#

Friday, September 1, 2017

Change Static Routes using IP SLA & Track Objects

IP SLA (Service Level Agreement) allows us to generate traffic which can be used to check delay/latency, jitter etc. When it is used with object tracking, we can check the reachability of an IP address (by pinging) or a certain service by connecting to it (using TCP).
If the IP address/service is unreachable we can apply a certain action to happen..

This note explains how to configure IP SLA with track objects to change a route..


















Let's assume our router is R1. We have 2 internet links from 2 service providers..
For this lab, let's assume that the circuit 1 is from R1 to R4 & the circuit 2 is from R1 to R5..

Requirement:-
(1) We want to route all traffic to internet via ISP-1 as the primary path.
(2) If ISP-1 is unable to give a circuit which has a RTT of 100 ms, change the path to ISP-2.

Assuming ISP routing & other basic configurations work well;

IP SLA configuration is as follows..

R1(config)#ip sla 1
R1(config-ip-sla)#icmp-echo 172.16.24.4
R1(config-ip-sla-echo)#threshold 100
R1(config-ip-sla-echo)#timeout 200
R1(config-ip-sla-echo)#frequency 1

Commands above will implement the following respectively..

IP SLA entry number is 1
Target to ping is 172.16.24.4
RTT (Round Trip Time) value of the icmp-echo operation is 100 ms
Operation will timeout in 200 ms if no reply considering unreachable
Operation will execute in every second

Following command will start the operation from now and will run forever..
R1(config)#ip sla schedule 1 start-time now life forever

Following command will bind track object 10 with ip sla 1's return code..
R1(config)#track 10 ip sla 1

Following command will bind the static route with track object 10..
R1(config)#ip route 0.0.0.0 0.0.0.0 172.16.12.2 track 10

Following command will state the fallback route to ISP-2 with a higher metric (2)
R1(config)#ip route 0.0.0.0 0.0.0.0 172.16.13.3 2

Note that without IP SLA, if & only if the R1-R2 link goes down, the route will be failed over..

Configurations are over & it will work fine..

Threshold is boundary value measured over the operation result (e.g. RTT, or jitter value collected during the operation). Crossing threshold usually means SLA contract violation.

Timeout is the maximum time required for SLA operation to complete - for example the timeout waiting for probe response.

Timeout is directly used to restart the operation. Threshold is used to activate a response to IP SLA violation, e.g. send SNMP trap, start secondary SLA operation, route fallback etc..

Frequency > Timeout > Threshold

Important show commands:-
R1#show ip sla summary
R1#show ip sla statistics
R1#show track brief

In normal operation following healthy outputs will be visible..











As you can see;
the RTT is 1 hence the return code is OK..
Track object will remain up..





Return code will be displayed as "Over Threshold" & the track object will be "Down" when the RTT goes over 100ms. As soon as the IP SLA return code becomes OK again, (RTT becomes lesser than 100 ms), IP SLA code will be OK and the track object will be up changing the route again to ISP-1..

When the R2-R4 link goes down (unreachable), following will be the outputs..
(1st show ip route is when everything is ok)


No comments:

Post a Comment