Been so many sleep less nights wondering what ip sla was until i configured it my self .
Ip sla is basically as one of the methods for enhanced object trackings .
Few names for IP sla
Ip sla -> service level agreeement
or
RTR -> response time reporter
or
SAA -> service assurance agent
Ip sla is used to track many things including DELAY , apps response time such as HTTP , DHCP , DNS , TCP and also reachability using ICMP ECHO
We will basically use it for FHRP (first hop redundancy tracking)
Here is the scenario with HSRP Enabled routers. i would use ip sla to track the interfaces and their status and if active goes down then standby should take over with the help of Ip sla . unlike interface tracking this is fun and powerful as i have added something spicy into the topology
here is what i have done
Initial Congiruation
R1
router eigrp 1
net 10.0.0.0
net 13.0.0.0
pass fa0/0
no auto
same conf on R2
r3
int l1
ip addr 1.1.1.1 255.255.255.0
router eigrp 1
net 13.0.0.0
net 23.0.0.0
net 1.0.0.0
no auto
R4 has a special configuration and will act like a host . so lets turn off routing for it
r4(conf)#no ip routing
r4(conf)#ip default-gateway 10.0.0.10 -> this would be hsrp Virtual Ip address .
int fa0/0
ip addr 10.0.0.4 255.255.255.0
—————
before enabling HSRP we should not be able to ping the V.ip lets verify it on R4
r4#ping 10.0.0.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)
r4#ping 10.0.0.10
Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:…..Success rate is 0 percent (0/5)
let us enable HSRP now on R1 and R2
r1(config)#int fa0/0
r1(config-if)#standby 1 ip 10.0.0.10
r1(config-if)#standby 1 preempt
r1(config-if)#exit
r1(config)#
*Mar 1 00:14:58.659: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -> Active
r1(config)#
————
r2(config)#int fa0/0
r2(config-if)#standby 1 preempt
r2(config-if)#standby 1 ip 10.0.0.10
r2(config-if)#end
r2#
*Mar 1 00:15:07.643: %SYS-5-CONFIG_I: Configured from console by console
r2#
*Mar 1 00:15:26.727: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Speak -> Standby
r1#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Fa0/0 1 100 P Active local 10.0.0.2 10.0.0.10
r1#
Now lets try to ping 10.0.0.10 from R4 host
Bingo
r4#ping 10.0.0.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/259/1072 ms
r4#
lets try and see pinging 1.1.1.1 from R4 host
r4#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 16/56/84 ms
r4#
r4#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 10.0.0.1 84 msec 96 msec 24 msec
2 13.0.0.3 48 msec * 68 msec
as traceroute indicates it is indeed taking R1 .
without implementing any ip sla lets shutdown fa0/0 port of R1 and see our results . R4 should now take R2
r1(config)#int fa0/0
r1(config-if)#shut
r1(config-if)#
*Mar 1 00:19:01.699: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Active -> Init
r2#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Fa0/0 1 100 P Active local unknown 10.0.0.10
r2#
Now R4 is taking R2 as the gateway
r4#ping 10.0.0.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/31/124 ms
r4#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/48/128 ms
r4#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 10.0.0.2 112 msec 32 msec 12 msec
2 23.0.0.3 84 msec * 116 msec
r4#
—–
now standby router took over as interface local to us went down . But what happens if the interface on the other end goes down ? .. yes we still have options such as interface tracking to employ but we will go with Ip sla and implement Enhanced object tracking .
r1(config)#ip sla 1
r1(config-ip-sla)#?
IP SLAs entry configuration commands:
dhcp DHCP Operation
dlsw DLSW Operation
dns DNS Query Operation
exit Exit Operation Configuration
frame-relay Frame-relay Operation
ftp FTP Operation
http HTTP Operation
icmp-echo ICMP Echo Operation
icmp-jitter ICMP Jitter Operation
mpls MPLS Operation
path-echo Path Discovered ICMP Echo Operation
path-jitter Path Discovered ICMP Jitter Operation
slm SLM Operation
tcp-connect TCP Connect Operation
udp-echo UDP Echo Operation
udp-jitter UDP Jitter Operation
voip Voice Over IP Operation
r1(config-ip-sla)#icmp-echo ?
Hostname or A.B.C.D Destination IP address or hostname, broadcast disallowed
r1(config-ip-sla)#icmp-echo 1.1.1.1 ?
source-interface Source Interface (ingress icmp packet interface)
source-ip Source Address
<cr>
r1(config-ip-sla)#icmp-echo 1.1.1.1
r1(config-ip-sla-echo)#?
