IP SLA setup for failover

sgalarza · ‎03-22-2017

Our company is trying to set up a failover using IP SLA. We have two locations that we want to have SLA's, where each one can failover to the other if a circuit dies at one location and vice versa. I have a vague idea on how to set this up but I would like another opinion. We have a pretty simple network so the SLA just needs to work and we can take care of the rest. AT&T is our provider so all of our clinics are linked via EVC. If anyone can provide some insight it would be greatly appreciated. This is an old configuration we don't use anymore.

track 10 ip sla 1 reachability
delay down 10 up 10

ip sla 1
icmp-echo 216.240.171.130 source-ip 10.0.1.1
timeout 10000
frequency 15

ip sla schedule 1 life forever start-time now
ip sla enable reaction-alerts
logging esm config

Thanks

Reza Sharifi · ‎03-22-2017

Your config looks correct.
The only thing I would change is from
delay down 10 up 10
to
delay down 10 up 30
So, the circuit does not go back until the connection is stable for 30 seconds.
HTH

sgalarza · ‎03-22-2017

Thank you Reza, am I right as far as flopping the configs at the other site? We have about ten clinics that are going out through our main circuit, eventually we will have two main circuits and we are going to do a 50/50 split having 5 pointing to one circuit and 5 pointing to the other circuit.

Reza Sharifi · ‎03-22-2017

Yes, when you have the second circuit installed, you can split the clinic locations 50/50 as long as you have connectivity between the provides. If you can, I would also use a different provider beside AT&T in the second location. This will give you redundancy in case one of the providers has an outage.

HTH

sgalarza · ‎03-22-2017

I really do appreciate your input. Thank you.

Julio E. Moisa · ‎03-22-2017

Hi

I have configured failover for Internet access like you want, using SLA and EEM script, it will trigger the failover once the message is received, the idea is remove the current default route and create a new one point to the new next hop. Take in consideration that the sintaxis could be different per device model, but basically it is the essence.

Try this config and adjust it to your config

track 10 ip sla 10 reachability
delay down 10

ip sla 10
icmp-echo 216.240.171.130 source-ip 10.0.1.1
timeout 10000
frequency 15

ip sla schedule 10 life forever start-time now
ip sla enable reaction-alerts
logging esm config

event manager applet FAILOVER-INTERNET

event tag prim syslog occurs 1 pattern "%TRACKING-5-STATE: 10 rtr 10 state Up->Down"

event tag sec syslog occurs 1 pattern "%TRACKING-5-STATE: 10 rtr 10 reachability Up->Down"

trigger

correlate event prim or event sec

action 1.0 cli command "enable"

action 2.0 cli command "no ip route 0.0.0.0 0.0.0.0 1.1.1.1 track 10" <--remove the current default route.
action 3.0 cli command "ip route 0.0.0.0 0.0.0.0 2.2.2.2 10" <--create a new default route pointing to other next hop

action 4.0 cli command "exit"

action 5.0 cli command "write memory"

Hope it is useful

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

sgalarza · ‎03-22-2017

Thank you Julio, I must have missed this reply earlier. I will try this config and see if it works once we get everything in place.

Julio E. Moisa · ‎03-22-2017

Hi

Great, the script can be adjustable to your requirements. basically it is a sequence of steps.

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Ilham Bayu Saputra · ‎11-02-2018

Hello Mr,

this is my configure

track 1 ip sla 1
default-state up

ip sla auto discovery
ip sla 1
icmp-echo 10.44.8.81 source-interface Vlan999
timeout 10000
ip sla schedule 1 life forever start-time now

ip route 10.44.0.0 255.255.0.0 10.44.8.81 name TDMS-via_Icon track 1
ip route 10.44.0.0 255.255.0.0 10.44.8.82 200 name TDMS-via_Icon

i have cisco 800 series, any revision for my configure for better failover?

Georg Pauwen · ‎11-02-2018

Hello,

you need to add a higher administrative distance to the backup route:

track 1 ip sla 1
default-state up

ip sla auto discovery
ip sla 1
icmp-echo 10.44.8.81 source-interface Vlan999
timeout 10000
ip sla schedule 1 life forever start-time now

ip route 10.44.0.0 255.255.0.0 10.44.8.81 name TDMS-via_Icon track 1
ip route 10.44.0.0 255.255.0.0 10.44.8.82 200 name TDMS-via_Icon 10

Ilham Bayu Saputra · ‎11-07-2018

tkanks for your attention,

ip route 10.44.0.0 255.255.0.0 10.44.8.81 name TDMS-via_Icon track 1
ip route 10.44.0.0 255.255.0.0 10.44.8.82 *200* name TDMS-via_Icon 10

but 200 in comand it is administrative distance.

i want ask you about certificat CCNA, why cisco not send my certificate to
my email?im trying pay 3 USD but still erorr, what happend?