tranmyphuc
16-12-2008, 11:54 PM
IP SLA monitoring an HTTP proxy
Một vấn đề được quan tâm trong việc tính giá cước là SLA (Service Level Agreement: thỏa thuận mức độ dịch vụ) mà một tham số quan trọng là tốc độ ADSL (lớp vật lý). Tuy nhiên, trong cách tính giá cước và trong bản hợp đồng cung cấp dịch vụ MegaVNN của VNPT có thể thấy không đề cập tới vấn đề này. Ðiều này tạo điều kiện cho bên cung cấp dịch vụ ADSL tự cho phép mình quyền cung cấp theo tốc độ tuỳ thích mà lại viện lý do là chất lượng đường dây không bảo đảm, không phân biệt giá cước giữa các đường truyền 8Mbps, 2Mbps, 512Kbps hay 128Kbps,... Cách tính cước này cũng không cho khách hàng thấy được việc công khai tốc độ, khách hàng sẽ phàn nàn rằng tính cước theo dung lượng thì trước kia cũng đã thực hiện cho modem 2400bps không đợi gì tới ADSL. Tính cước theo dung lượng không thể hiện được ưu điểm của ADSL. Không thể nào cung cấp MegaVNN với tốc độ chẳng có mega mà là 512Kbps hay thậm chí 128Kbps. ADSL đúng là nhanh hơn và rẻ hơn modem quay số nhưng rẻ hơn như thế nào, nhanh hơn như thế nào, cần phải cụ thể bằng định lượng với khách hàng. Không thể trong một thời gian dài cung cấp dịch vụ với giá cắt cổ cho khách hàng, sau đó hạ giá một ít tuỳ thích rồi rêu rao là giá hạ vì quyền lợi của khách hàng được.
Hi vọng bài LAB dưới đây sẽ giúp bạn có thể giám sát được chất lượng dịch vụ mà phía ISP cung cấp.
Cisco IOS includes a mechanism to monitor link attributes and ensure they stay within the parameters of a Service Level Agreement (SLA). An SLA is a contract between a service provider and its customer which outlines minimum benchmarks the service provider must maintain. In the data networking world, such benchmarks can include minimum throughput, delay, jitter, or other attributes. An IOS router can be configured with an IP SLA monitor (http://www.cisco.com/en/US/docs/ios/ipsla/configuration/guide/sla_overview_ps6441_TSD_Products_Configuration_Gui de_Chapter.html) to constantly evaluate these properties of a link or path and ensure that a service provider is fulfilling its obligation.
However, SLA monitors can also be useful within an enterprise. Consider the following topology:
http://img57.imageshack.us/img57/3324/topologyhb5.png
The 192.168.0.0/24 subnet is connected to the rest of the network by R1 and R2, and web access to the Internet is accomplished through a proxy (172.16.55.87) located elsewhere on the network. R1 and R2 do not share a common path to the proxy, and one might lose connectivity to the proxy while the other does not. The VRRP deployment facing 192.168.0.0/24 complicates this, as web access will be lost if the master router can no longer forward HTTP requests to the proxy. R1 has been configured with a VRRP priority of 110, while R2 has the default priority of 100.
Fortunately, we can configure an IP SLA monitor on R1 to check for HTTP connectivity to the web proxy. The monitor can then be referenced by the VRRP configuration to lower the router's VRRP priority when the monitor fails. First we have to configure an HTTP IP SLA monitor:
R1(config)# ip sla 1
R1(config-ip-sla)# http get http://172.16.55.87/
R1(config-ip-sla-http)# frequency 60
R1(config-ip-sla-http)# timeout 5000The above configuration creates a monitor which sends an HTTP GET request to the specified URL every 60 seconds and checks for a valid response. The timeout has been set for 5000 milliseconds, or 5 seconds. Note that this configuration only checks for HTTP connectivity to the proxy itself; however, if we wanted to be especially thorough, IOS also provides an option to check for HTTP connectivity to external sites through the proxy:
R1(config-ip-sla)# http get http://external-site/ proxy http://172.16.55.87/
name-server 172.16.44.10Next, we schedule the monitor to run. In this case, we want the monitor to run continuously beginning right now.
