cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2518
Views
0
Helpful
4
Replies
Highlighted
Beginner

IP SLA Failure

Below is a very simple IP SLA configuration.  It is designed to monitor traffic across an Metro connection (10.100.8.1)  and if that connection goes down, route through a VPN over the internet to the remote end (10.1.1.42).    Track shows reeachability and all looks correct;  I  can do a source ping over the secondary route and it is a good route.  Unfortuantely, turning down the main interface, it does not work and traffic does not route to secondary interface.   Any ideas?

!

license udi pid CISCO2911/K9 sn FTX1551AKU0

!

!

username celtictech privilege 15 secret 5 $1$qdHW$gnOIDoLFd6LElmKMXdHhv/

username coadmin privilege 15 password 7 14141D0A08092325777B60657B

!

redundancy

!

!

!

track 1 ip sla 1 reachability

!

class-map match-any call-sig

match ip dscp cs3

match ip dscp af31

class-map match-any protocols

match ip dscp cs6

match ip dscp cs7

class-map match-any voice

match ip dscp ef

!

!

policy-map voip

class voice

  priority percent 33

class call-sig

  bandwidth percent 10

class protocols

  bandwidth percent 5

class class-default

  fair-queue

  random-detect

!

!

!

!

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

description MetroE WAN

bandwidth 10000

ip address 10.100.8.2 255.255.255.252

duplex auto

speed auto

service-policy output voip

!

interface GigabitEthernet0/1

bandwidth 100000

ip address 192.168.0.1 255.255.255.0

duplex auto

speed auto

service-policy output voip

!

interface GigabitEthernet0/2

description to Colo via FW VPN

ip address 100.1.1.41 255.255.255.252

duplex auto

speed auto

!

!

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

ip route 0.0.0.0 0.0.0.0 10.100.8.1 track 1 (main route)

ip route 0.0.0.0 0.0.0.0 100.1.1.42 10  (backup route with higher metric)

ip route 100.1.10.0 255.255.255.0 100.1.1.42

ip route 192.168.3.0 255.255.255.0 192.168.0.25

ip route 192.168.5.0 255.255.255.0 192.168.0.25

ip route 192.168.10.0 255.255.255.0 192.168.0.25

!

ip sla responder

ip sla 1

icmp-echo 10.100.8.1 source-interface GigabitEthernet0/0

threshold 2

timeout 1000

frequency 3

ip sla schedule 1 life forever start-time now

logging 10.100.8.132

!

!

!

!

!

!

!

!

control-plane

!

!

!

line con 0

password 7 060506324F41

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

privilege level 15

password 7 124A50444158595779687509

logging synchronous

transport input telnet ssh

!

scheduler allocate 20000 1000

end

Peter Buswell (aka DrVoIP)
http://blog.drvoip.com       

Peter Buswell (aka DrVoIP)
http:/drvoip.com/blog
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Hello Peter,

Your configuration is perfect. I believe this is some freak issue. Suggestion would be reconfigure the ip sla & it's parameters. Remove the tracked route first, delete all the ip sla parameters. Recreate it. I don't remember exactly, but i remember a similar issue happening to me couple of years before. I had delete & re-created ip sla & all were fine post that.

Thanks

Vivek

View solution in original post

4 REPLIES 4
Highlighted
Advisor

Can you post "show track" and "show ip route" when the interface is down?

HTH, John *** Please rate all useful posts ***
Highlighted

I will when able as this is a produciton router, so I need a maintenance window  I can tell you however, that SHOW TRACK confirms that reachability is down.  

Does anyone see anything wrong with the config?   Should this config do the trick?

Peter Buswell (aka DrVoIP)
http://blog.drvoip.com

Peter Buswell (aka DrVoIP)
http:/drvoip.com/blog
Highlighted

Hello Peter,

Your configuration is perfect. I believe this is some freak issue. Suggestion would be reconfigure the ip sla & it's parameters. Remove the tracked route first, delete all the ip sla parameters. Recreate it. I don't remember exactly, but i remember a similar issue happening to me couple of years before. I had delete & re-created ip sla & all were fine post that.

Thanks

Vivek

View solution in original post

Highlighted

I agree with Vivek. The configuration looks fine. If removing/recreating the sla configuration doesn't work, maybe you could try to update the IOS to see if that resolves the issue.

HTH, John *** Please rate all useful posts ***