Application performance monitor

The Application Performance Monitor (APM) feature in Cisco Catalyst SD-WAN provides an express method for configuring an intent-based performance monitor with the help of predefined monitoring profiles.

Table 1. Feature history

Feature Name

Release Information

Description

Application performance monitor

Cisco IOS XE Catalyst SD-WAN Release 17.5.1a

Cisco vManage Release 20.5.1

This feature provides an express method for configuring an intent-based performance monitor with the help of predefined monitoring profiles.

Configure this feature using the CLI Add-on feature template in Cisco SD-WAN Manager.

Application performance monitor

An application performance monitor is a simplified framework that

  • enables you to configure intent-based performance monitors

  • provides real-time, end-to-end application performance visibility filtered by client segments, network segments, and server segments, and

  • collects performance metrics for specific traffic to help optimize application performance.

Key concepts in application performance monitoring

Application performance monitoring includes the following key concepts:

  • Monitoring Profile: A profile is a predefined set of traffic monitors that can be enabled or disabled for a context. As part of this feature, the sdwan-performance profile has been enhanced to include Application Response Time (ART) and media monitors to monitor traffic passing through Cisco Catalyst SD-WAN tunnel interfaces. The sdwan-performance profile has a dedicated policy to filter traffic based on your intent.

  • Context: A context represents a performance monitor policy map that is attached to an interface for ingress and egress traffic. A context contains information about a traffic monitor that has to be enabled. When a context is attached to an interface, two policy-maps are created, one each for ingress and egress traffic. Depending on the direction specified in the traffic monitor, the policy maps are attached in that direction and the traffic is monitored.

  • Traffic Monitoring Specifications: You can choose to filter performance metrics using classification and sampler.


Note

A context can be attached to multiple interfaces. Only one context can be attached to an interface. You can modify the context only when it is not attached to an interface.

Traffic monitoring specifications include the following filters:

  • Classification: Classification is a filter that defines the traffic that should be monitored for specified applications. This filter reduces the load on the device and performance collectors because they only need to monitor performance for specific applications.

  • Sampler: A sampler monitors random traffic flows, based on the sampling rate specified, rather than all the flows. Enabling the sampler reduces scaling and performance impact when the scale of traffic is large.

Application performance monitor provides the following features and benefits:

  • ART can be monitored for TCP flows. Some of the parameters that can be monitored are—server network delay, client network delay, and application delay.

  • Jitter can be monitored for Real-time Transport Protocol (RTP) audio and video traffic.

  • Information about input and output interfaces and local and remote TLOCs can be collected for every flow that matches the performance monitor.

  • Performance monitor can be configured on all WAN tunnel interfaces or specific WAN tunnel interfaces using CLI commands.

  • Global performance sampler is supported. The sampler allows you to monitor random flows based on the sampling rate configured, rather than the entire traffic, therefore, reducing performance and scaling overhead.

The following image shows the performance monitoring workflow:

Figure 1. Performance monitoring workflow
The performance monitoring workflow illustrates the application of the performance monitor on all WAN tunnel interfaces, highlighting the option to enable monitoring on specific interfaces.

In this image, performance monitor has been applied globally (on all tunnel interfaces). You also have the option to enable it on specific interfaces. Performance is monitored for traffic going out of, and coming into the WAN tunnel interfaces. Based on the exporter parameters defined in the context that is initiated from the monitoring profile, the metrics that are collected are sent to the third-party collector that is defined. You can then view details of the application or media that you are monitoring using various show commands.

Restrictions for performance monitoring implementation

Performance monitoring is only supported on IPv4 traffic. IPv6 traffic is not supported.

Once a performance monitor is applied to a device, the configuration cannot be modified and reapplied to the device. Follow these steps to make any modifications to performance monitor configuration:

  • Edit the CLI Add-on feature template or device CLI template to remove the performance monitor apply command from the template. Update the device CLI template or the device template to which the CLI Add-on feature template is attached.

  • Edit the performance monitor context in the CLI Add-on feature template, and apply the performance monitor again using the performance monitor apply command. Update the device template to which the CLI Add-on feature template is attached.

Alternatively, configure a new context based on the same monitoring profile, and remove the previous context configuration.

