Information About Cisco Performance Monitor
Overview of Cisco Performance Monitor
Cisco Performance Monitor enables you to monitor the flow of packets in your network and become aware of any issues that might impact the flow before it starts to significantly impact the performance of the application in question. Performance monitoring is especially important for video traffic because high quality interactive video traffic is highly sensitive to network issues. Even minor issues that may not affect other applications can have dramatic effects on video quality.
Because Cisco Performance Monitor uses similar software components and commands as Cisco NetFlow and Cisco Flexible NetFlow, familiarity with these products will help you to understand how to configure Cisco Performance Monitor. These products provide statistics on packets flowing through a router and are the standard for acquiring IP operational data from IP networks. They provide data to support network and security monitoring, network planning, traffic analysis, and IP accounting. For more information about Cisco NetFlow and Cisco Flexible NetFlow, see the documents listed in the Additional References section.
For more information about the design, configuration, and troubleshooting of Performance Monitor and other Cisco Medianet products, including a Quick Start Guide and Deployment Guide, see the Cisco Medianet Knowledge Base Portal, located at http://www.cisco.com/web/solutions/medianet/knowledgebase/index.html.
Prerequisites for Configuring Cisco Performance Monitor
The following prerequisites must be met before you can configure Cisco Performance Monitor:
IPv4 Traffic
-
The networking device must be configured for IPv4 routing.
-
One of the following must be enabled on your router and on any interfaces on which you want to enable Cisco Performance Monitor: Cisco Express Forwarding or distributed Cisco Express Forwarding.
Configuration Components of Cisco Performance Monitor
To configure Cisco Performance Monitor, configure many of the same basic elements that you normally configure for Flexible NetFlow:
-
Interface
-
Policy
-
Class
-
Flow monitor
-
Flow record
-
Flow exporter
The figure below shows how these elements are related to each other. The elements at the bottom of the figure are configured first.
As shown above, a policy includes one or more classes. Each class has a flow monitor associated with it, and each flow monitor has a flow record and an optional flow exporter associated with it. These elements are configured in the following order:
-
Configure a flow record to specify the key and non-key fields that you want to monitor. This is configured using match and collect commands. You can also optimally configure a flow exporter to specify the export destination. For Cisco Performance Monitor, you must configure a performance-monitor type flow record.
-
Configure a flow monitor that includes the flow record and flow exporter. For Cisco Performance Monitor, you must configure a performance-monitor type flow monitor.
-
Configure a class to specify the filtering criteria using the class-map command.
-
Configure a policy to include one or more classes and one or more performance-monitor type flow monitors using the policy-map command. For Cisco Performance Monitor, you must configure performance-monitor type policies.
-
Associate a performance-monitor type policy to the appropriate interface using the service-policy type performance-monitor command.
Data That You Can Monitor Using Cisco Performance Monitor
You can monitor the following information by configuring a flow record with collect or match commands for the corresponding non-key fields:
Tip |
For more information about these statistics, see the show performance monitor status command in the Cisco Media Monitoring Command Reference. |
-
IP Packet Count
-
IP TTL
-
IP TTL minimum
-
IP TTL maximum
-
Flow to Interface Mapping
-
IP Flow destination address and port, source address and port, and protocol
-
RTP Synchronization Source (SSRC)
-
IP Octets Count
-
Media Stream Packet Count
-
Media Stream Octect Count
-
Media Byte Rate
-
Media Byte Count
-
Media Packet Rate
-
Media Packet Loss Count
-
Media Packet Loss Rate
-
Packets Expected Count
-
Measured Rate
-
Media Loss Event Count
-
Round Trip Time (RTT)
-
Interarrival Jitter (RFC3550) max
-
Interarrival Jitter (RFC3550) min 2
-
Interarrival Jitter (RFC3550) mean
-
Media Rate Variation
-
Monitor Event
-
Media Error
-
Media Stop
-
IP Byte Count
-
IP Byte Rate
-
IP Source Mask
-
IP Destination Mask
-
Epoch of A Monitoring Interval
-
Packet Forwarding Status
-
Packet Drops
-
DSCP and IPv6 Traffic Class
-
TCP: Maximum Segment Size
-
TCP: Window Size Maximum
-
TCP: Window Size Maximum
-
TCP: Window Size Average
-
Out Of Order Bytes
-
Out Of Order Packets
SNMP MIB Support for Cisco Performance Monitor
Cisco Performance Monitor provides support for the use of the industry-standard Simple Network Management Protocol (SNMP) to monitor media streams. This support is implemented with the addition of the following Cisco proprietary SNMP Management Information Base (MIB) modules:
-
CISCO-FLOW-MONITOR-TC-MIB—Defines the textual conventions common to the following MIB modules.
