Application Performance and Site Monitoring

Table 1. Feature History

Feature Name

Release Information

Description

Application Performance and Site Monitoring

Cisco IOS XE Catalyst SD-WAN Release 17.10.1a

Cisco vManage Release 20.10.1

You can monitor and optimize the application health and performance on all sites or a single site using Cisco SD-WAN Manager.

Overview of Application Performance and Site Monitoring

The Application Health window displays the following:

  • All applications running in all sites: table view and heat map view.

  • All applications running at a specific site: table view and heat map view.

  • Single application running in all sites: table view and heat map view.

  • Single application running at a specific site: aggregated line chart and per path table view.

Applications Health Metrics

The applications health is calculated as follows:

Table 2.

Health

QoE

Good

QoE >= 8

Fair

QoE 5~8 

Poor

QoE < 5

Restrictions for Application Performance and Site Monitoring

  • Performance monitoring is supported only for IPv4 traffic.

  • The following applications are not supported:

    • airplay

    • cisco-collab-control

    • cisco-ip-camera

    • cisco-jabber-control

    • cisco-phone-control

    • citrix

    • clearcase

    • conference-server

    • conferencing

    • espn-browsing

    • espn-video

    • exec

    • FTP (all)

    • google-downloads

    • icloud

    • isakmp

    • isatap-ipv6-tunneled

    • l2tp

    • modbus

    • oscar-filetransfer

    • pcoip

    • sixtofour-ipv6-tunneled

    • skinny

    • sunrpc

    • telepresence-control

    • tftp (all)

    • vnc-http

    • web-analytics

    • webex-app-sharing

    • webex-control

    • webex-media

    • windows-azure

    • yahoo-voip-over-sip

Configure Application Performance and Site Monitoring Using Cisco Catalyst SD-WAN Manager

You can enable application performance and site monitoring using Cisco SD-WAN Manager by configuring Performance Monitoring under System Profile in a configuration group. Configure the parameters in Application Performance Monitoring tab to enable monitoring. For more information see, Performance Monitoring Feature Configuration.

The application performance and site monitoring feature needs NBAR to be enabled on all LAN interfaces for application recognition.

If Application-Aware Routing (AAR) policy is configured then NBAR is automatically enabled. If AAR policy is not configured, then NBAR must be enabled on all LAN interfaces using a CLI add-on template. Use the ip nbar protocol-discovery configuration to enable NBAR on all LAN interfaces.

Configure Application Performance and Site Monitoring Using a CLI Add-on Template

You can enable application performance monitor using the CLI Add-on feature template in Cisco SD-WAN Manager. For more information see, Application Performance Monitoring.

If Application-Aware Routing (AAR) policy is configured then NBAR is automatically enabled. If AAR policy is not configured, then NBAR must be enabled on all LAN interfaces using a CLI add-on template. Use the ip nbar protocol-discovery configuration to enable NBAR on all LAN interfaces.

The following example shows the application performance monitoring configuration.


class-map match-any APP_PERF_MONITOR_APPS_0
    match protocol attribute application-group amazon-group
    match protocol attribute application-group box-group
    match protocol attribute application-group concur-group
    match protocol attribute application-group dropbox-group
    match protocol attribute application-group google-group
    match protocol attribute application-group gotomeeting-group
    match protocol attribute application-group intuit-group
    match protocol attribute application-group ms-cloud-group
    match protocol attribute application-group oracle-group
    match protocol attribute application-group salesforce-group    
    match protocol attribute application-group sugar-crm-group
    match protocol attribute application-group webex-group
    match protocol attribute application-group zendesk-group
    match protocol attribute application-group zoho-crm-group
class-map match-any APP_PERF_MONITOR_FILTERS
    match class-map APP_PERF_MONITOR_APPS_0

performance monitor context APP_PM_POLICY profile sdwan-performance
    exporter destination local-sdwan source NULL0
    traffic-monitor art-aggregated class-and APP_PERF_MONITOR_FILTERS interval-timeout 300 sampling-interval 100
    traffic-monitor media-aggregated class-and APP_PERF_MONITOR_FILTERS interval-timeout 300 sampling-interval 100

performance monitor apply APP_PM_POLICY sdwan-tunnel
performance monitor apply APP_PM_POLICY color-all-dia
performance monitor apply APP_PM_POLICY sdwan-sig

All Sites and Single Site View

All Applications All Sites View

The default setting for the applications window is the all sites view. You can view information for all sites by clicking the All Sites button on the top of the page, and clicking the radio button next to All Sites.

