Facebook Forum - Architecture and troubleshooting Cisco ASR 1000 Series Aggregation Services Routers

Unanswered Question
Apr 11th, 2013

Live chat with Cisco expert Hitesh Kumar on April 16, 2013 on Architecture and troubleshooting Cisco ASR. 1000 Series Aggregation Services Routers



Hitesh Kumar is a customer support engineer in the High Touch Technical Services  team at Cisco specializing in routing protocols. He has been supporting  major service providers and enterprise customers in routing,  Multiprotocol Label Switching (MPLS), Multicast, and Layer 2 Virtual  Private Network (L2VPN) issues on Routing platforms for more than three  years. He has more than six years of experience in the IT industry and  holds a CCIE certification in Service (#38757).

April 2013 FF image_Hitesh_v2.png


Where:

Please go to Cisco Support Facebook Page on the event day: http://www.facebook.com/CiscoSupportCommunity


When:

April 16, 2013  8:00 AM PST (San Francisco; UTC -7 hrs)



What is Facebook Forum?

Facebook  forums are online conversations, held at a pre-arranged time on our  Facebook page. It gives you an opportunity to interact with a live Cisco  expert and get more information about a particular technology, service  or product.


How do I participate?

On the day of the event, go to our Facebook page http://www.facebook.com/CiscoSupportCommunity.


To RSVP Click Here

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
ciscomoderator Tue, 04/16/2013 - 11:47

Here's a condensed summary of our April 2013 Facebook Forum :  Architecture and troubleshooting Cisco ASR 1000 Series Aggregation  Services Routers


Does asr1k supports external USB 


Yes, The route processor can support a 1-GB eUSB module. We can copy the IOS from bootflash to USB using below command:


copy bootflash:asr1000rp1-adventerprisek9.02.01.00.122-33.XNA.bin usb0:


or startup-config from nvram to usb:
copy nvram:startup-config usb0:



How  do we actually get a shell on the latest IOS-XE for ASR1K equipment ?  The old-way (service internal + platform shell + request platform  software system shell now requires a LICENSE ?????).


Cisco  voluntarily restricting access to the shell under ASR 1K is _REALLY_ a  problem. Especially when half of the usual system command on IOS XE are  not functionnal since IOSd cannot really see the details of the hardware  underneath (ok,have monitor platform software process, but that's  limited) - So I assume that you have configured "platform shell" and  getting the below error on trying to acess shell mode


COVE-CASR1001-CE2#
COVE-CASR1001-CE2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
COVE-CASR1001-CE2(config)#platform shell
COVE-CASR1001-CE2(config)#exit
COVE-CASR1001-CE2#request platform software system shell RP active
Activity within this shell can jeopardize the functioning of the system.
Are you sure you want to continue? [y/n] y
Error acquiring an internal services license: Request failed due to no license


Linux shell access is not available to customers on the ASR1K platforms which require licensing (such as the ASR1001).


The  SHELL license can be obtained on an internal Cisco site but it is only  meant to be installed and utilized by Cisco personnel (TAC, SE). It also  must be removed from any customer router following its use. The reason  for this is that with Linux shell access, a user can have full access to  the license directories which can lead to a security problem.


Is  VPLS supported on ASR 1000?  How do we verify if the packet is actually  reaching ASR1000 or not? is there any way to capture the packet on  ASR1k? Can you please explain in detail as its very important in  troubleshooting scenarios?


Answer to your first question is  Yes VPLS is supported on ASR1k. VPLS is supported, from 3.5 release.   regarding packet capture yes its important and We do have a packet  capture on ASR1k....before 3.7 release you would have to use the SPAN.  in 3.7 Embedded Packet Capture have been added and are available for use
I will try to explain it with the commands and output


To start a capture it is as simple as:


monitor capture TestCap2 interface  both
monitor capture TestCap2 match ipv4 protocol tcp any any
monitor capture TestCap2 start


Then you can either stop the capture or display it


monitor capture TestCap2 stop


F340.03.11-ASR1000-4#show monitor capture TestCap2 buffer brief
-------------------------------------------------------------
# size timestamp source destination protocol
-------------------------------------------------------------
0 58 0.000000 10.180.91.22 -> 10.180.91.1 TCP
1 54 0.001007 10.180.91.1 -> 10.180.91.22 TCP


F340.03.11-ASR1000-4#show monitor capture TestCap2 buffer det
F340.03.11-ASR1000-4#show monitor capture TestCap2 buffer detailed
-------------------------------------------------------------
# size timestamp source destination protocol
-------------------------------------------------------------
0 58 0.000000 10.180.91.22 -> 10.180.91.1 TCP
0000: 8843E13C D478C471 FE9E8D01 080045C0 .C.0010: 002C49FD 0000FF06 A58F0AB4 5B160AB4 .,I.........[...
0020: 5B01D071 00B3FF98 B7BA0000 00006002 [..q..........`.
0030: 1020340F 00000204 05B4 . 4.......


