Solved: IP SLA for Single Host on Cloud Not Working

Hamidsattarrana · ‎10-23-2019

Hi,

I have one VOIP server on cloud and I have 2 ISPs. All server traffic is going via Primary path.

IP SLA is configured but when 1st ISP goes down, IP SLA track object goes down too but end-user not failover to 2nd ISP.

VOIP-Server IP Address: XXX.XX.XX.XX

My Config is Below:

ip sla 1

icmp-echo VOIP-Server source-ip LAN-IP Address

exit

track 1 ip sla 1

ip route XXX.XX.XX.XX 255.255.255.255 YYY.YY.YY.YY track 1 >>>> Same route with track 1 (1st-ISP)

ip route XXX.XX.XX.XX 255.255.255.255 YYY.YY.YY.YY >>>>> Static route to VOIP-Server (1st-ISP)

ip route XXX.XX.XX.XX 255.255.255.255 ZZZ.ZZ.ZZ.ZZ 2 >>>>> static route to VOIP-Server (Backup-ISP)

ip route 0.0.0.0 0.0.0.0 ZZZ.ZZ.ZZ.ZZ 3 >>>>>> Default route to Backup-ISP for all other traffic.

What is wrong with the configurations?

Georg Pauwen · ‎10-24-2019

Hello,

in that case, take the default route out of the script. Since the AD will failover the default routes, I would still leave the clear commands in there...

Here is the adapted version:

event manager applet ISP_1_DOWN
event track 1 state down
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "no ip route xxx.xx.xx.xx 255.255.255.255 yyy.yy.yy.yy
action 4.0 cli command "ip route xxx.xx.xx.xx 255.255.255.255 zzz.zz.zz.zz
action 5.0 cli command "end"
action 6.0 cli command “clear ip nat translation *”
action 7.0 cli command "clear call voice stale-entry"
!
event manager applet ISP_1_UP
event track 1 state up
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "ip route xxx.xx.xx.xx 255.255.255.255 yyy.yy.yy.yy
action 4.0 cli command "no ip route xxx.xx.xx.xx 255.255.255.255 zzz.zz.zz.zz
action 5.0 cli command "end"
action 6.0 cli command “clear ip nat translation *”
action 7.0 cli command "clear call voice stale-entry"

View solution in original post

balaji.bandi · ‎10-23-2019

Can you post full config or check below config example :

track 8 ip sla 1 reachability

ip sla 1
 icmp-echo 10.0.12.2 source-ip 10.0.12.1
ip sla schedule 1 life forever start-time now

ip route 0.0.0.0 0.0.0.0 10.0.12.2 track 8
ip route 0.0.0.0 0.0.0.0 10.0.13.2 10

I suggest to do the basic setup and go to advanced level tweaking rather making complicated.

for testing remove ip route 0.0.0.0 0.0.0.0 ZZZ.ZZ.ZZ.ZZ 3

instead of XX.XX.XX.XXX send all traffic to ISP A , if fails to Send ISP B, if that is working you can go to next level tweaking.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎10-23-2019

Hello,

is there a specific reason for the host routes ? If there is, you might be better off using an EEM script such as the one below. Basically, if the SLA is down, you remove the static default and host route to the primary ISP, and add the corresponding routes to the backup ISP. If the primary ISP is up, the opposite occurs/ The script also clears existing NAT entries and hung voice calls.

track 1 ip sla 1 reachability
!
ip sla 1
icmp-echo VOIP-Server source-ip LAN-IP-Address
frequency 5
threshold 3000
!
ip sla schedule 1 life forever start-time now
!
event manager applet ISP_1_DOWN
event track 1 state down
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "no ip route xxx.xx.xx.xx 255.255.255.255 yyy.yy.yy.yy
action 4.0 cli command "no ip route 0.0.0.0 0.0.0.0 yyy.yy.yy.yy
action 5.0 cli command "ip route xxx.xx.xx.xx 255.255.255.255 zzz.zz.zz.zz
action 6.0 cli command "ip route 0.0.0.0 0.0.0.0 zzz.zz.zz.zz
action 7.0 cli command "end"
action 8.0 cli command “clear ip nat translation *”
action 9.0 cli command "clear call voice stale-entry"
!
event manager applet ISP_1_UP
event track 1 state up
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "ip route xxx.xx.xx.xx 255.255.255.255 yyy.yy.yy.yy
action 4.0 cli command "ip route 0.0.0.0 0.0.0.0 yyy.yy.yy.yy
action 5.0 cli command "no ip route xxx.xx.xx.xx 255.255.255.255 zzz.zz.zz.zz
action 6.0 cli command "no ip route 0.0.0.0 0.0.0.0 zzz.zz.zz.zz
action 7.0 cli command "end"
action 8.0 cli command “clear ip nat translation *”
action 9.0 cli command "clear call voice stale-entry"

Hamidsattarrana · ‎10-23-2019

Do I have to give the static routes command for xxx.xx.xx.xxx host separetly with equal AD?

balaji.bandi · ‎10-24-2019

No it is not required, since the suggest EEM script removing the routes and adding routes.

Can you clarify that do you need only that host to be failover not other traffic ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hamidsattarrana · ‎10-24-2019

Yes I need to only host XXX.XX.XX.XX to be fail over.

Georg Pauwen · ‎10-24-2019

Hello,

I am not clear on what you are trying to achieve. Is the default traffic going out to a different next hop than the the host route ? If you have only two ISPs, if one fails, ALL traffic can only go out through the other link. So what do you need the host route AND the default route for ?

Either way, the EEM script suggested inserts both the host and the default routes. No administrative distance is required, as you are tracking the SLA, not the routes...

Hamidsattarrana · ‎10-24-2019

Yes default route is going via 2nd ISP and host route is going via 1st ISP. I don't want fail over for default route. But I do want fail over for that host, that if it fails from 1st ISP then it should go through via 2nd ISP.
I am setting the default route not in the script but in the routing table with greater AD value

Georg Pauwen · ‎10-24-2019

Hello,

in that case, take the default route out of the script. Since the AD will failover the default routes, I would still leave the clear commands in there...

Here is the adapted version:

event manager applet ISP_1_DOWN
event track 1 state down
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "no ip route xxx.xx.xx.xx 255.255.255.255 yyy.yy.yy.yy
action 4.0 cli command "ip route xxx.xx.xx.xx 255.255.255.255 zzz.zz.zz.zz
action 5.0 cli command "end"
action 6.0 cli command “clear ip nat translation *”
action 7.0 cli command "clear call voice stale-entry"
!
event manager applet ISP_1_UP
event track 1 state up
action 1.0 cli command “enable”
action 2.0 cli command "conf t"
action 3.0 cli command "ip route xxx.xx.xx.xx 255.255.255.255 yyy.yy.yy.yy
action 4.0 cli command "no ip route xxx.xx.xx.xx 255.255.255.255 zzz.zz.zz.zz
action 5.0 cli command "end"
action 6.0 cli command “clear ip nat translation *”
action 7.0 cli command "clear call voice stale-entry"

Hamidsattarrana · ‎10-24-2019

It's working fine Guys with the configurations you have provided. Thanks for your quick support.

balaji.bandi · ‎10-24-2019

what will be the situation of the ISP Fails, as the default route point to ISP 2? you ready for blackhole traffic?

in that case, only your HOST running with ISP 1, rest all will be dropped due to link failure, is this acceptable for business?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hamidsattarrana · ‎10-24-2019

Yes it's okay for now. But we will do something about it in future.