Hello Pat, this is a good

Patrick McHenry · ‎04-23-2014

Hey -

I would like to create as IP SLA for our remote Internet circuits that will trigger an alert when not working. This way we will be alerted even if the Outside interface remains up and pingable. The architecture is such that if the Internet is down at a remote site, all Internet traffic from that site will traverse the WAN pipe.So, we might never find out that the Internet is down at the remote site.

Should I create an IP SLA that is constantly pinging an address and trigger an alert when that IP SLA fails?

If so, would it be bettter to ping a known public IP address (4.2.2.2) or one of our own and configure the IP SLA operation only to ping the address via the Internet circuit?

Or, is there another way I am not thinking about?

Thanks, Pat

sathvik k v · ‎04-23-2014

Hi Pat,

Understand you would want to monitor the internet link of the remote site. If you are using BGP with the ISP then BGP trap is a better option else would suggest IPSLA to one of your own IP.

Regards,

Sathvik K V

Bilal Nawaz · ‎04-23-2014

Hello Sathvik,

The bgp neighborship could be up - and internet still down, I'm not sure but enabling bgp trap may not work in this case. I think we want to achieve full internet connectivity monitoring from the sites not just bgp specific events.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

sathvik k v · ‎04-24-2014

Bilal,

True, if he wants end to end connectivity then IPSLA is a better option. I thought he wants to monitor only the remote site internet connectivity.

Regards,

Sathvik K V

Bilal Nawaz · ‎04-24-2014

Hello Pat, this is a good idea, however perhaps one small problem which you may have thought about already.

Lets say we have site A with internet circuits, bgp peering with ISP etc... If you have a backup route for all your internet traffic through your WAN, in theory the ping will never stop working even when the internet links are broken along the path.

So I would possibly do this...

create a static route to 8.8.8.8 via the bgp peer which is recommended or static out the interface connecting to the ISP BGP peer.
Create IP SLA to ping at 8.8.8.8
You have couple of options - EEM script, syslogs, SNMP Traps to trigger the alert.

One problem with the static route though pointing towards your bgp peer, if the interface was to go down, I believe that the static route will no longer be in the routing table, so this is a down side. But then one would assume you are monitoring the interfaces themselves. Therefor you have the option of pointing the static route at the interface for exit point.

R1(config)#ip route 8.8.8.8 255.255.255.255 x.x.x.x name ##IPSLA-VIA-BGP##

R1(config)#ip sla 1

R1(config-ip-sla)# icmp-echo 8.8.8.8

R1(config-ip-sla-echo)# frequency 5

R1(config-ip-sla-echo)#exit

R1(config)#ip sla schedule 1 life forever start-time now

R1(config)#

R1(config)#track 1 ip sla 1 reachability

R1(config)#ip sla logging traps

R1(config)#ip sla reaction-configuration 1 react timeout action-type trapAndTrigger

R1(config)#ip sla logging traps

R1(config)#snmp-server host y.y.y.y version 2c abc

R1(config)#snmp-server enable traps ipsla

I haven't tested the above configuration but I'm fairly sure it will assist you in achieving a complete solution

hth.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Android4255 · ‎01-03-2018

You can also use 'bool' in your ip sla and use several IP's to monitor with and/or. Check this link out: http://packetpushers.net/using-ip-sla-delay-feature-to-safely-monitor-lossy-links/

Internet Status IP SLA Best Practice