The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The Configuring Cisco IOS NAM PA for WAAS Express feature is designed to analyze and measure network traffic. The Performance Agent (PA) enables baselining, monitoring, and troubleshooting of application performance. The analysis and measurement of network traffic is done by the Measurement, Aggregation, and Correlation Engine (MACE). MACE performs the required measurements on a subset of traffic and exports the necessary metrics to a target.
This feature also enhances the WAAS Express by providing application monitoring. Monitoring capability in the context of WAAS Express translates into the analysis and measurement of the TCP-based client/server messages to provide transaction- and session-based analytics. The Cisco IOS NAM PA for WAAS Express feature works independently of WAAS Express to provide users with application visibility.
You can configure this feature manually using the CLI.
Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for Configuring Cisco IOS NAM PA for WAAS Express" section.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
•Information About Configuring Cisco IOS NAM PA for WAAS Express
•How to Configure Cisco IOS NAM PA for WAAS Express
•Configuration Examples for Cisco IOS NAM PA for WAAS Express
•Feature Information for Configuring Cisco IOS NAM PA for WAAS Express
NetFlow is a Cisco IOS application that provides statistics on packets that flow through the router. It is emerging as a primary network accounting and security technology.
NetFlow identifies packet flows for both ingress and egress IP packets. It does not involve any connection-setup protocol, either between routers or to any other networking device or end station. NetFlow does not require any external change —either to the packets themselves or to any networking device. NetFlow is completely transparent to the existing network, including end stations and application software and network devices like LAN switches. Also, NetFlow capture and export are performed independently on each internetworking device; NetFlow need not be operational on each router in the network.
For more information, see Cisco IOS Netflow Configuration Guide.
MACE provides the following metrics:
•MACE metrics—Metrics that are extracted or calculated by the MACE engine itself, for example, the number of packets and bytes.
•ART metrics—Metrics that are extracted or calculated by the Application Response Time (ART) engine, for example, network delay. These metrics are available only for TCP flows.
•WAAS metrics—Metrics that are extracted or calculated by WAAS. For example, Data Redundancy Elimination (DRE) input bytes. These metrics are available only when WAAS is configured and MACE is monitoring the WAAS traffic.
MACE can be configured either through an independent and new policy-map type or as part of the WAAS policy.
Table 1 provides the categories of MACE configuration.
MACE collects the required metrics using the metric template that contains a specific set of metric fields and exports them using Flexible NetFlow (FNF) infrastructure.
The Cisco WAN optimization system consists of Wide Area Application Services (WAAS) Express routers and Wide-area Application Engines (WAEs) that work together to optimize TCP traffic in your network. When the client and server applications attempt to communicate with each other, the network intercepts the traffic and acts on behalf of the client application and the destination server. The WAAS Express routers and WAEs examine the traffic and use built-in application policies to determine whether the traffic in the network can be optimized.
WAAS Express provides the following benefits:
•Complements the Cisco WAN optimization system by adding capability to the branch routers.
•Provides branch office employees with LAN-like access to information and applications across a geographically distributed network.
•Minimizes unnecessary WAN bandwidth consumption through the use of advanced compression algorithms.
•Virtualizes print and other local services to branch office users.
•Improves application performance over the WAN by addressing the following issues:
–Low data rates (constrained bandwidth).
–Slow delivery of frames (high network latency).
–Higher rates of packet loss (low reliability).
For more information on WAAS Express, see the Configuring WAAS Express module.
The MACE data plane forwards packets to the ART engine in the order in which it receives them. The ART engine checks every packet forwarded by MACE.
The ART engine saves some data from each packet in its own data structures and performs any necessary calculations based on its internal logic. It aggregates the flows based on the following Layer 7 (L7) information:
•Destination address
•Destination port
•L4 protocol
•Segment ID
•Source address
When the export timer expires, ART provides its flows and flow metrics to the MACE Exporter.
MACE Exporter receives the FNF templates from the MACE configuration plane and builds FNF records based on these templates. It then passes the flow templates along with each record to the NetFlow infrastructure. FNF requires the templates in order to understand the layout of the record, so that it can export the correct fields at the time of export.
MACE Exporter allows you to configure the time interval for export. The intervals 1, 2, 5, 10, and 15, in minutes, are supported. The export timer starts when MACE is enabled. There are two ways to enable MACE: by using the MACE policy or by using MACE along with the WAAS policy. In order to synchronize the export time of multiple routers running MACE across the network with the collector, the export timer expires when the current time modulo configured interval is zero. For instance, if the user configures a 5 minute interval at 10:07, the first export timer will expire at 10:10 (since 10:10 modulo 5 is 0) and subsequently at a gap of every 5 minutes (10:15, 10:20, and so on).
Note Modulo is the resulting reminder when one number is divided by another. For example, the modulo of 5 and 4 is 1 because 5 divided by 4 leaves a remainder of 1.
This export mechanism ensures that the time when the first export interval expires is independent from the time when the MACE policy was applied to the target. Any future update to the timeout interval causes the current timer to stop, and a new timer is started. The timer also stops when the policy is removed from the interface.
Note MACE Exporter works on a best-effort basis. Also, MACE being a monitoring tool, the export process does execute with a high priority.
When the MACE Exporter timer expires, all engines are notified to process the metrics. After this notification, a second set of calls are sent to collect the processed metrics. The MACE Exporter receives the metrics data from various sources, aggregates them into a single FNF record, and passes it to the NetFlow component. Aggregation is done on the basis of Layer 7 keys. Application ID (Network-Based Application Recognition [NBAR])) is provided as a metric only when requested through the configuration.
•Enabling MACE (required)
•Enabling MACE on WAAS (required)
You can enable the Cisco IOS NAM PA for WAAS Express feature on both ingress and egress interfaces so that MACE can capture and monitor traffic in both directions. After enabling MACE in one direction, the same policy is internally configured in the other direction as well. Perform the following task to enable MACE.
1. enable
2. configure terminal
3. flow record type mace name
4. collect art all
5. exit
6. flow exporter exporter-name
7. export-protocol netflow-v9
8. destination ip-address
9. exit
10. flow monitor type mace name
11. record record-name
12. exporter exporter-name
13. exit
14. class-map type waas class-map-name
15. exit
16. policy-map type mace name
17. class name
18. flow monitor monitor-name
19. exit
20. exit
21. interface type number [name-tag]
22. mace enable
23. end
MACE is invoked immediately before and after WAAS is enabled in both ingress and egress directions. This allows for measurements to be captured with no interference from any other feature. However, in the absence of WAAS, the before-WAAS and after-WAAS traffic is identical. Perform the following task to enable MACE on WAAS.
1. enable
2. configure terminal
3. flow record type mace name
4. collect art all
5. exit
6. flow exporter exporter-name
7. export-protocol netflow-v9
8. destination ip-address
9. exit
10. flow monitor type mace name
11. record record-name
12. exporter exporter-name
13. exit
14. mace monitor waas {all | optimized} name
15. end
•Example: Enabling MACE on WAAS
The following example shows how to enable MACE on an interface:
Router> enable
Router# configure terminal
Router(config)# flow record type mace my-flow-record
Router(config-flow-record)# collect art all
Router(config-flow-record)# exit
Router(config)# flow exporter my-flow-exporter
Router(config-flow-exporter)# export-protocol netflow-v9
Router(config-flow-exporter)# destination 209.165.201.1
Router(config-flow-exporter)# exit
Router(config)# flow monitor type mace my-flow-monitor
Router(config-flow-monitor)# record my-flow-record
Router(config-flow-monitor)# exporter my-flow-exporter
Router(config-flow-monitor)# exit
Router(config)# class-map type waas my-waas-class
Router(config-cmap)# exit
Router(config)# policy-map type mace mace_global
Router(config-pmap)# class my-waas-class
Router(config-pmap-c)# flow monitor my-flow-monitor
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface ethernet0/0
Router(config-if)# mace enable
Router(config-if)# end
The following example shows how to enable MACE on WAAS:
Router> enable
Router# configure terminal
Router(config)# flow record type mace my-flow-record
Router(config-flow-record)# collect art all
Router(config-flow-record)# exit
Router(config)# flow exporter my-flow-exporter
Router(config-flow-exporter)# export-protocol netflow-v9
Router(config-flow-exporter)# destination 209.165.201.1
Router(config-flow-exporter)# exit
Router(config)# flow monitor type mace my-flow-monitor
Router(config-flow-monitor)# record my-flow-record
Router(config-flow-monitor)# exporter my-flow-exporter
Router(config-flow-monitor)# exit
Router(config)# mace monitor waas all my-flow-monitor
Router(config)# end
|
|
---|---|
No new or modified standards are supported by this feature, and support for existing standards has not been modified for this feature. |
— |
|
|
---|---|
None |
To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL: |
|
|
---|---|
None |
— |
Table 2 lists the release history for this feature.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note Table 2 lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.