Iwan Hoogendoorn

Hi,

As I was telling you in my previous blog article Cisco Pagent is a set of tools…
Well what kind of tools and what can you do with these tools exactly?

Sit back and prepare yourself for some nice intel.

Pagent Tools

Traffic Generation, Count and Capture

• TGN—create and send packets
• PKTS—capture, fast-count, and display packets
• Template Compiler—language for defining packet formats
• Pagent Classic—create, send, capture, fast-count and display packets

IOS-Based Scripting

• SRE (Stimulus Response Engine)—respond to an event
• Router-Based Tcl—Tcl interpreter in privileged exec mode

Verified Traffic

• RVT/CVT (Router Verified Traffic/Control Verified Traffic)—generates and verifies traffic on a simulated network
• IVT/TCP and IVT/UDP—IOS Classic-based load-generation tools
• NQR (Network Quality Reporter)—A simple IOS-based tool that measures end-to-end network delay, jitter, packet drop, and out-of-sequence packets

Session Emulators

• TCP Session Emulator—generates TCP traffic
• HTTP Session Emulator—generates HTTP traffic
• FTP Session Emulator—generates FTP traffic

Large Network Emulators

• LNE-BGP, LNE-IGRP, LNE-EIGRP, LNE-OSPF, LNE-ISIS, LNE-RIP, LNE-LDP
• emulate routers that advertise large router networks

Modify Traffic

• PMOD (Passthru MODify)—allows a Pagent router to be inserted into a test network
• CSYN (Clock Synch)—assists the Network Time Protocol (NTP) to synchronize clocks between two or more Pagent routers

Client Emulators

• ICE (IGMP Client Emulator)—emulates the behavior of a multicast client (receiver) in a multicast network
• DHCP Client Emulator—emulates DHCP client devices and each client gets an IP address allocated by the DHCP server Related Tool—NVT

NVT (Network Verification Tool)

• web browser-based GUI interface to the Pagent tools

Traffic Generation, Count and Capture

Traffic Generation, Count and CaptureTGN—Used to define and send packets on any combination of supported interfaces on arouter. The program has predefined templates to support the definition of specific packettypes. Packet lengths and the data in any header field can be set to constant, random orincrementing values. Packet definitions can be imported from the PKTS program capturebuffer.

PKTS—Used to capture and display incoming and/or outgoing packets from anycombination of interfaces on a router. It can fast-count packets, that is, it can count anddiscard packets at higher rates than IOS counters can support. PKTS supports the creationof filters that allow selective counting, capture or display.
Template Compiler—Provides a convenient, high-level language for defining packetformats. It adds new definitions to the Pagent tools TGN and PKTS at run time and allows
TGN traffic streams and PKTS filters to be defined using the new formats. It allows thedefinitions of multiple display methods that can be used to decode and display packets.

Pagent Classic—Pagent Classic is the original Cisco router and IOS based network traffictransmission and validation tool. It runs on any Cisco router and allows the user to defineand transmit virtually any packet in hex (including corrupted packets) on any interfacesupported by the hosting platform. It also allows the capture and hex display of packets onany interface. Its functionality has been superseded by the TGN and PKTS programs.

IOS-Based Scripting

SRE (Stimulus Response Engine)—An IOS-based scripting language for networking
applications. SRE scripts can be used to receive, manipulate, modify, and send packets, to
test and simulate protocol stacks.

Router-Based Tcl—Use of the TCL language allows you to develop scripts that will run
autonomously on the router, to define new router commands command options, run
automated tests, or define Pagent packet response procedures.

Verified Traffic

RVT/CVT (Router Verified Traffic/Control Verified Traffic)—Router Verified Traffic
(RVT) and Control Verified Traffic (CVT) are used together to test bridges and routers.
CVT can automatically create numerous traffic streams between many Pagent router
interfaces, for many different LAN media and network protocols. RVT can create modest
levels of verified traffic where every packet sent through the test network is validated for
correct sequence, data integrity, and length. RVT can also create fast-unverified traffic.

IVT/TCP and IVT/UDP—IOS Classic-based load generation tools. The TCP and UDP
tools generate traffic between one or more routers using the socket interface provided by
IOS. Traffic is specified in terms of one or more data streams between specific network
addresses, or endpoints. By default, the primary endpoint of each data stream sends
messages and the secondary endpoint echoes the messages back to the primary.

NQR (Network Quality Reporter)—NQR is an IOS-based program in the Pagent test tool
set, introduced in Pagent 3.7. It is a simple tool that measures end-to-end network delay,
jitter, packet drop, and out-of-sequence packets. Packets are sent from an NQR router into a
network, which is configured to route the packets back into one of the interfaces of the
NQR router. NQR processes the returned packets and calculates the necessary statistics.

Session Emulators

TCP Session Emulator—Generates TCP traffic. The tool provides configurable features
that enable a user to emulate various TCP application dialogs between a TCP client and a
TCP server. It emulates multiple hosts establishing thousands of TCP connections. All these
TCP sessions are short-lived, which is very typical for web or email traffic.

HTTP Session Emulator—Generates HTTP traffic. It emulates multiple HTTP clients
establishing HTTP connections to a HTTP server. It generates all kinds of HTTP traffic,
including all kinds of HTTP requests and HTTP responses.

FTP Session Emulator—FTPSE is a TCP application for transferring files. The FTPSE
Client Emulator generates real FTP traffic and emulates FTP client sessions which must talk
to a real FTP server. Currently FTPSE only supports the client side in passive mode

Large Network Emulators

LNE-BGP, LNE-IGRP, LNE-EIGRP, LNE-OSPF, LNE-ISIS, LNE-RIP,
LNE-LDP—LNE is comprised of seven programs to support six routing protocols. LNE is
used to emulate routers that advertise large router networks. It can emulate hundreds of
routers to emulate multiple peers to a router under test. To stress the router under test, LNE
can flap entire LNE routers, routes advertised by the LNE routers or route attributes.

PMOD—PMOD allows a Pagent router to be inserted into a test network so test traffic
passes through the router and then allows the traffic packets to be modified. Depending on
PMOD filters and configurations, the tool can selectively drop, alter, delay or timestamp
packets. It also allows test packets to act as triggers and can recalculate test packet IP, TCP
and UDP checksums.

CSYN—CSYN assists the Network Time Protocol (NTP) to synchronize clocks between
two or more Pagent routers by confirming how closely the routers are synchronized. CSYN
causes multiple Pagent routers to display their time simultaneously so you can determine
how closely their clocks are set.

Client Emulators

ICE (IGMP Client Emulator)—ICE is used to emulate the behavior of a multicast client
(receiver) in a multicast network. The multicast clients utilize Internet Group Management
Protocol (IGMP) to interact with the router on the same subnet. TGN or IVT/UDP is used to
inject multicast traffic with different multicast group addresses.

DCE (DHCP Client Emulator)—DCE emulates DHCP client devices and each client gets
an IP address allocated by the DHCP server. It keeps track of IP address lease time and
responds upon lease expiration. It also provides all DHCP packet statistics as well as the
client’s DHCP state..

NVT

NVT is a web-based application with a graphical user interface front end to the Pagent
tools. It’s a network verification tool, used in a laboratory environment, to test:

• new hardware and network designs
• new software features
• upgrades

before deployment into the production network.

NVT emulates a busy network environment by:

• generating multiprotocol traffic
• verified data traffic
• routing protocol updates

NVT includes a set of pre-defined configurable fields, (i.e., standardized templates), in which you can create your own test scenarios:

• each template (as task) represents an individual test case
• profiles are a collection of tasks, and other profiles, grouped together to be
• executed serially or in parallel
• profiles are used to organize test scenarios

NVT monitors test performance by querying the network devices. Types of tasks include
a traffic generator, a traffic analyzer, session emulator, and routing protocol emulators, as
well as device queries.

Hi,

Today I am going to tell you guys something about 2 tools that was developed by Cisco (or at least developed for Cisco)

Before I am telling anything about these tools I need to say cannot provide any of these tools and I will not provide any information on how you can get these tools.

The first tool is called IOU.
The second tool (that exist of a set of around 16 tools) is called Pagent.

IOU which basically means “IOS on Unix” is a tool that can simulate multiple router instances.

Pagent is based on the Cisco IOS (Internetwork Operating System), and developed within Cisco. The test tools are included in special IOS Pagent images.