The all sites view displays information for all applications of all sites for the last one hour.

In the table, the Health column shows the application health. Place the cursor over the icon in the column to display Good, Fair, or Poor health status. The health of the application is measured by Quality of Experience (QoE).

Click the toggle button to switch to the application heatmap view.

In the heatmap view, the grid of colored squares displays the application health as Good, Fair, or Poor. You can hover over a square or click it to display additional details of an application at a specific time and click View details to view specific application details. Click the time interval drop-down list to change the time interval.

All Applications Single Site View

You can also view the health of all the applications on a single site. To enter single site view, click the All Sites button on the top of the page, and click the radio button next to Single Site to select the site of interest.

Single Application All Site View

For a single application on all sites, click a specific Site ID to navigate to single site monitoring. Click the application name to view further application specific details.

Single Application Single Site View

For a single application on a single site, a line graph shows the application health over a period of time. Select the time from the drop-down list to select 1, 3, 6, 12, or 24 hours. The table displays a list of paths that has processed application traffic over a time period. Select individual paths and view the individual QoE lines on the line graph. At a time five paths can be selected, and five line charts are displayed. You can also drag the top handles to focus on a particular point in time. When you change the time, the table automatically refreshes to show the health information for that time interval.

View Application Health in Table View

The Application Health window displays the following in table view:

  • All applications for all sites: A selected list of applications that are enabled using the performance monitoring feature or the CLI add-on template from all the sites.

  • All applications for a single site: A selected list of applications that are enabled using the performance monitoring feature or the CLI add-on template from a single site.

  • All the sites of a single application: All the sites of a selected application that is enabled using the performance monitoring feature or the CLI add-on template, sorted by the status in the health column.

In the table, the Health column shows the application health. Place the cursor over the icon in the column to display Good, Fair, or Poor health status. The health of the application is measured by QoE.

Click the application name to view further application specific details. For a single application on all sites, click a specific Site ID to navigate to single site monitoring.

Click the toggle button to switch to application heatmap view.

View Application Health in Heatmap View

The Application Health window displays the following in heatmap view:

  • All applications for all sites: A list of all applications health for different time selections.

  • All applications for a single site: A selected list of applications that are enabled using the performance monitoring feature or the CLI add-on template from a single site.

  • All the sites of a single application: A list of sites and health of each site at different time intervals for a single application.

In the heatmap view, the grid of colored squares displays the application health as Good, Fair, or Poor. You can hover over a square or click it to display the additional details of an application at a specific time and click View details to view specific application details. Click the time interval drop-down list to change the time interval.

Click the Toggle button to switch to the application table view.

Troubleshoot Application Performance and Site Monitoring

To check the basic network metrics that are used to calculate the application QoE, use the show performance monitor cache monitor APP_PM_POLICY-art_agg detail format record and show performance monitor cache monitor APP_PM_POLICY-media_agg detail format record commands. 