1 54 0.001007 10.180.91.1 -> 10.180.91.22 TCP
0000: C471FE9E 8D018843 E13CD478 08004500 .q.....C.0010: 00285E45 0000FF06 920B0AB4 5B010AB4 .(^E........[...
0020: 5B1600B3 D0710000 0000FF98 B7BB5014 [....q........P.
0030: 00005BD8 0000 ..[...


and when done its easy to export it


F340.03.11-ASR1000-4#monitor capture TestCap2 export


ftp://172.18.124.30/TestCap2.pcap
Writing TestCap2.pcap
Exported Successfully


Hi Is there any specific H/w requirement also to support VPLS?


You can go through the below link for more informattion on VPLS


http://www.cisco.com/en/US/docs/ios/ios_xe/3/release/note/asr1k_feats_important_notes_35s.html#wp3252657


please let me know in case you still have any queries


What is the bandwidth capacity and the backplane capacity on ASR1K routers?


It  depends on SIp and ESP. The SIP10 enables 10 Gbps of aggregate  bandwidth per slot and SIP40 enables 40 Gbps of aggregate bandwidth per  slot. The SIP10 connects to the Cisco ASR 1000 Series Embedded Services  Processor (ESP) through the passive midplane with 10 Gbps point-to-point  links. The SIP40 connects to an ESP in the same way.The ESP module in  the chassis determines the forwarding capacity of Router. For example,  ESP40 has 40 Gbps forwarding capacity, ESP20 has 20 Gbps forwarding  capacity & ESP10 has 10 Gbps forwarding capacity.


Is traffic forwarding affected if the Route Processor crashes and where do I find the crashinfo ?


No,  traffic forwarding is not affected if the RP crashes as the traffic  forwarding is performed by the QFP. The crashinfo is stored in the  bootflash:, check out this CCO link for more info.


http://www.cisco.com/en/US/products/ps9343/products_tech_note09186a0080a8b6ad.shtml


I had few questions regarding ASR 1000:


I  am unable to see any stats on asr1k using fnf ? (answer) Regarding FNF  which software version are you using?  I am using 12.2(33)XNC. Below  link shows that the fnf was introduced in 15.0(1)S release


http://www.cisco.com/en/US/docs/ios-xml/ios/fnetflow/configuration/xe-3s/asr1000/cfg-de-fnflow-exprts-xe.html


12.2(33)XNC is release 2.3.X 15.0(1)S - 3.1.0S So that is the reason for flexible netflow not working in 12.2(33)


Can you let me know if the ASR1k support per packet load-sharing?


-  no ASR1k doesn't supports per packet load balancing.


What  is dual and standalone mode in Cisco IOSXE software? Also, I would like  to know what are the advantages and disadvantages of the 2 modes?


The  Cisco ASR 1000 Series Router introduces a dual IOS process model that  allows for increased high availability at all times. Using SSO or RPR, a  second IOS process can be enabled on a Cisco ASR 1002 or 1004 Router.  On Cisco ASR 1000 Series Routers configured with dual Route Processors,  the second IOS process runs on the standby Route Processor.


Advantages:


- Increased fault tolerance


-In  the event of an active IOS failure, the second IOS process immediately  becomes the active IOS process with little to no service disruption.


- No downtime software upgrades—


IOS  and other software on the router can be upgraded using the In Service  Software Upgrade (ISSU) feature in the standby IOS process, thereby  allowing the network to remain active during the software upgrade.


The  disadvantage of running dual mode is that hen running dual Cisco IOS XE  Software processes, the maximum routing table supported is reduced by  approximately 50 percent.


Also, which command can I use to check the memory utilization on the various cards ?


You should use "show platform software status control-processor brief" command.


Can u pls guide us on best approach to troublshoot packet drop on ASR 1000?


Below is a very good document having troubleshooting steps for packet drop issue.


http://www.cisco.com/en/US/products/ps9343/products_tech_note09186a0080af2d14.shtml 


Kindly go through it and let me know in case of any queries.


There  have been incidents where ASR hangs without any reason. Once we reload  the box we dont find any crashinfo/ Traceback or core dump generated


Could  you please shed some light as in how can we troubleshoot such issues to  get to the root cause. Set of commands that we should capture would be  really appreciated?


That's a very good question. the best way to troubleshoot an ASR1k hang according to me is as below:


The  first three steps are the same as other - set conf register to 0x2002 -  reload - send break sequence when problem occurs, however you will be  dropped to a diag prompt rather than the rommon prompt. At this prompt  enter the command: request platform software system shell (you may have  to have already configured 'platform shell' prior to this) This will  drop you to a linux prompt.


At the linux prompt issue the command:


ps -A | grep ios
This will return the PID of the linux process. In my case this was 24897:


[mcp-syd-08_RP_0:/harddisk/phpetty]$ ps -A | grep ios
24897 ? 00:23:30 linux_iosd-imag


Then  issue the command: kill -s SIGABRT  This procedure does restart the  router however it will also generate a core file in doing so which, when  decoded, should point you to the function in which the router was hung.  I think this is very important information to be collected to get to  the root cause.Please let me know in case of any other query.