App visibility must be enabled in a policy to be able to set the connector initiator value appropriately.

Configure application performance monitor

Enable monitoring of traffic metrics for application response time (ART), media monitors, or both to analyze network performance and troubleshoot issues.

You can enable application performance monitor globally (on all WAN tunnel interfaces) or on specific WAN tunnel interfaces. You can also enable performance monitoring for ART, or media monitors, or both.

To configure application performance monitoring using Cisco SD-WAN Manager, create a CLI add-on feature template and attach it to the device template.

Procedure

Step 1

Enable performance monitor globally on all Cisco Catalyst SD-WAN tunnel interfaces.

This configuration enables monitoring of traffic metrics for ART and media, and applies the configuration to all SD-WAN tunnel interfaces. Here, 10.0.1.128 is the IP address of the third-party collector, GigabitEthernet9 is the source interface, and 2055 is the listening port of the third-party collector.

Example:


performance monitor context CISCO-APP-MONITOR profile sdwan-performance
 exporter destination 10.0.1.128 source GigabitEthernet9 port 2055
 traffic-monitor application-response-time
 traffic-monitor media
!
performance monitor apply CISCO-APP-MONITOR sdwan-tunnel

Step 2

Enable performance monitor on a specific tunnel interface.

This configuration enables monitoring of traffic metrics for ART and media, and applies it to a specific tunnel interface, in this case, Tunnel1. Here, 10.0.1.128 is the IP address of the third-party collector, GigabitEthernet9 is the source interface, and 2055 is the listening port of the third-party collector.

Example:


performance monitor context CISCO-APP-MONITOR profile sdwan-performance
 exporter destination 10.0.1.128 source GigabitEthernet9 port 2055
 traffic-monitor application-response-time
 traffic-monitor media
!
interface Tunnel1
 performance monitor context CISCO-APP-MONITOR

Step 3

Specify additional monitoring filters and sampling rate.

Enable specific type of traffic to be monitored. In this case, the match protocol of rtp-audio is defined in the class map named match-audio. This class is then referenced in traffic-monitor media class-and match-audio so that rtp-audio traffic is specifically monitored. Alternatively, you can use the keyword class-replace . In such a case, the customized class map replaces the default class map, which is automatically created when you enable the sdwan-performance profile.

In this example, performance monitor is applied globally, which means that it is applied on all Cisco Catalyst SD-WAN tunnel interfaces. The sampling rate of 10 indicates that one in 10 flows is monitored. Sampling rate 100 indicates that one in 100 flows is monitored.

Example:


class-map match-any match-audio
 match protocol rtp-audio 
!
performance monitor context CISCO-APP-MONITOR profile sdwan-performance
 exporter destination 10.75.212.84 source GigabitEthernet0/0/0 port 2055
 traffic-monitor application-response-time
 traffic-monitor media class-and (or class-replace) match-audio
!
performance monitor apply CISCO-APP-MONITOR sdwan-tunnel
performance monitor sampling-rate 10

Application performance monitoring is configured and enabled according to your specified configuration. Traffic metrics for ART and media are now monitored on the configured interfaces.

Performance monitoring configuration verification

Performance monitoring configuration verification provides administrators with essential commands to confirm that performance monitors are properly configured and operational. This verification process ensures that traffic monitors are enabled, interfaces are correctly configured, and exporters are functioning as expected.

View performance MONITOR configuration summary

The following sample out displays the information about traffic monitors that are enabled and the interfaces to which they are applied. 

Device# show performance monitor context CISCO-MONITOR summary                                                                   
================================================================================                                                    
|                             CISCO-MONITOR                               |                                                    
================================================================================                                                    
Description: User defined                                                                                                           
                                                                                                                                    
Based on profile: sdwan-performance                                                                                                 
                                                                                                                                    
Coarse-grain NBAR based profile                                                                                                     
                                                                                                                                    
Configured traffic monitors                                                                                                         
===========================                                                                                                         
 application-response-time:                                                                                                         
 media: class-and match_audio                                                                                                       
                                                                                                                                    
Attached to Interfaces                                                                                                              
======================                                                                                                              
 Tunnel1

The following sample out displays operational information about the third-party exporters that are attached to the specified context. 

