Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2717
Views
1
Helpful
19
Replies

Traffic is dropping after reload because of AAR policy

Go to solution
dijix1990
VIP Alumni
VIP Alumni

‎07-07-2023 10:35 PM - edited ‎07-07-2023 10:37 PM

vmanage - 20.9.3

cedges - 20.9.3a

I noticed that with AAR policy after reloading device all of the traffic is dropping for 15-20 minutes

I started packet-trace and saw - DROP 483 (SdwanDataPolicyDrop)

 

show platform packet-trace packet 1
Packet: 1           CBUG ID: 1
Summary
  Input     : GigabitEthernet0/0/0.920
  Output    : GigabitEthernet0/0/0.920
  State     : DROP 483 (SdwanDataPolicyDrop)
  Timestamp
    Start   : 560305080124 ns (07/08/2023 05:12:19.338387 UTC)
    Stop    : 560305192379 ns (07/08/2023 05:12:19.338500 UTC)
Path Trace
  Feature: IPV4(Input)
    Input       : GigabitEthernet0/0/0.920
    Output      : <unknown>
    Source      : 172.26.98.4
    Destination : 172.18.7.22
    Protocol    : 1 (ICMP)
  Feature: CFT
    API                   : cft_handle_pkt
    packet capabilities   : 0x0000018c
    input vrf_idx         : 0
    calling feature       : STILE
    direction             : Input
    triplet.vrf_idx       : 6
    triplet.network_start :  0x100bf92
    triplet.triplet_flags : 0x00000000
    triplet.counter       : 26
    cft_bucket_number     : 1313395
    cft_l3_payload_size   : 64
    cft_pkt_ind_flags     : 0x00000000
    cft_pkt_ind_valid     : 0x00000931
    tuple.src_ip          : 172.26.98.4
    tuple.dst_ip          : 172.18.7.22
    tuple.src_port        : 5060
    tuple.dst_port        : 51060
    tuple.vrfid           : 4
    tuple.l4_protocol     : ICMP
    tuple.l3_protocol     : IPV4
    vrf_nums              : 1
    pkt_sb.num_flows      : 0
    pkt_sb.tuple_epoch    : 26
    returned cft_error    : 14
    returned fid          : 0
  Feature: NBAR
    Packet number in flow: N/A
    Classification state: Final
    Classification name: ping
    Classification ID: 1404 [CANA-L7:479]
    Candidate classification sources:
      N/A
    Classification visibility name: ping
    Classification visibility ID: 1404 [CANA-L7:479]
    Number of matched sub-classifications: 0
    Number of extracted fields: 0
    Is PA (split) packet: False
    Is FIF (first in flow) packet: False
    TPH-MQC bitmask value: 0x0
    Source MAC address: 70:0B:4F:FF:C7:C1
    Destination MAC address: 00:87:64:80:06:30
    Traffic Categories:
      ms-office-365/category: unset
      ms-office-365/service-area: unset
      sdavc/feed-id:   0
      webex/region:   0
  Feature: SDWAN App Route Policy
    VPN ID       : 15
    VRF          : 6
    Policy Name  : _VPN-12_Branch-Voice_AAR-VOIP-BRANCH_VPN-10-11_15_Branch_AAR-DATA-BRANCH-VPN-10-11_15_Branch (CG:3)
    Seq          : 1
    Req SLA      : Default (1)
    Act SLA      : __all_tunnels__ (0)
    Policy Flags : 0x21
    Fallback to best Path : no
    SLA Strict   : Yes
    Actual Color : Undetermined (0)
    Preferred Color : biz-internet public-internet  (0x30)
    Tunnel Match Reason : MATCHED_NONE_SLA_STRICT

 

I use AAR to force voip traffic to be routed to the mpls channel, and prevent the rest of the traffic from using the mpls channel

 

sh sdwan policy from-vsmart
from-vsmart sla-class Default
 loss    25
 latency 300
 jitter  100
from-vsmart sla-class Realtime
 loss    1
 latency 150
 jitter  30
from-vsmart app-route-policy _VPN-12_Branch-Voice_AAR-VOIP-BRANCH_VPN-10-11_13_15-16_Branch_AAR-DATA-BRANCH
 vpn-list VPN-10-11_13_15-16_Branch
  sequence 1
   match
    source-data-prefix-list aar-data-global
    destination-ip          0.0.0.0/0
   action
    sla-class       Default
    sla-class strict
    sla-class preferred-color biz-internet public-internet
 vpn-list VPN-12_Branch-Voice
  sequence 1
   match
    source-ip      10.10.0.0/16
    destination-ip 10.10.0.0/16
   action
    backup-sla-preferred-color biz-internet public-internet
    sla-class       Realtime
    no sla-class strict
    sla-class preferred-color mpls
from-vsmart lists vpn-list VPN-10-11_13_15-16_Branch
 vpn 10-11
 vpn 13
 vpn 15-16
from-vsmart lists vpn-list VPN-12_Branch-Voice
 vpn 12
from-vsmart lists data-prefix-list aar-data-global
 ip-prefix 172.16.0.0/12
 ip-prefix 192.168.0.0/19