IOU
IOS on Unix is a fully working version of IOS that runs as a user mode UNIX (Solaris) process. IOU is build as a native Solaris image and runs just like any other program on Solaris. IOU supports all platform independent protocols and features. It is possible to connect multiple copies of IOU trough the network to form some kind of virtual network.
This way you can build a bigger network using multiple Sun Ultrasparc machines.
There is also a version that runs on OSX (Mac) but I don’t know much about this version. It’s probably the same as the Solaris version but especially for Mac.
What is also nice to know is that there are IOU images available with the Pagent software build in.
Nowdays there is a programs like Dynamips, Dynagen and GNS3 doing the same IOU is doing.
Cisco employees (engineers) are using IOU to test complex designs and features in order to support large customers.

Pagent
The primary function of the Pagent tool set is to provide cost effective test tools to the Cisco community. This tool is NOT available for the public and requires a serial number based on the hardware serial number. There are some cracked versions available out there on torrent websites but this will not be the scope of this blog.

Since the tools are based on production hardware and the IOS operating system, the tools are not able to test the datalink level. They cannot affect frame checksums, preambles, inter frame gap times, or inject hardware failures.
There are limitations to the rates that Pagent tools can transmit and receive packets. Due to the processing power of the main CPU, not all IOS based devices are able to transmit packets at full media rates.

The Pagent programs are best used for testing layer 3 protocols and above. That is, emulating routing
protocols, multicast, TCP sessions, HTTP sessions. Pagent images have a security scheme to prevent illegal distribution outside Cisco. When an router is loaded with a Pagent image for the first time, it presents a machine Id that must be converted to a license key. Once the license key is entered in the router, it is saved in the configuration so it is not required on subsequent downloads.

Pagent tools
• TGN (Traffic Generator) is used to define and send packets on any combination of supported
interfaces on a router. The program has predefined templates to support the definition of specific
packet types. Packet lengths and the data in any header field can be set to constant, incrementing
or random values. Packet definitions can be imported from the PKTS program capture buffer.
• PKTS (Packet Count and Capture) can capture and display incoming and/or outgoing packets from
any combination of interfaces on a router. It can fast-count packets, that is, it can count and discard
packets at higher rates than IOS counters can support. PKTS supports the creation of filters that
allow selective counting, capture or display
• Template Compiler provides a convenient high-level language for defining packet formats. It adds
new packet definitions to the Pagent tool set (TGN and PKTS) at run time and allows TGN traffic
streams and PKTS filters to be defined using the new formats. It allows the definition of multiple
display methods that can be used to decode and display packets.
• Router Verified Traffic (RVT) and Control Verified Traffic (CVT) are used together to test bridges
and routers. CVT can automatically create numerous traffic streams between many Pagent router
interfaces, for many different LAN media and network protocols. RVT can create modest levels of
verified traffic where every packet sent through the test network is validated for correct sequence,
data integrity, and length. RVT can also create fast-unverified traffic.
• PMOD (Passthru Modify) allows a Pagent router to be inserted into a test network so test traffic
passes through the router and then allows the traffic packets to be modified. Depending on PMOD
filters and configurations, the tool can selectively drop, alter, delay or timestamp packets. It also
allows test packets to act as triggers and can recalculate test packet IP, TCP and UDP checksums.
• TCP Session Emulator (TCPSE) is a tool for generating TCP traffic. The tool provides configurable
features that enable a user to emulate various TCP application dialogs between a TCP client and a TCP server. It emulates multiple hosts establishing thousands of TCP connections. All these TCP sessions are short-lived, which is very typical for web or email traffic.
• HTTP Session Emulator (HTTPSE) is a tool for generating HTTP traffic. It emulates multiple
HTTP clients establishing HTTP connections to a HTTP server. It generates all kinds of HTTP
traffic, including all kinds of HTTP requests and HTTP responses.
• FTP Session Emulator (FTPSE) is a TCP application for transferring files. The FTPSE Client
Emulator generates real FTP traffic and emulates FTP client sessions, which must talk to a real
FTP server. Currently FTPSE only supports the client side in passive mode.
• Large Network Emulators (LNE) is comprised of six programs to support six routing protocols:
BGP, OSPF, ISIS, EIGPR, IGRP and RIP. LNE is used to emulate routers that advertise large router
networks. It can emulate hundreds of routers to emulate multiple peers to a router under test. To
stress the router under test, LNE can flap entire LNE routers, routes advertised by the LNE routers
or route attributes.
• NQR) is , a tool to measure end-to-end network delay, jitter, packet drop, and out-of-sequence packets.