IP SLAs echo Configuration Commands:
default Set a command to its defaults
exit Exit operation configuration
frequency Frequency of an operation
history History and Distribution Data
no Negate a command or set its defaults
owner Owner of Entry
request-data-size Request data size
tag User defined tag
threshold Operation threshold in milliseconds
timeout Timeout of an operation
tos Type Of Service
verify-data Verify data
vrf Configure IP SLAs for a VPN Routing/Forwarding instance
r1(config-ip-sla-echo)#frequency 3
%Illegal Value: Cannot set Frequency to be less than Timeout
r1(config-ip-sla-echo)#timeout 2000
r1(config-ip-sla-echo)#exit
r1(config)#
r1(config)#track 1 ?
application Application
interface Select an interface to track
ip IP protocol
list Group objects in a list
rtr Response Time Reporter (RTR) entry
stub-object Stub tracking object
r1(config)#track 1 rtr 1 ?
reachability Reachability
state Return code state
<cr>
r1(config)#track 1 rtr 1 state ?
<cr>
r1(config)#track 1 rtr 1 state
r1(config-track)#?
Tracking instance configuration commands:
default Set a command to its defaults
delay Tracking delay
exit Exit from tracking configuration mode
no Negate a command or set its defaults
r1(config-track)#exit
r1(config)#
r1(config)#int fa0/0
r1(config-if)#standby 1 track 1 decrement 255
r1(config-if)#exit
r1(config)#
similarly on R2
now what i will shut down fa0/1 of R3 which is connecting to R2 active router of hsrp this should trigger Ip sla and R1 should take over .
we have forgot one of the most important commands
r1(config)#ip sla schedule 1 start-time now life forever
r2(config)#ip sla schedule 1 start-time now life forever
r2#show ip sla stat
Round Trip Time (RTT) for Index 1
Latest RTT: 107 milliseconds
Latest operation start time: *00:32:34.023 UTC Fri Mar 1 2002
Latest operation return code: OK
Number of successes: 4
Number of failures: 0
Operation time to live: Forever
r3(config)#int fa0/1
r3(config-if)#
r3(config-if)#
r3(config-if)#shut
r3(config-if)#
*Mar 1 00:33:32.727: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 23.0.0.2 (FastEthernet0/1) is down: interface down
r3(config-if)#
*Mar 1 00:33:34.483: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
*Mar 1 00:33:35.483: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
r3(config-if)#
r2#debug ip sla error
IP SLAs ERROR debugging for all operations is on
r2#
*Mar 1 00:33:38.007: %TRACKING-5-STATE: 1 rtr 1 state Up->Down
r2#
*Mar 1 00:33:40.527: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Active -> Speak
r2#
*Mar 1 00:33:46.283: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 23.0.0.3 (FastEthernet0/1) is down: holding time expired
r2#
*Mar 1 00:33:50.527: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Speak -> Standby
r2#
look at sla debug message
Mar 1 00:33:38.007: %TRACKING-5-STATE: 1 rtr 1 state Up->Down
r4#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 32/73/120 ms
r4#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 10.0.0.1 164 msec 68 msec 16 msec -> its going through r1 now
2 13.0.0.3 28 msec
lets us look at sla output message
r2#show ip sla stat
Round Trip Time (RTT) for Index 1
Latest RTT: NoConnection/Busy/Timeout
Latest operation start time: *00:35:34.023 UTC Fri Mar 1 2002
Latest operation return code: Timeout ———————> SEE ITS TIMEOUT HERE
Number of successes: 4
Number of failures: 3
Operation time to live: Forever
Now i would make some changes .. first i would increase the priority of R2 to 110 from defaul HSRP priority of 100 and then i will no shut or bring up the interface on R3 . lets see how sla tracks that .
r2
int fa0/0
standby 1 priority 110
R3
int fa0/0
no shut
r2#
*Mar 1 00:40:54.455: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 23.0.0.3 (FastEthernet0/1) is up: new adjacency
r2#
*Mar 1 00:41:34.543: %TRACKING-5-STATE: 1 rtr 1 state Down->Up
*Mar 1 00:41:34.731: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -> Active
r2#
———–
This can be extended to track any protocol and can be used in any FHRP process as an effective tool .
