Cisco IP Service Level Agreement (SLA) feature -
Cisco IOS IP SLAs allow paths to be changed based on network conditions such as jitter,latency, load and other factors.
Over here used icmp parameter to check router reachability and also tracking router reachability.Configured static route.
Traffic to moved from one ISP to another ISP incase of link failure and back to again primary after restoration of link.
With Cisco IOS Release 12.4(4)T, 12.2(33)SB, and 12.2(33)SXI, the ip sla command has replaced the previous ip sla monitor command. In addition, the icmp-echo command has replaced the type echo protocol ipIcmpEcho command.
ip sla 1
icmp-echo x.x.x.x (destination address)
For detailed information refer:
Link: http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/44sg/configuration/guide/swipsla.html
IP SLA Configuration:
Topology:
Configuration:
Branch Config:
R1#sh running-config
Building configuration...
Current configuration : 1683 bytes
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryptio
hostname R1
boot-start-marker
boot-end-marker
no aaa new-model
memory-size iomem 5
ip cef
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip sla monitor 11
type echo protocol ipIcmpEcho 209.165.203.1
frequency 10
ip sla monitor schedule 11 life forever start-time now
ip sla monitor 22
type echo protocol ipIcmpEcho 209.165.204.1
frequency 10
ip sla monitor schedule 22 life forever start-time now
!
track 1 rtr 11 reachability
delay down 10 up 1
!
track 2 rtr 22 reachability
delay down 10 up 1
!
interface Loopback0
description R1 lan
ip address 192.168.1.1 255.255.255.0
!
interface Serial0/0
description R1-->ISP1
bandwidth 128
ip address 209.165.201.2 255.255.255.252
serial restart-delay 0
clock rate 128000
!
interface Serial0/1
description R1-->ISP2
bandwidth 128
ip address 209.165.202.130 255.255.255.252
serial restart-delay 0
clock rate 128000
!
interface Serial0/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial0/3
no ip address
shutdown
serial restart-delay 0
!
no ip http server
no ip http secure-server
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 209.165.201.1 2 track 1
ip route 0.0.0.0 0.0.0.0 209.165.202.129 3 track 2
ip route 0.0.0.0 0.0.0.0 209.165.201.1 5
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
end
R1#
ISP1 Config:
R2#sh running-config
Building configuration...
Current configuration : 1428 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
ip domain name lab.local
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
Loopback0
description web server
ip address 209.165.200.254 255.255.255.255
!
interface Loopback1
description IPS1 DNS Server
ip address 209.165.203.1 255.255.255.255
!
interface Serial0/0
description ISP1-->R1
bandwidth 128
ip address 209.165.201.1 255.255.255.252
serial restart-delay 0
clock rate 128000
!
interface Serial0/1
bandwidth 128
ip address 209.165.200.225 255.255.255.252
serial restart-delay 0
clock rate 128000
!
interface Serial0/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial0/3
no ip address
shutdown
serial restart-delay 0
!
router eigrp 1
network 209.165.200.224 0.0.0.3
network 209.165.201.0 0.0.0.3
network 209.165.203.0
no auto-summary
!
no ip http server
no ip http secure-server
!
ip forward-protocol nd
ip route 192.168.1.0 255.255.255.0 209.165.201.2
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
R2#
ISP2 Config:
R3#sh running-config
Building configuration...
Current configuration : 1459 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
ip domain name lab.local
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
interface Loopback0
description Web Server
ip address 209.165.200.254 255.255.255.255
!
interface Loopback1
description ISP2 DNS Server
ip address 209.165.204.1 255.255.255.255
!
interface Serial0/0
description ISP2-->R1
bandwidth 128
ip address 209.165.202.129 255.255.255.252
serial restart-delay 0
clock rate 128000
!
interface Serial0/1
description ISP2-->ISP1
bandwidth 128
ip address 209.165.200.226 255.255.255.252
serial restart-delay 0
clock rate 128000
!
interface Serial0/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial0/3
no ip address
shutdown
serial restart-delay 0
!
router eigrp 1
network 209.165.200.224 0.0.0.3
network 209.165.202.128 0.0.0.3
network 209.165.204.0
no auto-summary
!
no ip http server
no ip http secure-server
!
ip forward-protocol nd
ip route 192.168.1.0 255.255.255.0 209.165.202.130
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
R3#
Troubleshooting:
R1#sh interface description
Interface Status Protocol Description
Se0/0 up up R1-->ISP1
Se0/1 up up R1-->ISP2
Se0/2 admin down down
Se0/3 admin down down
Lo0 up up R1 lan
R1#sh ip sla monitor configuration 11
IP SLA Monitor, Infrastructure Engine-II.