Next time I am going to go deeper into the pagent tools and I am going to give examples how LNE, TGEN, PKTS and much more is working.

Hi blog readers,

I’ve done a small project last week for a customer and the customer was complaining about not getting the speed that he actually ordered at the ISP where I am working for. A lot of network engineers are getting the question very often to measure the troughput/speed because a customer is just unsatisfied with the speeds he is getting.

Well I don’t have to tell you that speedproblems can be the cause of a lot of things … like for example an interface that is not configured correctly in terms of speed or duplex, a faulty cable, a lot of congestion in the LAN network, well I think I can go on for a little while, but what if all those things you checked are OK and the customer is still having speed/toughput problems?

It’s important to first see what the customer is actually trying to do and what he is actualy testing …

My customer for example had a SAN system of HP and he was trying to do a SAN SYNC session with another SAN system based on another loaction.

This SAN application only used 1 TCP session (stream) to do the actual syncronisation… If you don’t know how TCP/IP is actually working you would say that this customer is using the full 200MB  fibre line for his SAN syncronisation session.

But nothing is less true ….

The facts are as following:

• The customer has 2 sites (SITE A and SITE B) (see drawing below)
• Between those sites the customer has a 200MB fibre connection
• The customer is trying to do a SAN Sync between those sites
• The SAN application is using a TCP Window Size of 32k
• The Round Trip Latency (RTT) is 8 milliseconds

When a TCP data transfer happens 2 elements are very important for the transfer, the TCP Window Size AND the round trip latency. If you know these 2 values (as we do) we can calculate the maximum troughput what you can get with 1 TCP stream regardless what speed line you have .

The theory behind this is that in our case here 32kb of data is sent to the other side (SITE B) and after each 32kb of data TCP has to send a ACK of 8 milliseconds, after this ACK is received another 32kb of data is send and after this is received an ACK is send again from SITE B to SITE A after 8 milliseconds … this process is repeated over and over again untill the total data is sent. This 32kb is called the WINDOW SIZE.

We can see our TCP Window Size and our Round Trip Latency values above. With this we can now calculate the maximum troughput with the following formula:

TCP-Window-Size-in-bits / Latency-in-seconds = Bits-per-second-of-throughput

32kb = 32000 bytes
32000 bytes * 8 = 256000 bit (a conversion from bytyes to bits)
256000 / 0.008 (8 miliseconds) = 32000000 bits per second of troughput = 32Mbps maximum throughput per TCP session

So the maximum troughput that we can actually get on this link of 200MB is only 32Mbps.

Possible solutions for this is to either 1) Increase the Window Size that the system is using or 2) try to decrease the Round Trip Latency values. Decreasing the Round Trip Latency values is going to be a pain if these values are already good (in our case the distance between SITE A and SITE B is only 150 km and a RTT of 8 ms is just fine) so our only option is trying to increase the TCP Window Size of the system. This can only be done if the System/Application lets you change this and this is not always the case…

There is also a formule to calculate the ideal Window Size if you know the line speed

Bandwidth-in-bits-per-second * Round-trip-latency-in-seconds = TCP window size in bits / 8 = TCP window size in bytes

The bandwidth of this line was 200MB as we’ve seen before.

200 Mb = 200 000 000 bits per second *  0.008 = 1600000 bits / 8 = 200000 Bytes = 200kb

Your ideal TCP Window Size is in this case 200kb (factor 6 of what the Window Size is now)

drawing-troughput-calculation

Just keep 1 thing in mind … THIS IS ONLY FOR 1 TCP SESSION … so if you would start 4 or 5 extra FTP sessions with a FTP file copy you will see the total bandwidth if being used of this line because all those sessions for example 5 will result in 5 * 32Mbps = 160Mbps wich will make the customer somehow happy with understanding the theory behind this.

There are also a some WAN accelerators available these days like Cisco WAAS for example wich can take these kinds of problems in terms of latency and appication data compression away for you but these technologies cost money and is a whole different BLOG story.

Hope I’ve teaced you guys something and if you have any questions just contact me