I  have heard Cisco AVC technology is supported on ASR 1000. Can you  please tell me which license and software release support this?


AVC  is supported on the Cisco ASR 1000 starting with Cisco IOS® XE Software  Release 3.4S.AVC support is provided by Right-To-Use (RTU) licenses on  both Cisco ASR1k


So I have couple of questions on this,  basically I want to know about certain features: 1) Is mpls nsf sso  supported on ASR1000? 2) will an ESP switchover cause RP switchover or  any effect on RP? and 3) Can you also explain about the redundancy and  HA features on ASR ?..


1. yes its supported on asr 1006 with redundnat RP's. LFIB is synchronized between active and standby


2. No, ESP is used for forwarding and RP is route processor they are seperate modules.


3. The Cisco ASR 1000 Series offers the following features:


•  The Cisco ASR 1006/1013 supports 1+1 active and standby redundancy in  dual RP and dual ESP configuration. Switchover of the route processor  does not result in switchover of the ESP, and switchover of the ESP does  not result in switchover of the route processor.


• The Cisco ASR  1001, ASR1002-F, ASR 1002, ASR 1002-X, and Cisco ASR 1004 support dual  Cisco IOS Software redundancy with a single route processor  configuration. This feature is not supported on the Cisco ASR 1006 or  Cisco ASR 1013.


• Cisco ASR 1000 Series routers support Nonstop  Forwarding (NSF), Stateful Switchover (SSO), In-Service ISSU, and online  Insertion and removal (OIR).


1: What are the requirements for ISSU on a single Cisco ASR 1000 Series route processor system? 2. Does asr 1000 supports ISSU?


Yes,  Each software package for the Cisco ASR 1000 Series consists of seven  different sub-packages. The sub-packages are designed to support the  In-Service Software Upgrade (ISSU) capability.


Below are the requirements for ISSU:


The  Cisco ASR 1000 Series RP1 must have 4 GB of DRAM. ISSU is supported  only on RPControl, RPSecurity, and RPIOS images on single Cisco ASR 1000  Series Route Processor systems.


Is online insertion and  removal (OIR) supported on the Cisco ASR 1000 Series SIP10 and SIP40? Is  forwarding capacity also affected by choice of SIp?"


Yes. Both the Cisco SIP10 and SIP40 support OIR, as do the SPAs housed by the SIPs.


Regarding  second question, forwarding capacity of ASR1k depends upon the ESP. The  Cisco ASR 1000 Series ESP makes all forwarding decisions. However, the  SIP10 and SIP40 support ingress classification and buffering to allow  interface oversubscription.


I had few queries: Q1. what are  the maximum arp entries per port supported in asr 1004 ? Q2. Does asr1k  support GUI like other cisco routers? Thanks


Ans1. ARP entries are not classified per port but a limit for the whole device. Please chcek the link below:


http://www.cisco.com/en/US/prod/collateral/routers/ps9343/data_sheet_c78-447652.html   ASR Supports 64,000 Layer 3 adjacencies.


Answer2. yes GUI is supported, its supported 2.1.1 onwards


Does asr 1000 supports ISSU?


Yes, ASR supports ISSU.


Does it support SBC High Availability?


One  of the key differentiators of the Cisco ASR 1000 Series Router is its  support for SBC functions. In particular, the Cisco ASR 1000 Series  Router can function as a distributed border element (DBE) in an SBC  environment. It receives control messages from the session border  element (SBE) using the H.248 control protocol, and thus can open and  close media pinholes and provide the data plane for session  border-controlled traffic.


As with the High Availability features  discussed previously, the Cisco ASR 1006 Series Router can synchronize  SBC session state between the active and standby route processors or  ESPs. A failure of the active route processor again results in a  switchover to the standby route processor. Any H.248 control message  processing can immediately be resumed on the standby route processor.  Similarly, the standby ESP also maintains a copy of the DBE forwarding  state tables, and is thus immediately ready to take over the forwarding  function for SBC-controlled traffic if the active ESP fail.


I also wanted to know the side effects of dual mode, (if there are any)?


The  disadvantage of running dual Cisco IOS XE Software processes is that  the maximum routing table supported is reduced by approximately 50  percent


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Here's a link to the Facebook Forum Archive in the Cisco Support Community Online:

https://supportforums.cisco.com/thread/2210927



Here are links to the actual Facebook Forum events:


https://www.facebook.com/events/140904729424801/permalink/142354739279800/


https://www.facebook.com/events/140904729424801/permalink/142244275957513/


https://www.facebook.com/events/140904729424801/permalink/142349395947001/



Here's a link to the event announcement on the Facebook page:


https://www.facebook.com/events/140904729424801/

Actions

This Discussion

Related Content