Device# show performance monitor cache monitor APP_PM_POLICY-art_agg detail format record 

 Monitor: APP_PM_POLICY-art_agg
 Data Collection Monitor:
  Cache type:                           Synchronized (Platform cache)
  Cache size:                               112500
  Current entries:                               6
  High Watermark:                                6
  Flows added:                                   6
  Flows aged:                                    0
  Synchronized timeout (secs):                 300

FLOW DIRECTION:                         Output
TIMESTAMP MONITOR START:                14:10:00.000
FLOW OBSPOINT ID:                       4294967298
INTERFACE OVERLAY SESSION ID OUTPUT:    0
IP VPN ID:                              65535
APPLICATION NAME:                       layer7 share-point
connection server resp counter:         1477
connection to server netw delay sum:    10822  < --- SND_ samples
connection to server netw delay min:    100
connection to server netw delay max:    103
connection to client netw delay sum:    3559 < --- CND_ samples
connection to client netw delay min:    20
connection to client netw delay max:    198
connection application delay sum:       936
connection application delay min:       0 
connection application delay max:       122
connection responder retrans packets:   2    <---- lost_samples 
connection to server netw jitter mean:  0
connection count new:                   108      < ---- SND/CND_total
connection server packets counter:      2018     <---- total_samples

Latency(SND  ms) = SND_ samples/ SND/CND_total
Latency(CND  ms) = CND_ samples/ SND/CND_total
Loss ratio = lost_samples /total_samples


Device# show performance monitor cache monitor APP_PM_POLICY-media_agg detail format record
 
 Monitor: APP_PM_POLICY-media_agg

 Data Collection Monitor:

  Cache type:                           Synchronized (Platform cache)
  Cache size:                                40000
  Current entries:                               4
  High Watermark:                                4

  Flows added:                                   4
  Flows aged:                                    0
  Synchronized timeout (secs):                 300

FLOW DIRECTION:                      Input
TIMESTAMP MONITOR START:             14:20:00.000
FLOW OBSPOINT ID:                    4294967310
INTERFACE OVERLAY SESSION ID INPUT:  132
IP VPN ID:                           65535
APPLICATION NAME:                    layer7 rtp-video
trns counter packets lost rate:      0.00
trns counter packets expect:         4696 < --- total_ packets
trns counter packets lost:           0        < --- lost_ packets
rtp jitter inter arrival mean:       0
rtp jitter inter arrival samples:    4666     < --- jitter_samples
rtp jitter inter arrival sum:        108324570 < --- jitter_ sum

Loss ratio = lost_ packets /total_ packets
Jitter (us) = jitter_ sum/jitter_samples

To check if the application performance is enabled, use the show performance monitor context APP_PM_POLICY configuration command. 


Device# show performance monitor context APP_PM_POLICY configuration
!===============================================================================
!               Equivalent Configuration of Context APP_PM_POLICY              !
!===============================================================================
!Exporters
!==========
!
flow exporter APP_PM_POLICY-1
description performance monitor context APP_PM_POLICY exporter
destination local sdwan
export-protocol ipfix
option application-table export-spread 0
!
!Access Lists
!=============
ip access-list extended APP_PM_POLICY-art_agg_tcp
permit tcp any any
!
ip access-list extended APP_PM_POLICY-media_agg_udp
permit udp any any
!
!Class-maps
!===========
class-map match-all APP_PM_POLICY-art_agg
match class-map APP_PERF_MONITOR_FILTERS
match access-group name APP_PM_POLICY-art_agg_tcp
!
class-map match-any APP_PM_POLICY-media_agg_app
match protocol rtp in-app-hierarchy
!
class-map match-all APP_PM_POLICY-media_agg
match class-map APP_PERF_MONITOR_FILTERS
match access-group name APP_PM_POLICY-media_agg_udp
match class-map APP_PM_POLICY-media_agg_app
!
!Samplers
!=========
sampler APP_PM_POLICY-art_agg
granularity connection
mode time-based 1 out-of 100
!
sampler APP_PM_POLICY-media_agg
granularity connection
mode time-based 1 out-of 100
!
!Records and Monitors
!=====================
!
flow record type performance-monitor APP_PM_POLICY-art_agg
description ezPM record
match flow direction
match application name
match timestamp absolute monitoring-interval start
match flow observation point
match overlay session id output
match routing vrf service
collect connection new-connections
collect connection server counter responses
collect connection delay network to-server sum
collect connection delay network to-server min
collect connection delay network to-server max
collect connection delay network to-client sum
collect connection delay network to-client min
collect connection delay network to-client max
collect connection delay application sum
collect connection delay application min
collect connection delay application max
collect connection server counter packets long
collect connection server counter packets retransmitted
collect connection jitter network to-server mean
!
!
flow monitor type performance-monitor APP_PM_POLICY-art_agg
record APP_PM_POLICY-art_agg
exporter APP_PM_POLICY-1
cache entries 2700
cache timeout synchronized 300 export-spread 150
!
!
flow record type performance-monitor APP_PM_POLICY-media_agg
description ezPM record
match flow direction
match application name
match timestamp absolute monitoring-interval start
match flow observation point
match overlay session id input
match routing vrf service
collect transport packets lost rate
collect transport rtp jitter inter-arrival mean
!
!
flow monitor type performance-monitor APP_PM_POLICY-media_agg
record APP_PM_POLICY-media_agg
exporter APP_PM_POLICY-1
cache entries 960
cache timeout synchronized 300 export-spread 150
!