Entry number: 11
Owner:
Tag:
Type of operation to perform: echo
Target address: 209.165.203.1
Request size (ARR data portion): 28
Operation timeout (milliseconds): 5000
Type Of Service parameters: 0x0
Verify data: No
Operation frequency (seconds): 10
Next Scheduled Start Time: Start Time already passed
Group Scheduled : FALSE
Life (seconds): Forever
Entry Ageout (seconds): never
Recurring (Starting Everyday): FALSE
Status of entry (SNMP RowStatus): Active
Threshold (milliseconds): 5000
Number of statistic hours kept: 2
Number of statistic distribution buckets kept: 1
Statistic distribution interval (milliseconds): 20
Number of history Lives kept: 0
Number of history Buckets kept: 15
History Filter Type: None
Enhanced History:
R1#sh ip sla monitor configuration 22
IP SLA Monitor, Infrastructure Engine-II.
Entry number: 22
Owner:
Tag:
Type of operation to perform: echo
Target address: 209.165.204.1
Request size (ARR data portion): 28
Operation timeout (milliseconds): 5000
Type Of Service parameters: 0x0
Verify data: No
Operation frequency (seconds): 10
Next Scheduled Start Time: Start Time already passed
Group Scheduled : FALSE
Life (seconds): Forever
Entry Ageout (seconds): never
Recurring (Starting Everyday): FALSE
Status of entry (SNMP RowStatus): Active
Threshold (milliseconds): 5000
Number of statistic hours kept: 2
Number of statistic distribution buckets kept: 1
Statistic distribution interval (milliseconds): 20
Number of history Lives kept: 0
Number of history Buckets kept: 15
History Filter Type: None
Enhanced History:
R1#sh ip sla monitor statistics
Round trip time (RTT) Index 11
Latest RTT: 95 ms
Latest operation start time: *00:26:53.151 UTC Fri Mar 1 2002
Latest operation return code: OK
Number of successes: 148
Number of failures: 13
Operation time to live: Forever
Round trip time (RTT) Index 22
Latest RTT: 121 ms
Latest operation start time: *00:26:53.159 UTC Fri Mar 1 2002
Latest operation return code: OK
Number of successes: 147
Number of failures: 14
Operation time to live: Forever
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 209.165.201.1 to network 0.0.0.0
209.165.201.0/30 is subnetted, 1 subnets
C 209.165.201.0 is directly connected, Serial0/0
209.165.202.0/30 is subnetted, 1 subnets
C 209.165.202.128 is directly connected, Serial0/1
C 192.168.1.0/24 is directly connected, Loopback0
S* 0.0.0.0/0 [2/0] via 209.165.201.1
Testing SLA working:
Reachablity to ISP1 goes down
ISP1(config)#interface loopback 1
ISP1(config-if)#shutdown
ISP1(config-if)#
*Mar 1 00:49:32.983: %LINK-5-CHANGED: Interface Loopback1, changed state to administratively down
*Mar 1 00:49:33.983: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to down
ISP1(config-if)#^Z
ISP1#
*Mar 1 00:49:37.083: %SYS-5-CONFIG_I: Configured from console by console
R1#debug ip routing
IP routing debugging is on
R1#
*Mar 1 00:47:12.355: RT: NET-RED 0.0.0.0/0
R1#
*Mar 1 00:48:12.359: RT: NET-RED 0.0.0.0/0
R1#
*Mar 1 00:49:12.363: RT: NET-RED 0.0.0.0/0
R1#
*Mar 1 00:50:12.367: RT: NET-RED 0.0.0.0/0
R1#
*Mar 1 00:51:12.371: RT: NET-RED 0.0.0.0/0
R1#