Device# show performance monitor context CISCO-MONITOR exporter                                                                   
================================================================================                                                    
|                  Exporters information of context CISCO-MONITOR                |                                                    
================================================================================                                                    
                                                                                                                                    
Flow Exporter 175_SDWAN-1:                                                                                                          
  Description:              performance monitor context CISCO-MONITOR exporter                                                          
  Export protocol:          IPFIX (Version 10)                                                                                      
  Transport Configuration:                                                                                                          
    Destination type:       IP                                                                                                      
    Destination IP address: 10.75.212.84                                                                                            
    Source IP address:      10.74.28.19                                                                                             
    Source Interface:       GigabitEthernet0/0/0                                                                                    
    Transport Protocol:     UDP                                                                                                     
    Destination Port:       2055                                                                                                    
    Source Port:            63494                                                                                                   
    DSCP:                   0x0                                                                                                     
    TTL:                    255                                                                                                     
    Output Features:        Used                                                                                                    
  Options Configuration:                                                                                                            
    interface-table (timeout 600 seconds) (active)                                                                                  
    sampler-table (timeout 600 seconds) (active)                                                                                    
    application-table (timeout 600 seconds) (active)                                                                                
    sub-application-table (timeout 600 seconds) (active)                                                                            
    application-attributes (timeout 600 seconds) (active)                                                                           
    tunnel-tloc-table (timeout 600 seconds) (active)                                                                                
Flow Exporter 175_SDWAN-1:                                                                                                          
  Packet send statistics (last cleared 04:13:19 ago):                                                                               
    Successfully sent:         10270                 (13709142 bytes)                                                               
                                                                                                                                    
  Client send statistics:                                                                                                           
    Client: Option options interface-table                                                                                          
      Records added:           312                                                                                                  
        - sent:                312                                                                                                  
      Bytes added:             31824                                                                                                
        - sent:                31824                                                                                                

    Client: Option options sampler-table                                                                                            
      Records added:           28                                                                                                   
        - sent:                28                                                                                                   
      Bytes added:             1344                                                                                                 
        - sent:                1344                                                                                                 
                                                                                                                                    
    Client: Option options application-name                                                                                         
      Records added:           38766                                                                                                
        - sent:                38766                                                                                                
      Bytes added:             3217578                                                                                              
        - sent:                3217578                                                                                              
                                                                                                                                    
    Client: Option sub-application-table                                                                                            
      Records added:           858                                                                                                  
        - sent:                858                                                                                                  
      Bytes added:             144144                                                                                               
        - sent:                144144                                                                                               
                                                                                                                                    
    Client: Option options application-attributes                                                                                   
      Records added:           38038                                                                                                
        - sent:                38038                                                                                                
      Bytes added:             9813804                                                                                              
        - sent:                9813804                                                                                              
                                                                                                                                    
    Client: Option options tunnel-tloc-table                                                                                        
      Records added:           26                                                                                                   
        - sent:                26                                                                                                   
      Bytes added:             1352                                                                                                 
        - sent:                1352                                                                                                 
                                                                                                                                    
    Client: MMA EXPORTER GROUP MMA-EXP-1                                                                                            
      Records added:           0                                                                                                    
      Bytes added:             0                                                                                                                                                                                                                                                                                                                                  
                                                                                                                                    
    Client: Flow Monitor 175_SDWAN-art_ipv4                                                                                         
      Records added:           0                                                                                                    
      Bytes added:             0

For more information, see the show performance MONITOR context command page.

View flow record cache

The following sample output displays flow record cache for the specified MONITOR, in this case, CISCO-MONITOR-art_ipv4 .

Device# show performance monitor cache                                                                                        
 Monitor: CISCO-MONITOR                                                                                                    
                                                                                                                                    
 Data Collection Monitor:                                                                                                           
                                                                                                                                    
  Cache type:                           Synchronized (Platform cache)                                                               
  Cache size:                                 4000                                                                                  
  Current entries:                               0High Watermark:                                0
  
  Flows added:                                   0
  Flows aged:                                    0
    - Active timeout      (  1800 secs)         0
    - Inactive timeout    (    15 secs)         0
    - Event aged                                 0
    - Watermark aged                             0
    - Emergency aged                             0