R1(config)# ip sla schedule 1 start-time now life foreverThe monitor will now start. After a few minutes, we can view the IP SLA statistics to verify it is successful:
R1# show ip sla statistics
Round Trip Time (RTT) for Index 1
Latest RTT: 72 milliseconds
Latest operation start time: *00:42:17.839 UTC Fri Mar 1 2002
Latest operation return code: OK
Latest DNS RTT: 0 ms
Latest TCP Connection RTT: 20 ms
Latest HTTP Transaction RTT: 52 ms
Number of successes: 3
Number of failures: 0
Operation time to live: ForeverNow that our SLA monitor is up and running, we need to create a tracked object pointing to it. Depending on the IOS version in use, an IP SLA monitor is referenced as a Response Time Reporter (RTR) with rtr (prior to 12.4(20)T), or with ip sla (12.4(20)T and later). The legacy RTR syntax is used here:
R1(config)# track 1 rtr 1 state
R1(config-track)# exitThe tracked object serves as a wrapper for the IP SLA monitor so that it can be referenced from VRRP, which is the last portion to configure:
R1(config)# interface f0/1
R1(config-if)# vrrp 1 track 1 decrement 20
R1(config-if)# ^Z
R1# show vrrp
FastEthernet0/1 - Group 1
State is Master
Virtual IP address is 192.168.0.1
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 110
Track object 1 state Up decrement 20
Master Router is 192.168.0.2 (local), priority is 110
Master Advertisement interval is 1.000 sec
Master Down interval is 3.570 secNow, if the SLA monitor fails to receive an HTTP response from the proxy, the tracked object changes state to "down," and the the VRRP process on 192.168.0.2 will decrement its priority by 20. With R2 configured with the default priority of 100, it should take over as the master VRRP router. We can disconnect R1 from the proxy to observe an IP SLA monitor failure and subsequent VRRP failover:
R1# show ip sla statistics
Round Trip Time (RTT) for Index 1
Latest RTT: 0 milliseconds
Latest operation start time: *01:00:17.839 UTC Fri Mar 1 2002
Latest operation return code: Socket receive error
Latest DNS RTT: 0 ms
Latest TCP Connection RTT: 0 ms
Latest HTTP Transaction RTT: 0 ms
Number of successes: 20
Number of failures: 1
Operation time to live: Forever
R1#
*Mar 1 01:00:25.179: %VRRP-6-STATECHANGE: Fa0/1 Grp 1 state Master -> Backup
R2# show vrrp
FastEthernet0/1 - Group 1
State is Master
Virtual IP address is 192.168.0.1
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 100
Master Router is 192.168.0.3 (local), priority is 100
Master Advertisement interval is 1.000 sec
Master Down interval is 3.609 secOf course, if the connection to the proxy is restored, and the IP SLA monitor recovers, R1 restores its VRRP priority to 110, and takes over to once again become the master router.
Chúc các bạn may mắn và vui vẻ.
Một vấn đề được quan tâm trong việc tính giá cước là SLA (Service Level Agreement: thỏa thuận mức độ dịch vụ) mà một tham số quan trọng là tốc độ ADSL (lớp vật lý). Tuy nhiên, trong cách tính giá cước và trong bản hợp đồng cung cấp dịch vụ MegaVNN của VNPT có thể thấy không đề cập tới vấn đề này. Ðiều này tạo điều kiện cho bên cung cấp dịch vụ ADSL tự cho phép mình quyền cung cấp theo tốc độ tuỳ thích mà lại viện lý do là chất lượng đường dây không bảo đảm, không phân biệt giá cước giữa các đường truyền 8Mbps, 2Mbps, 512Kbps hay 128Kbps,... Cách tính cước này cũng không cho khách hàng thấy được việc công khai tốc độ, khách hàng sẽ phàn nàn rằng tính cước theo dung lượng thì trước kia cũng đã thực hiện cho modem 2400bps không đợi gì tới ADSL. Tính cước theo dung lượng không thể hiện được ưu điểm của ADSL. Không thể nào cung cấp MegaVNN với tốc độ chẳng có mega mà là 512Kbps hay thậm chí 128Kbps. ADSL đúng là nhanh hơn và rẻ hơn modem quay số nhưng rẻ hơn như thế nào, nhanh hơn như thế nào, cần phải cụ thể bằng định lượng với khách hàng. Không thể trong một thời gian dài cung cấp dịch vụ với giá cắt cổ cho khách hàng, sau đó hạ giá một ít tuỳ thích rồi rêu rao là giá hạ vì quyền lợi của khách hàng được.
Hi vọng bài LAB dưới đây sẽ giúp bạn có thể giám sát được chất lượng dịch vụ mà phía ISP cung cấp.
Cisco IOS includes a mechanism to monitor link attributes and ensure they stay within the parameters of a Service Level Agreement (SLA). An SLA is a contract between a service provider and its customer which outlines minimum benchmarks the service provider must maintain. In the data networking world, such benchmarks can include minimum throughput, delay, jitter, or other attributes. An IOS router can be configured with an IP SLA monitor (http://www.cisco.com/en/US/docs/ios/ipsla/configuration/guide/sla_overview_ps6441_TSD_Products_Configuration_Gui de_Chapter.html) to constantly evaluate these properties of a link or path and ensure that a service provider is fulfilling its obligation.