*Mar 1 00:51:47.735: %TRACKING-5-STATE: 1 rtr 11 reachability Up->Down
*Mar 1 00:51:47.739: RT: del 0.0.0.0 via 209.165.201.1, static metric [2/0]
*Mar 1 00:51:47.743: RT: delete network route to 0.0.0.0
*Mar 1 00:51:47.743: RT: NET-RED 0.0.0.0/0
*Mar 1 00:51:47.747: RT: NET-RED 0.0.0.0/0
*Mar 1 00:51:47.751: RT: SET_LAST_RDB for 0.0.0.0/0
NEW rdb: via 209.165.202.129
*Mar 1 00:51:47.755: RT: add 0.0.0.0/0 via 209.165.202.129, static metric [3/0]
*Mar 1 00:51:47.755: RT: NET-RED 0.0.0.0/0
*Mar 1 00:51:47.759: RT: default path is now 0.0.0.0 via 209.165.202.129
*Mar 1 00:51:47.763: RT: new default network 0.0.0.0
*Mar 1 00:51:47.763: RT: NET-RED 0.0.0.0/0
R1#
R1#sh ip route
Gateway of last resort is 209.165.202.129 to network 0.0.0.0
209.165.201.0/30 is subnetted, 1 subnets
C 209.165.201.0 is directly connected, Serial0/0
209.165.202.0/30 is subnetted, 1 subnets
C 209.165.202.128 is directly connected, Serial0/1
C 192.168.1.0/24 is directly connected, Loopback0
S* 0.0.0.0/0 [3/0] via 209.165.202.129
R1#sh ip sla monitor statistics
Round trip time (RTT) Index 11
Latest RTT: NoConnection/Busy/Timeout
Latest operation start time: *00:57:43.151 UTC Fri Mar 1 2002
Latest operation return code: No connection
Number of successes: 295
Number of failures: 51
Operation time to live: Forever
Round trip time (RTT) Index 22
Latest RTT: 80 ms
Latest operation start time: *00:57:43.159 UTC Fri Mar 1 2002
Latest operation return code: OK
Number of successes: 332
Number of failures: 14
Operation time to live: Forever
Now it is going through secondary path:
R1#traceroute 209.165.200.254 source 192.168.1.1
Type escape sequence to abort.
Tracing the route to 209.165.200.254
1 209.165.202.129 36 msec * 36 msec
Now reachablity to ISP1 regains link status up:
ISP1(config)#interface loopback 1
ISP1(config-if)#no shutdown
ISP1(config-if)#
*Mar 1 01:00:38.799: %LINK-3-UPDOWN: Interface Loopback1, changed state to up
*Mar 1 01:00:39.799: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up
R1#
*Mar 1 01:01:12.415: RT: NET-RED 0.0.0.0/0
R1#
*Mar 1 01:02:12.419: RT: NET-RED 0.0.0.0/0
R1#
*Mar 1 01:02:49.159: %TRACKING-5-STATE: 1 rtr 11 reachability Down->Up
*Mar 1 01:02:49.163: RT: closer admin distance for 0.0.0.0, flushing 1 routes
*Mar 1 01:02:49.167: RT: NET-RED 0.0.0.0/0
*Mar 1 01:02:49.167: RT: SET_LAST_RDB for 0.0.0.0/0
NEW rdb: via 209.165.201.1
*Mar 1 01:02:49.171: RT: add 0.0.0.0/0 via 209.165.201.1, static metric [2/0]
*Mar 1 01:02:49.175: RT: NET-RED 0.0.0.0/0
*Mar 1 01:02:49.179: RT: default path is now 0.0.0.0 via 209.165.201.1
*Mar 1 01:02:49.179: RT: new default network 0.0.0.0
*Mar 1 01:02:49.183: RT: NET-RED 0.0.0.0/0
R1#
*Mar 1 01:02:54.167: RT: NET-RED 0.0.0.0/0
Now it is going through primary path:
R1#traceroute 209.165.200.254 source 192.168.1.1
Type escape sequence to abort.
Tracing the route to 209.165.200.254
1 209.165.201.1 60 msec * 28 msec
Yes…..Successfully achieved the task: When primary goes down, branch can reach through secondary link to Web server. And when primary link gets restored, branch reaches web server through primary path.