Nexus 9000思科智能流量导向器
简介
本文档介绍Nexus 9000平台上的智能流量导向器(ITD)的配置和基本故障排除
背景
Cisco Intelligent Traffic Director(ITD)如下所示
- 使用Cisco Nexus 5/6/7/9K交换机为第3层和第4层服务和应用提供基于ASIC(硬件)的流量分配。
- 它执行L3和L4流量分配,但不取代第7层负载均衡器。
- 对负载均衡服务器执行运行状况监控和自动故障处理。
- 它会自动创建ACL、路由映射策略,以执行PBR功能来重定向和负载均衡流量。
使用的组件
硬件 — C9372PX
软件 — 7.0(3)I7(2)
许可证要求
Cisco NX-OS-ITD需要网络服务许可证。
在启用“功能ITD”且我们没有所需的许可证时显示以下日志。
VDC-1 %$ iscm[31793]:!!!!!! 警告:未在系统中找到“NETWORK_SERVICES_PKG”许可证 !!!!!!。您已经尝试过
VDC-1 %$ iscm[31793]:系统支持基于荣誉的许可证。功能将启用并完全正常工作。许可证使用
VDC-1 %$ iscm[31793]:如果您错误地启用了此功能,请禁用此功能。如果您尚未购买
为使用ITD需要启用的功能
- 功能ITD
- 功能PBR
- 功能Sla发件人
- 功能SLA响应器*
拓扑
配置ITD
配置ITD服务的四个主要步骤
- 创建设备组
- 创建ITD服务
- 将设备组附加到ITD服务
- 将服务附加到入口接口
N9K_ITD
version 7.0(3)I7(2)
feature itd
itd device-group Test
probe icmp
node ip 192.168.1.1
node ip 192.168.1.2
itd Telnet
device-group Test ( Call the device group )
virtual ip 192.168.2.2 255.255.255.255 tcp 23 ( Optional )
ingress interface Vlan20 ( Assign ingress interface )
no shut
interface Vlan20
no shutdown
ip address 192.168.2.2/24
ip policy route-map Telnet_itd_pool ( This line gets automatically added when we “no shut” the ITD service )
注意:将此信息应用于L2接口会产生以下错误。创建L3接口或SVI。
N9K_ITD(config-itd)# ingress interface ethernet 1/3
ERROR: Interface:Ethernet1/3 is not a layer-3 interface
请注意,以下配置会自动添加,这些是通过PBR为每个定义为LB的节点创建的时段。
Show run | section ITD
feature itd
ip access-list Telnet_itd_vip_1_bucket_1
10 permit tcp 1.1.1.0 255.255.255.127 192.168.2.4/32 eq telnet
ip access-list Telnet_itd_vip_1_bucket_2
10 permit tcp 1.1.1.128 255.255.255.127 192.168.2.4/32 eq telnet
route-map Telnet_itd_pool permit 10
description auto generated route-map for ITD service Telnet
match ip address Telnet_itd_vip_1_bucket_1
set ip next-hop verify-availability 192.168.1.1 track 2
route-map Telnet_itd_pool permit 11
description auto generated route-map for ITD service Telnet
match ip address Telnet_itd_vip_1_bucket_2
set ip next-hop verify-availability 192.168.1.2 track 3
ip policy route-map Telnet_itd_pool
switch(config)# show route-map Telnet_itd_pool
route-map Telnet_itd_pool, permit, sequence 10
Description: auto generated route-map for ITD service Telnet
Match clauses:
ip address (access-lists): Telnet_itd_bucket_1
Set clauses:
ip next-hop verify-availability 192.168.1.1 track 2 [ UP ]
route-map Telnet_itd_pool, permit, sequence 11
Description: auto generated route-map for ITD service Telnet
Match clauses:
ip address (access-lists): Telnet_itd_bucket_2
Set clauses:
ip next-hop verify-availability 192.168.1.2 track 3 [ UP ]
验证ITD
N9K_ITD(config)# show itd Telnet statistics
Service Device Group VIP/mask
#Packets
-------------------------------------------------------------------------------------
Telnet Test 192.168.2.2 /
255.255.255.255 0 (0%)
Traffic Bucket Assigned to
Mode Original Node #Packets
--------------- --------------
Telnet_itd_vip_1_bucket_1 192.168.1.1
Bypass 192.168.1.1 0 (0%) <<<<<<<<<<
Traffic Bucket Assigned to
Mode Original Node #Packets
--------------- --------------
Telnet_itd_vip_1_bucket_2 192.168.1.2
Bypass 192.168.1.2 0 (0%) <<<<<<<<<<
switch(config)# show itd Telnet brief
Legend:
C-S(Config-State): A-Active,S-Standby,F-Failed
ST(Status): ST-Standby,LF-Link Failed,PF-Probe Failed,PD-Peer Down,IA-Inactive
Name LB Scheme Interface Status Buckets
-------------- ---------- ---------- -------- --------
Telnet src-ip Vlan20 ACTIVE 2 <<<<<<
Exclude ACL
-------------------------------
Device Group Probe Port
-------------------------------------------------- ----- ------
Test ICMP
Virtual IP Netmask/Prefix Protocol Port
------------------------------------------------------ ------------ ----------
192.168.2.2 / 255.255.255.255 TCP 23
Node IP C-S WGT Probe Port Probe-IP STS
------------------- -- --- ---- ----- --------------- --
1 192.168.1.1 A 1 ICMP OK<<<<
2 192.168.1.2 A 1 ICMP OK<<<<
Telnet至Vlan 20负载均衡器VIP(SVI)
Laptop - telnet 192.168.2.2
Trying 192.168.2.2...
Connected to 192.168.2.2.
由VIP接收的数据包(31个数据包)转发到节点(192.168.1.1)的31个数据包。
N9K_ITD(config)# show it Telnet statistics
Service Device Group VIP/mask
#Packets
--------------------------------------------------------------------------------
Telnet Test 192.168.2.2 /
255.255.255.255 31 (100.00%)
Traffic Bucket Assigned to
Mode Original Node #Packets
--------------- --------------
Telnet_itd_vip_1_bucket_1 192.168.1.1
Redirect 192.168.1.1 31 (100.00%)
Traffic Bucket Assigned to
Mode Original Node #Packets
--------------- --------------
Telnet_itd_vip_1_bucket_2 192.168.1.2
Redirect 192.168.1.2 0 (0.00%)
已知缺陷:
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc73162/?reffering_site=dumpcr
反馈