cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1645
Views
0
Helpful
4
Replies

ip sla icmp set df bit

adnane dakna
Level 1
Level 1

I want to set a mechanism to control reachbility between two nodes using ip sla ,but I can't find  any way setting df bit for ip sla icmp packets , Is there any ideas to do that ?

Best regards.

1 Accepted Solution

Accepted Solutions

Hi,

int f1/0

no ip policy route-map df

exit

ip local policy route-map df

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

View solution in original post

4 Replies 4

cadet alain
VIP Alumni
VIP Alumni

Hi,

use a local PBR for ip sla ping packets which sets the df bit to zero.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

I do that but it dosen't work , access list match trafic but  the route-map match nothing.

route-map df, permit, sequence 10

  Match clauses:

    ip address (access-lists): 1

  Set clauses:

    ip df 1

  Policy routing matches: 0 packets, 0 bytes

my architecure is basic  R1<------->R3

Config R1: 

!

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime localtime

no service password-encryption

!

hostname R1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

!

resource policy

!

memory-size iomem 5

ip subnet-zero

!

!

ip cef

no ip domain lookup

ip domain name lab.local

no ip dhcp use vrf connected

!

!

!no ip ips deny-action ips-interface

ip sla monitor logging traps

ip sla monitor 1

type echo protocol ipIcmpEcho 20.20.20.2

request-data-size 1500

frequency 5

!ip sla monitor reaction-configuration 1 react timeout threshold-type immediate action-type trapOnly

!ip sla monitor schedule 1 life forever start-time now

!

no ftp-server write-enable

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!track 1 rtr 1 reachability

!

no crypto isakmp ccm

!

!

!

!

interface FastEthernet0/0

ip address 10.10.10.2 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet1/0

ip address 20.20.20.1 255.255.255.0

ip policy route-map df

duplex auto

speed auto

!

no ip http server

no ip http secure-server

ip classless

!

!

!

logging 10.10.10.1

access-list 1 permit 20.20.20.0 0.0.0.3

!

route-map df permit 10

match ip address 1

set ip df 1

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

login

!

!

end

Config R3:

!

!

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R3

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

!

resource policy

!

memory-size iomem 5

ip subnet-zero

!

!

ip cef

no ip domain lookup

ip domain name lab.local

no ip dhcp use vrf connected

!

!

no ip ips deny-action ips-interface

!

no ftp-server write-enable

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

no crypto isakmp ccm

!

!

!

!

interface FastEthernet0/0

ip address 20.20.20.2 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet1/0

no ip address

duplex auto

speed auto

!

no ip http server

no ip http secure-server

ip classless

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

login

!

!

end

Hi,

int f1/0

no ip policy route-map df

exit

ip local policy route-map df

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

Thanks alain , now  its works for me .

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco