Network Computingwww.networkcomputing.com

Wouldn't it be nice if BGP could consider factors such as performance of the routing path provided by each ISP's link when it chooses a route?

Now there's a new type of product that not only can measure the performance of routes via each BGP peer but also can act upon that information by changing the preferred route via BGP. One such product is PathControl from RouteScience. I tested the latest PathControl release in our Green Bay, Wis., Real-World Labs® and was pleased with the results.

PathControl 1.1 is layered over Linux--you cannot access the underlying OS, however--and housed in a bladed chassis. Each blade, or "plane," provides separate functionality--there is one for reporting, one for management and one for the core engine. The number of measurement planes varies--there is one for each external BGP peer.

PathControl 1.1 provides a robust Java applet for reporting and informational needs. The next release will let you configure PathControl from the GUI, but with this release you must manage the device via the IOS-based command-line interface.

PathControl offers more than insight into the performance of your links and their corresponding paths through the Internet. It also lets you configure and control which links are used based on a number of variables.

Link Scrutiny

PathControl can be placed anywhere behind your edge router. Connectivity to the router can be established through a dedicated port or a tunneled connection. Either way, PathControl needs access to the outside world as well as to your edge router.

I connected PathControl directly to a Cisco Catalyst 6500 switch configured to accept external BGP feeds from two separate Nortel Networks Web switches--a 180e and an AD4. PathControl was configured to peer with the Cisco switch and monitor the routes asserted by each of the Nortel devices. PathControl can remain passive, monitoring and reporting on the performance of each of the remote peers, or it can be placed in "assert" mode, which gives it the go-ahead to change preferred routes on the edge router if it determines the outgoing performance of one link is better than that of another.

You can configure the frequency by which PathControl changes routes so your edge router isn't overwhelmed. It's best to run PathControl in passive mode for at least a few days and use the report generator to see how frequently PathControl has asserted a new route, then determine the best update frequency for your situation.

Taking Measurement

PathControl uses the round-trip time of a TCP handshake as the basis for its performance metrics. The data for this is retrieved passively, by serving a client a 1x1 pixel GIF image via HTTP, or actively, by probing user-configurable Web sites. For the latter, PathControl opens a TCP connection to a site and measures the time it takes to complete the three-way TCP handshake.

To achieve the passive measurements, each of the measurement planes on the device is configured with a VIP (virtual IP address). That address, when accessed via HTTP or HTTPS, returns a 1x1 pixel GIF image. PathControl serves this GIF directly, measuring the time to set up a TCP session with the client. Simply embed the VIP address in an HREF on a Web page on your site, and as soon as a client requests that page, measurements begin. The key here is the use of policy-based routing, which is configured on the edge routers to forward traffic based on the source address consistently, so the measurements from PathControl continue to measure the performance of each path, regardless of the rest of the routing table.

By default, PathControl requires at least six measurements to perform its calculations on the data. The number of measurements required is configurable, though. The calculations assign a rating to each link, which is then used to determine which link is performing better. "Better" is also configurable. Also by default, if two or more ratings are given values within 25 points of each other, both are considered "good." When a link's rating is 25 points higher than another, that link is considered to be the "best," and PathControl will assert that route via iBGP (interior BGP) to the edge router with which it is peering.

Asserting Control

I used two Web browsers to load each of the GIFs from each of the two VIPs configured on PathControl multiple times. PathControl assigned both of the links equal weights, as expected. I turned on our Shunra Software Storm WAN emulator to inject a fixed latency of 200 ms into one of the links, then repeated the test. PathControl assigned a much lower rating to the link impaired by Storm and, because the difference between the ratings was greater than the window of 25, immediately asserted a route to the Catalyst 6500 to use the link unaffected by Storm. PathControl does this by padding the AS-PATH attribute as well as by giving the asserted route a higher weight than that of other paths.

Unfortunately, PathControl will not change the route back automatically once it has asserted a new one unless there is a compelling reason to do so. One reason might be the cost of a link--why use a link for which you are billed by total bytes transferred per month when you have another for which you are billed on a flat-fee basis? I configured the unit to assign a penalty to the link that was unimpaired. Doing this changed the mathematical calculations and forced a route change when conditions changed. After assigning the penalty, I performed the test again, this time stopping Storm and thus removing the latency introduced.

As expected, PathControl noticed the performance change and asserted a route to the Cisco switch to use the initial link again.

PathControl is easy to configure. The IOS-based interface was familiar and easy to navigate with an intuitive GUI for reporting. The cost is a bit much, but PathControl can reduce the use of high-cost links as well as provide the best possible performance for your customers. And the latter, depending on your needs, could be priceless.