 

 

 

0 Helpful
19 Replies 19

Go to solution
dijix1990
VIP Alumni
VIP Alumni
In response to Kanan Huseynli

‎07-13-2023 08:43 AM

Before reboot

edge1 (DC)

sdwan-01#sh sdwan app-route stats remote-system-ip 10.80.249.101
app-route statistics 192.168.1.218 192.168.1.198 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              mpls
 remote-color             mpls
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     160
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      1172
   rx-data-pkts      697
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     160
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      806
   rx-data-pkts      588
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.20.10 10.20.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             biz-internet
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     160
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      6487
   rx-data-pkts      281
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     160
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      7087
   rx-data-pkts      292
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.20.10 10.30.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             public-internet
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     159
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      641
   rx-data-pkts      2384
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     160
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      633
   rx-data-pkts      2083
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0

edge2 (DC)

 

sdwan-02#sh sdwan app-route stats remote-system-ip 10.80.249.101
app-route statistics 192.168.1.219 192.168.1.198 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              mpls
 remote-color             mpls
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     159
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      826
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     160
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      583
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.10.10 10.20.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             biz-internet
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     160
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      4887
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     160
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      4839
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.10.10 10.30.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             public-internet
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     160
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      350
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     161
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      4094
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0

until rebooting branch

edge1 (DC) the same loss for until rebooting and immediately after transports are up on the branch

sdwan-01#sh sdwan app-route stats remote-system-ip 10.80.249.101
app-route statistics 192.168.1.218 192.168.1.198 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              mpls
 remote-color             mpls
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    85
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     160
   loss              115
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      284
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     160
   loss              160
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.20.10 10.20.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             biz-internet
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    85
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     161
   loss              116
   average-latency   1
   average-jitter    0
   tx-data-pkts      751
   rx-data-pkts      369
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     160
   loss              160
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.20.10 10.30.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             public-internet
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    100
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     160
   loss              160
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     161
   loss              161
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0

edge2 (DC) the same loss for until rebooting and immediately after transports are up on the branch

sdwan-02#sh sdwan app-route stats remote-system-ip 10.80.249.101
app-route statistics 192.168.1.219 192.168.1.198 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              mpls
 remote-color             mpls
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    84
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     161
   loss              111
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      30
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     160
   loss              160
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.10.10 10.20.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             biz-internet
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    84
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     160
   loss              110
   average-latency   1
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      161
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     161
   loss              161
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.10.10 10.20.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             public-internet
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    100
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     159
   loss              159
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     161
   loss              161
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0

Branch immediately after rebooting. There are no packets

branch-gw#sh sdwan app-route stats remote-system-ip 10.80.100.101
app-route statistics 10.20.10.10 10.10.20.10 ipsec 12346 12346
 remote-system-ip         10.80.100.101
 local-color              biz-internet
 remote-color             public-internet
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.30.10.10 10.10.20.10 ipsec 12346 12346
 remote-system-ip         10.80.100.101
 local-color              public-internet
 remote-color             public-internet
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 192.168.1.198 192.168.1.218 ipsec 12346 12346
 remote-system-ip         10.80.100.101
 local-color              mpls
 remote-color             mpls
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0

branch-gw#sh sdwan app-route stats remote-system-ip 10.80.100.102
app-route statistics 10.20.10.10 10.10.10.10 ipsec 12346 12346
 remote-system-ip         10.80.100.102
 local-color              biz-internet
 remote-color             public-internet
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.30.10.10 10.10.10.10 ipsec 12346 12346
 remote-system-ip         10.80.100.102
 local-color              public-internet
 remote-color             public-internet
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 192.168.1.198 192.168.1.219 ipsec 12346 12346
 remote-system-ip         10.80.100.102
 local-color              mpls
 remote-color             mpls
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     0
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0

edge1 (DC) Immediately after 1st poll intervall 

sdwan-01#sh sdwan app-route stats remote-system-ip 10.80.249.101
app-route statistics 192.168.1.218 192.168.1.198 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              mpls
 remote-color             mpls
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    36
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     160
   loss              1
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      471
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     160
   loss              115
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      284
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.20.10 10.20.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             biz-internet
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    36
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     161
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      1223
   rx-data-pkts      469
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     161
   loss              116
   average-latency   1
   average-jitter    0
   tx-data-pkts      751
   rx-data-pkts      369
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.20.10 10.30.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             public-internet
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     161
   loss              1
   average-latency   1
   average-jitter    0
   tx-data-pkts      616
   rx-data-pkts      890
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     160
   loss              2
   average-latency   1
   average-jitter    0
   tx-data-pkts      1647
   rx-data-pkts      822
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0