However, SLA monitors can also be useful within an enterprise. Consider the following topology:
http://img57.imageshack.us/img57/3324/topologyhb5.png
The 192.168.0.0/24 subnet is connected to the rest of the network by R1 and R2, and web access to the Internet is accomplished through a proxy (172.16.55.87) located elsewhere on the network. R1 and R2 do not share a common path to the proxy, and one might lose connectivity to the proxy while the other does not. The VRRP deployment facing 192.168.0.0/24 complicates this, as web access will be lost if the master router can no longer forward HTTP requests to the proxy. R1 has been configured with a VRRP priority of 110, while R2 has the default priority of 100.
Fortunately, we can configure an IP SLA monitor on R1 to check for HTTP connectivity to the web proxy. The monitor can then be referenced by the VRRP configuration to lower the router's VRRP priority when the monitor fails. First we have to configure an HTTP IP SLA monitor:
R1(config)# ip sla 1
R1(config-ip-sla)# http get http://172.16.55.87/
R1(config-ip-sla-http)# frequency 60
R1(config-ip-sla-http)# timeout 5000The above configuration creates a monitor which sends an HTTP GET request to the specified URL every 60 seconds and checks for a valid response. The timeout has been set for 5000 milliseconds, or 5 seconds. Note that this configuration only checks for HTTP connectivity to the proxy itself; however, if we wanted to be especially thorough, IOS also provides an option to check for HTTP connectivity to external sites through the proxy:
R1(config-ip-sla)# http get http://external-site/ proxy http://172.16.55.87/
name-server 172.16.44.10Next, we schedule the monitor to run. In this case, we want the monitor to run continuously beginning right now.
R1(config)# ip sla schedule 1 start-time now life foreverThe monitor will now start. After a few minutes, we can view the IP SLA statistics to verify it is successful:
R1# show ip sla statistics
Round Trip Time (RTT) for Index 1
Latest RTT: 72 milliseconds
Latest operation start time: *00:42:17.839 UTC Fri Mar 1 2002
Latest operation return code: OK
Latest DNS RTT: 0 ms
Latest TCP Connection RTT: 20 ms
Latest HTTP Transaction RTT: 52 ms
Number of successes: 3
Number of failures: 0
Operation time to live: ForeverNow that our SLA monitor is up and running, we need to create a tracked object pointing to it. Depending on the IOS version in use, an IP SLA monitor is referenced as a Response Time Reporter (RTR) with rtr (prior to 12.4(20)T), or with ip sla (12.4(20)T and later). The legacy RTR syntax is used here:
R1(config)# track 1 rtr 1 state
R1(config-track)# exitThe tracked object serves as a wrapper for the IP SLA monitor so that it can be referenced from VRRP, which is the last portion to configure:
R1(config)# interface f0/1
R1(config-if)# vrrp 1 track 1 decrement 20
R1(config-if)# ^Z
R1# show vrrp
FastEthernet0/1 - Group 1
State is Master
Virtual IP address is 192.168.0.1
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 110
Track object 1 state Up decrement 20
Master Router is 192.168.0.2 (local), priority is 110
Master Advertisement interval is 1.000 sec
Master Down interval is 3.570 secNow, if the SLA monitor fails to receive an HTTP response from the proxy, the tracked object changes state to "down," and the the VRRP process on 192.168.0.2 will decrement its priority by 20. With R2 configured with the default priority of 100, it should take over as the master VRRP router. We can disconnect R1 from the proxy to observe an IP SLA monitor failure and subsequent VRRP failover:
R1# show ip sla statistics
Round Trip Time (RTT) for Index 1
Latest RTT: 0 milliseconds
Latest operation start time: *01:00:17.839 UTC Fri Mar 1 2002
Latest operation return code: Socket receive error
Latest DNS RTT: 0 ms
Latest TCP Connection RTT: 0 ms
Latest HTTP Transaction RTT: 0 ms
Number of successes: 20
Number of failures: 1
Operation time to live: Forever
R1#
*Mar 1 01:00:25.179: %VRRP-6-STATECHANGE: Fa0/1 Grp 1 state Master -> Backup
R2# show vrrp
FastEthernet0/1 - Group 1
State is Master
Virtual IP address is 192.168.0.1
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 100
Master Router is 192.168.0.3 (local), priority is 100
Master Advertisement interval is 1.000 sec
Master Down interval is 3.609 secOf course, if the connection to the proxy is restored, and the IP SLA monitor recovers, R1 restores its VRRP priority to 110, and takes over to once again become the master router.
Chúc các bạn may mắn và vui vẻ.