Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1591
Views
4
Helpful
16
Replies

SD-WAN AAR Strict option

Go to solution
MichielVercoutter
Level 1
Level 1

‎05-19-2024 01:57 AM - edited ‎05-19-2024 02:30 AM

Hi,

 

I have a question about how the AAR SLA Class strict option works (vManage version 20.9, IOS-XE cEdges).

 

Imagine a router with 2 colors: mpls and public-internet

By using an SLA class, you want to force FTP traffic over the public-internet color.

When the SLA class fails for the public-internet color, the FTP traffic should be dropped. It should never use the mpls color, even if this one meets the SLA while the public-internet color does not.

For this requirement, is it sufficient to have an AAR policy that matches FTP traffic, and sets action preferred color public-internet + strict option? Or will this cause it to fall back to mpls if this color matches the SLA while public-internet doesn't?

 

The documentation (https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/policies/ios-xe-17/policies-book-xe/application-aware-routing.html) states the following:

sla-class sla-class-name preferred-color color—To set a specific tunnel to use when data traffic matches an SLA class, include the preferred-color option, specifying the color of the preferred tunnel. If more than one tunnel matches the SLA, traffic is sent to the preferred tunnel. If a tunnel of the preferred color is not available, traffic is sent through any tunnel that matches the SLA class. If no tunnel matches the SLA, data traffic is sent through any available tunnel. In this sense, color preference is considered to be a loose matching, not a strict matching, because data traffic is always forwarded, whether a tunnel of the preferred color is available or not.

If no tunnel matches the SLA, data traffic is sent through any available tunnel. In this sense, color preference is considered to be a loose matching, not a strict matching, because data traffic is always forwarded, whether a tunnel of the preferred color is available or not. When no tunnel matches the SLA, you can choose how to handle the data traffic:

  • strict—Drop the data traffic."

 

This would lead me to believe it would fall back to mpls. However, during my labbing, FTP seems to get blackholed when the SLA is down for public-internet, even when the SLA is still met for the mpls color.

 

Another way of asking the same question: can AAR by itself be used to force traffic over a specific color (and only this color)? Or do you need to accompany it with a Traffic Data policy to make sure it doesn't fall back to a color that meets the SLA Class?

Thanks.

 

16 Replies 16

Go to solution
MHM Cisco World
VIP
VIP

‎07-26-2024 03:20 AM

Sorry it old post but I refresh my sdwan notes these days

AAR use local or remote tloc' so strict option work is depend which tloc you use.

MHM

0 Helpful

Go to solution
Osvaldo Salazar Tovar
Cisco Employee
Cisco Employee

‎07-27-2024 05:36 AM

Could you please share your BFD settings? Thanks

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card