edge2 (DC) Immediately after 1st poll intervall 

sdwan-02#sh sdwan app-route stats remote-system-ip 10.80.249.101
app-route statistics 192.168.1.219 192.168.1.198 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              mpls
 remote-color             mpls
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    34
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     161
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      239
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     161
   loss              111
   average-latency   0
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      30
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.10.10 10.20.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             biz-internet
 sla-class-index          0
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    34
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     160
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      260
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     160
   loss              110
   average-latency   1
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      161
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.10.10.10 10.30.10.10 ipsec 12346 12346
 remote-system-ip         10.80.249.101
 local-color              public-internet
 remote-color             public-internet
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     161
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      20
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     161
   loss              1
   average-latency   1
   average-jitter    0
   tx-data-pkts      0
   rx-data-pkts      1580
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0

Branch Immediately after 1st poll intervall 

branch-gw#sh sdwan app-route stats remote-system-ip 10.80.100.101
app-route statistics 10.20.10.10 10.10.20.10 ipsec 12346 12346
 remote-system-ip         10.80.100.101
 local-color              biz-internet
 remote-color             public-internet
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     164
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      196
   rx-data-pkts      762
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     167
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      806
   rx-data-pkts      1769
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.30.10.10 10.10.20.10 ipsec 12346 12346
 remote-system-ip         10.80.100.101
 local-color              public-internet
 remote-color             public-internet
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     166
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      976
   rx-data-pkts      608
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     165
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      822
   rx-data-pkts      1655
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 192.168.1.198 192.168.1.218 ipsec 12346 12346
 remote-system-ip         10.80.100.101
 local-color              mpls
 remote-color             mpls
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     166
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      1188
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     166
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      769
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0


branch-gw#sh sdwan app-route stats remote-system-ip 10.80.100.102
app-route statistics 10.20.10.10 10.10.10.10 ipsec 12346 12346
 remote-system-ip         10.80.100.102
 local-color              biz-internet
 remote-color             public-internet
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 1
  mean-jitter  0
  interval 0
   total-packets     165
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      163
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     166
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      354
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 10.30.10.10 10.10.10.10 ipsec 12346 12346
 remote-system-ip         10.80.100.102
 local-color              public-internet
 remote-color             public-internet
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     165
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      106
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     166
   loss              0
   average-latency   1
   average-jitter    0
   tx-data-pkts      1573
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
app-route statistics 192.168.1.198 192.168.1.219 ipsec 12346 12346
 remote-system-ip         10.80.100.102
 local-color              mpls
 remote-color             mpls
 sla-class-index          0,1,2
 fallback-sla-class-index None
 app-probe-class-list None
  mean-loss    0
  mean-latency 0
  mean-jitter  0
  interval 0
   total-packets     165
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      786
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0
  interval 1
   total-packets     165
   loss              0
   average-latency   0
   average-jitter    0
   tx-data-pkts      31
   rx-data-pkts      0
   ipv6-tx-data-pkts 0
   ipv6-rx-data-pkts 0

 

0 Helpful

Go to solution
dijix1990
VIP Alumni
VIP Alumni
In response to Kanan Huseynli

‎07-13-2023 08:12 AM

@Kanan Huseynli wrote:

You dont have rx-data,strange.

What do you see in remote node (10.80.100.102)? This output, bfd result etc.

 

Oh sorry, this is system ip (10.80.100.102) is consider to second DC edge. I have two edges are placed on the dc with vrrp to lan. that's why there wasn't rx-data

0 Helpful

Go to solution
Kanan Huseynli
VIP
VIP
In response to dijix1990

‎07-13-2023 11:04 AM

This is exactly what I described before:

Remote device (branch) is rebooting and others (DC1/2) still count sla parameters for previously known tunnels. And due to strict in policy, remote devices drop traffic untill tunnel sla is normalized.

Strange..If you have TAC access open and report this behavior.

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful

Go to solution
dijix1990
VIP Alumni
VIP Alumni
In response to Kanan Huseynli

‎07-13-2023 04:48 PM

No, I don't have TAC access. But now it's clear, I think it's bug only for strict policy

0 Helpful

Go to solution
Kanan Huseynli
VIP
VIP
In response to dijix1990

‎07-14-2023 01:23 AM

Based on our investigation, it looks like misbehavior.

Remote device failed -> BFDs go down -> local device still tries to create tunnel to previously known devices inform -> local device counts SLA parameters for next poll intervals and include them in SLA measurement. And this happens due to OMP graceful restart (known TLOCs are not purged when OMP peering is down - reasonable).

Misbehavior is remote devices still include poll intervals for calculation, while BFD is down (100% loss).

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Customers Also Viewed These Support Documents