NX-OS & ECMP


Having multiple equal-cost paths (Equal-Cost MultiPath) to a destination is nice, but you need to understand how it will work in a Cisco network.  By default, per-packet load balancing is disabled.  Anyone know why?  Leave replies in the comments section & I’ll pick the best answer.


It’s generally bad to per-packet load-balance, so IOS will hash on a few fields of the packet & ensure that subsequent packets in that ‘flow’ will take the same path.


In IOS, you can determine the exact path a packet will take through the use of the command “show ip cef exact-route“.  Of course, the Catalyst 6500 / 7600 line has a different command “show mls cef exact-route

Ivan Peplenjak has a good article on ECMP located here.

I was searching for an equivalent command on NX-OS and located the “show routing hash” command.  It works as advertised.

LISP: Locator/ID Separation Protocol available on IOS

Cisco IOS release 15.1(1)XB introduces some LISP features.  LISP is a relatively new protocol whose aim is to separate two functions contained within an IP address.  A host IP address contains both the Endpoint Identifier (EID) and the Routing Locator (RLOC).  What this basically means is that the IP address not only indicates the specific host, but also indicates how to locate the host on an IP network.


LISP is just one of the latest examples of abstracting a problem in order to more easily solve it.  Think about how the DNS solved an early problem: human inability to remember large amounts of unstructured data in the form of IP addresses.  Is it easier to remember 74.125.53.121 or www.ccde-study.com?  In effect, the DNS decoupled the EID (74.125.53.121) and locator (the name).


The problem is that IPv4 has no way of separating the host from the path.  If you trace the route to a host with IP address 10.1.1.1, each intermediate hop uses the host IP address in order to find out which interface to egress the packet.  This presents a few problems:

  • Mobility
  • Scalability
  • Multihoming
Mobility: host movement between branches of the topology will result in a host being unreachable (if the address doesn’t change).



Scalability: either your topology can match your addressing or your addressing can match your topology.  If not, scaling the network will be difficult since the network will contain a large amount of state.  Large amounts of state are not necessarily bad, but convergence within that network can take a large amount of time.

Multihoming: a host that resides on multiple segments will require EIDs for each segment.

Each of these problems have kludgey hacks to solve them.  For instance, a multihomed host can use a loopback address for its EID.  The kludgey part will mean that upstream devices will still need to reference the closest interface’s EID as a next-hop in order to reach the loopback.  This presentation explains it better than I can.

LISP is designed to solve these problems by decoupling the EID from the RLOC, and introduces a few new types of devices.  No end-user / end-device changes are necessary because an intermediate device simply maps & encapsulates the packet from one end of the network to the other.


You can get started with LISP using the following guides from Cisco:


LISP Lab Testing Application Note
Cisco IOS LISP Configuration Guide

And here’s a good article from the IP Journal.


Unfortunately they haven’t implemented all of the interesting parts of LISP, but you can see how a gateway router performs the map & encap function.  I just tried it in a lab and it works great.


For a deeper discussion on the challenges presented by IP, I highly recommend reading Patterns In Network Architecture by Jon Day.

The First 90 Days

The First 90 Days

I recently started a new job and have been considering what to implement during the first period of my tenure.  The following are my restrictions / requirements:

  • No budget
  • Services must fit in a VM
  • Scalable (read: easily supported / maintained)

With that in mind, I’ve decided to implement a few things:

  • syslog-ng syslog repository
  • rancid

Syslog-NG is a great syslog server replacement, and there are a number of great management / reporting tools as well.  It’s “free” and fits easily in a standard U*IX environment.

I’ll also be installing LogZilla (aka php-syslog-ng) and putting everything in a mysql database.

RANCID is a fantastic tool that will archive your network configurations & let you know if things have changed.  Some folks have integrated the CVS repository that RANCID uses with CVSWEB, so I’ll be looking into that as well.

Ok, that’s nice, but what does that have to do with the CCDE?

Nothing directly, but it does have everything to do with the care & feeding of a network.  You can’t know what’s going on with your devices without consolidating the messages they are producing, and without configuration backups / auditing you can be in trouble if a system loses its configuration or is changed.

The syslog-ng design will probably involve a hierarchy of some sort, where each site has a local repository, and all of these feed back to a central server that is being backed up.  I don’t really know yet, but syslog-ng gives you the freedom to do so.

How about a pretty picture?  I like pretty pictures: