Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
366
Views
0
Helpful
1
Replies

Can you verify my IP SLA config?

Crag Muer
Beginner
Beginner

‎06-17-2013 02:00 AM - edited ‎03-07-2019 01:55 PM

I am going live soon with a new failover configuration utilizing IP SLA monitoring.  I have tested my configuration as best I could in GNS3 and was hoping someone could take a quick look at what I've done before I go live.  Any help is greatly appreciated!  Here is a brief overview:

  • 3 remote locations connected over Verizon EVPL circuits
  • Each office has it's own internet connection behind an ASA 5510
  • Each ASA has a VPN tunnel pointing to each other
  • I verified that the other router configs mirror each other, save for the addressing
  • Full router configs are attached to the post in case anyone wants to see them

ip sla monitor 1

  type echo protocol ipIcmpEcho 172.20.254.2 source-interface FastEthernet1/0.1741 (EVPL interface to Office #2)

  timeout 2000

  frequency 5

ip sla monitor schedule 1 life forever start-time now

ip sla monitor 2

  type echo protocol ipIcmpEcho 172.20.254.3 source-interface FastEthernet1/0.1741 (EVPL interface to Office #3)

  timeout 2000

  frequency 5

ip sla monitor schedule 2 life forever start-time now

track 1 rtr 1 reachability

track 2 rtr 2 reachability

ip route 192.168.1.0 255.255.255.0 172.20.254.2 track 1 (route to office #2)

ip route 192.168.5.0 255.255.255.0 172.20.254.3 track 2 (route to office #3)

ip route 0.0.0.0 0.0.0.0 192.168.0.2 20 (route to local ASA with backup VPN connections)

Labels:
15362391-router2.txt.zip
15362390-router3.txt.zip
15362392-router1.txt.zip
0 Helpful
1 Reply 1

Zeeshan Siddiqui
Beginner
Beginner

‎06-17-2013 08:31 AM

Hi Crag,

1> ITs best try using a loopback address as your source

type echo protocol ipIcmpEcho 172.20.254.2 source-interface FastEthernet1/0.1741

2> An Icmp ping will be sent every 5 seconds if it fails your route will disappear and can happen a number of times if there is congestion.

frequency 5

track 1 rtr 1 reachability

delay down 7    (If the ping fails twice then your route dis-appears)

or

track 1 rtr 1 reachability

delay down 12  (If the ping fails three times then your route dis-appears)

I have not gone through in detail through the configs  (IS there any specfic section you are worried about ?)

The above two would help.

Pls rate the post if help full


0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents