mace_global
Device(config-pmap)# class my-waas-class
Device(config-pmap-c)# flow monitor my-flow-monitor
Device(config-pmap-c)# exit
Device(config-pmap)# exit
Device(config)# interface ethernet0/0
Device(config-if)# mace enable
Device(config-if)# end

Example: Enabling MACE on WAAS


Device> enable
Device# configure terminal
Device(config)# flow record type mace my-flow-record
Device(config-flow-record)# collect art all
Device(config-flow-record)# exit
Device(config)# flow exporter my-flow-exporter
Device(config-flow-exporter)# export-protocol netflow-v9
Device(config-flow-exporter)# destination 209.165.201.1
Device(config-flow-exporter)# exit
Device(config)# flow monitor type mace my-flow-monitor
Device(config-flow-monitor)# record my-flow-record
Device(config-flow-monitor)# exporter my-flow-exporter
Device(config-flow-monitor)# exit
Device(config)# mace monitor waas all my-flow-monitor
Device(config)# end

Additional References

Related Documents

Related Topic

Document Title

Cisco IOS commands

Cisco IOS Master Command List, All Releases

Flexible NetFlow commands

Cisco IOS Flexible NetFlow Command Reference

NetFlow configuration tasks

Cisco IOS NetFow Configuration Guide

WAN configuration tasks

  • Wide-Area Networking Configuration Guide: Frame Relay

  • Wide-Area Networking Configuration Guide: Layer 2 Services

  • Wide-Area Networking Configuration Guide: SMDS and X.25 and LAPB

  • Wide-Area Networking Configuration Guide: Wide-Area Application Services

WAN commands

Cisco IOS Wide-Area Networking Command Reference

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for Cisco IOS NAM PA for WAAS Express

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 2. Feature Information for Configuring Cisco IOS NAM PA for WAAS Express

Feature Name

Releases

Feature Information

Cisco IOS NAM PA for WAAS Express

15.1(4)M

The Cisco IOS NAM PA for WAAS Express feature is designed to analyze and measure network traffic. The Performance Agent (PA) enables you to baseline, monitor, and troubleshoot application performance.

The following commands were introduced or modified: collect art, collect waas, flow monitor type mace, flow record type mace, mace enable, mace monitor waas, policy-map type mace, show flow monitor type mace, show flow record type, show mace metrics, show policy-map type mace.