-
CISCO-FLOW-MONITOR-MIB—Defines the framework that describes the flow monitors supported by a system, the flows that it has learned, and the flow metrics collected for those flows.
-
CISCO-RTP-METRICS-MIB—Defines objects that describe the quality metrics collected for RTP streams, similar to those described by an RTCP Receiver Report packet (RFC 3550).
-
CISCO-IP-CBR-METRICS-MIB—Defines objects that describe the quality metrics collected for IP streams that have a Constant Bit Rate (CBR).
For detailed information about these MIBs, and to locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at http://www.cisco.com/go/mibs .
This feature also includes two new command-line interface (CLI) commands and one modified CLI command. The commands are as follows:
-
snmp-server host —Enables the delivery of flow monitoring SNMP notifications to a recipient.
-
snmp-server enable traps flowmon —Enables flow monitoring SNMP notifications. By default, flow monitoring SNMP notifications are disabled.
-
snmp mib flowmon alarm history —Sets the maximum number of entries maintained by the flow monitor alarm history log.
Limitations for the Catalyst 6500 Platform
Cisco Performance Monitor has the following limitations on the Catalyst 6000 platform:
-
There are some limitations on which types of interfaces can be monitored. The next two tables list which types of interfaces are supported for ingress and egress monitoring on the Catalyst 6500 platform.
Interface Type |
Support |
---|---|
Layer 3 Routed Port |
Yes |
Layer 3 Sub-interface (a) |
No |
Layer 3 port channels |
Yes |
Layer 3 port-channel sub-interface (a) |
No |
Layer 3 SVI (b) |
Partial (see the third bullet below) |
L3 Tunnels |
No |
Layer 2 Physical (Switched) Ports |
Yes |
Layer 2 Port-channels |
Yes |
Layer 2 Vlans |
Yes |
Interface Type |
Support |
---|---|
Layer 3 Routed Port |
Yes |
Layer 3 Sub-interface (a) |
Yes |
Layer 3 port channels |
Yes |
Layer 3 port-channel sub-interface (a) |
Yes |
Layer 3 SVI (b) |
Yes |
L3 Tunnels |
No |
Layer 2 Physical (Switched) Ports |
No |
Layer 2 Port-channels |
No |
Layer 2 Vlans |
Yes |
-
Performance monitoring on VRFs is not supported.
-
Performance Monitoring of multicast flows is not supported.
-
Routed traffic from a trunk port on a VLAN interface cannot not be monitored because it is not possible to identify the source VLAN interface for the traffic. You will see the following syslog message: “Routed traffic from trunk ports will not be monitored by ingress policy on VLAN interface.”
For a workaround, you can configure a performance monitoring policy on a trunk interface. This monitoring will result in additional CPU usage.
-
You cannot use match all type Class maps. Only match any type of lookups are supported. If you configure performance monitoring to use match-all type class maps, it will result in the cloning of packet to the CPU. Packets will then again be classified in the CPU when match-all classes are properly applied and packet are dropped if required. This causes higher than expected CPU usage.
-
Performance monitoring policy on the egress of a VLAN interface will not monitor traffic getting bridged within the VLAN. This is due to hardware limitation. Workaround is to apply the policy at the ingress of VLAN interface as well as egress. Policy on the ingress of the VLAN interface will monitor bridged packets.
-
Cloned packets from Egress policies can only be software rate-limited. No hardware-based protection is available for these packets. Therefore, you might see high interrupt CPU usage during scenarios when many flows are being monitored.
-
Egress performance monitoring makes use of a recirculation mechanism on the Catalyst 6500 platform. This introduces several microseconds of additional latency to the frame switching.
-
Performance monitoring is not supported for the packets switched using the Fast (CEF) Path.
-
Lawful intercept and performance monitoring makes use of the same mechanism for cloning the packets. The Lawful Intercept feature takes precedence over performance monitoring. Therefore, performance monitoring does not function when the Lawful Intercept feature is enabled. When this occurs, a syslog message is created.
-
Performance monitoring makes use of same mechanism as other features, such as Optimized ACL logging, VACL Capture, IPv6 Copy, and so on. The feature that is enabled first takes precedence. The other features are blocked from being configured and a syslog message is created.
Limitations for IPv6 Support
Support for IPv6 with Performance Monitor has the following limitations:
-
The following topologies are supported with IPv6: Non-MPLS, DMVPN (on most platforms), and dual stack.
-
The following topologies are not supported with IPv6: MPLS/VRF (6PE and 6VPE), GETVPN and IPV6 over IPV4 tunnel.
-
Mediatrace does not support IPv6.
-
Exporting data to a IPv6 address is not supported on the ASR1K platform.
-
Flexible NetFlow does not support IPv6 multicast.
-
DMVPN is not supported with IPv6 on the ASR1K platform.