!Policy-maps
!============
policy-map type performance-monitor APP_PM_POLICY-in
parameter default account-on-resolution
class APP_PM_POLICY-art_agg
  flow monitor APP_PM_POLICY-art_agg sampler APP_PM_POLICY-art_agg
class APP_PM_POLICY-media_agg
  flow monitor APP_PM_POLICY-media_agg sampler APP_PM_POLICY-media_agg
!         
policy-map type performance-monitor APP_PM_POLICY-out
parameter default account-on-resolution
class APP_PM_POLICY-art_agg
  flow monitor APP_PM_POLICY-art_agg sampler APP_PM_POLICY-art_agg
class APP_PM_POLICY-media_agg
  flow monitor APP_PM_POLICY-media_agg sampler APP_PM_POLICY-media_agg
!
policy-map type performance-monitor APP_PM_POLICY-art-in
parameter default account-on-resolution
class APP_PM_POLICY-art_agg
  flow monitor APP_PM_POLICY-art_agg sampler APP_PM_POLICY-art_agg
!
policy-map type performance-monitor APP_PM_POLICY-art-out
parameter default account-on-resolution
class APP_PM_POLICY-art_agg
  flow monitor APP_PM_POLICY-art_agg sampler APP_PM_POLICY-art_agg
!
!Interface Attachments
!======================
interface Tunnel1
service-policy type performance-monitor input APP_PM_POLICY-in
service-policy type performance-monitor output APP_PM_POLICY-out
!
interface Tunnel4
service-policy type performance-monitor input APP_PM_POLICY-in
service-policy type performance-monitor output APP_PM_POLICY-out
!
interface GigabitEthernet1
service-policy type performance-monitor input APP_PM_POLICY-art-in
service-policy type performance-monitor output APP_PM_POLICY-art-out
!
interface GigabitEthernet4
service-policy type performance-monitor input APP_PM_POLICY-art-in
service-policy type performance-monitor output APP_PM_POLICY-art-out
!
interface Tunnel1000100
service-policy type performance-monitor input APP_PM_POLICY-art-in
service-policy type performance-monitor output APP_PM_POLICY-art-out
!
interface Tunnel1000200
service-policy type performance-monitor input APP_PM_POLICY-art-in
service-policy type performance-monitor output APP_PM_POLICY-art-out
!

To check pending object issues use the show platform software object-manager fp active statistics command. 


Device#  show platform software object-manager fp active statistics 

Forwarding Manager Asynchronous Object Manager Statistics

Object update: Pending-issue: 0, Pending-acknowledgement: 0
Batch begin:   Pending-issue: 0, Pending-acknowledgement: 0
Batch end:     Pending-issue: 0, Pending-acknowledgement: 0
Command:       Pending-acknowledgement: 0
Total-objects: 1378
Stale-objects: 0
Resolve-objects: 0
Childless-delete-objects: 4
Backplane-objects: 0
Error-objects: 0
Number of bundles: 0
Paused-types: 3