Been so many sleep less nights wondering what ip sla was until i configured it my self .

Ip sla is basically as one of the methods for enhanced object trackings .

Few names for IP sla

Ip sla -> service level agreeement

or

RTR -> response time reporter

or

SAA -> service assurance agent

Ip sla is used to track many things including DELAY , apps response time such as HTTP , DHCP , DNS , TCP and also reachability using ICMP ECHO

We will basically use it for FHRP (first hop redundancy tracking)

Here is the scenario with HSRP Enabled routers. i would use ip sla to track the interfaces and their status and if active goes down then standby should take over with the help of Ip sla . unlike interface tracking this is fun and powerful as i have added something spicy into the topology

here is what i have done

Initial Congiruation

R1

router eigrp 1

net 10.0.0.0

net 13.0.0.0

pass fa0/0

no auto

same conf on R2

r3

int l1

ip addr 1.1.1.1 255.255.255.0

router eigrp 1

net 13.0.0.0

net 23.0.0.0

net 1.0.0.0

no auto

R4 has a special configuration and will act like a host . so lets turn off routing for it

r4(conf)#no ip routing

r4(conf)#ip default-gateway 10.0.0.10 -> this would be hsrp Virtual Ip address .

int fa0/0

ip addr 10.0.0.4 255.255.255.0

—————

before enabling HSRP we should not be able to ping the V.ip lets verify it on R4

r4#ping 10.0.0.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)

r4#ping 10.0.0.10
Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:…..Success rate is 0 percent (0/5)

let us enable HSRP now on R1 and R2

r1(config)#int fa0/0

r1(config-if)#standby 1 ip 10.0.0.10

r1(config-if)#standby 1 preempt

r1(config-if)#exit

r1(config)#

*Mar  1 00:14:58.659: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -> Active

r1(config)#

————
r2(config)#int fa0/0
r2(config-if)#standby 1 preempt
r2(config-if)#standby 1 ip 10.0.0.10
r2(config-if)#end
r2#
*Mar  1 00:15:07.643: %SYS-5-CONFIG_I: Configured from console by console
r2#
*Mar  1 00:15:26.727: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Speak -> Standby
r1#show standby brief
P indicates configured to preempt.
|
Interface   Grp  Pri P State   Active          Standby         Virtual IP
Fa0/0       1    100 P Active  local           10.0.0.2        10.0.0.10
r1#
Now lets try to ping 10.0.0.10 from R4 host
Bingo
r4#ping 10.0.0.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/259/1072 ms
r4#
lets try and see pinging 1.1.1.1 from R4 host
r4#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 16/56/84 ms
r4#
r4#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 10.0.0.1 84 msec 96 msec 24 msec
2 13.0.0.3 48 msec *  68 msec
as traceroute indicates it is indeed taking R1 .
without implementing any ip sla lets shutdown fa0/0 port of R1 and see our results . R4 should now take R2
r1(config)#int fa0/0
r1(config-if)#shut
r1(config-if)#
*Mar  1 00:19:01.699: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Active -> Init
r2#show standby brief
P indicates configured to preempt.
|
Interface   Grp  Pri P State   Active          Standby         Virtual IP
Fa0/0       1    100 P Active  local           unknown         10.0.0.10
r2#
Now R4 is taking R2 as the gateway
r4#ping 10.0.0.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/31/124 ms
r4#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/48/128 ms
r4#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 10.0.0.2 112 msec 32 msec 12 msec
2 23.0.0.3 84 msec *  116 msec
r4#
—–
now standby router took over as interface local to us went down . But what happens if the interface on the other end goes down ? .. yes we still have options such as interface tracking to employ but we will go with Ip sla and implement Enhanced object tracking .
r1(config)#ip sla 1
r1(config-ip-sla)#?
IP SLAs entry configuration commands:
dhcp         DHCP Operation
dlsw         DLSW Operation
dns          DNS Query Operation
exit         Exit Operation Configuration
frame-relay  Frame-relay Operation
ftp          FTP Operation
http         HTTP Operation
icmp-echo    ICMP Echo Operation
icmp-jitter  ICMP Jitter Operation
mpls         MPLS Operation
path-echo    Path Discovered ICMP Echo Operation
path-jitter  Path Discovered ICMP Jitter Operation
slm          SLM Operation
tcp-connect  TCP Connect Operation
udp-echo     UDP Echo Operation
udp-jitter   UDP Jitter Operation
voip         Voice Over IP Operation
r1(config-ip-sla)#icmp-echo ?
Hostname or A.B.C.D  Destination IP address or hostname, broadcast disallowed
r1(config-ip-sla)#icmp-echo 1.1.1.1 ?
source-interface  Source Interface (ingress icmp packet interface)
source-ip         Source Address
<cr>
r1(config-ip-sla)#icmp-echo 1.1.1.1
r1(config-ip-sla-echo)#?
IP SLAs echo Configuration Commands:
default            Set a command to its defaults
exit               Exit operation configuration
frequency          Frequency of an operation
history            History and Distribution Data
no                 Negate a command or set its defaults
owner              Owner of Entry
request-data-size  Request data size
tag                User defined tag
threshold          Operation threshold in milliseconds
timeout            Timeout of an operation
tos                Type Of Service
verify-data        Verify data
vrf                Configure IP SLAs for a VPN Routing/Forwarding instance
r1(config-ip-sla-echo)#frequency 3
%Illegal Value:  Cannot set Frequency to be less than Timeout
r1(config-ip-sla-echo)#timeout 2000
r1(config-ip-sla-echo)#exit
r1(config)#
r1(config)#track 1 ?
application  Application
interface    Select an interface to track
ip           IP protocol
list         Group objects in a list
rtr          Response Time Reporter (RTR) entry
stub-object  Stub tracking object
r1(config)#track 1 rtr 1 ?
reachability  Reachability
state         Return code state
<cr>
r1(config)#track 1 rtr 1 state ?
<cr>
r1(config)#track 1 rtr 1 state
r1(config-track)#?
Tracking instance configuration commands:
default  Set a command to its defaults
delay    Tracking delay
exit     Exit from tracking configuration mode
no       Negate a command or set its defaults
r1(config-track)#exit
r1(config)#
r1(config)#int fa0/0
r1(config-if)#standby 1 track 1 decrement 255
r1(config-if)#exit
r1(config)#
similarly on R2
now what i will shut down fa0/1 of R3 which is connecting to R2 active router of hsrp this should trigger Ip sla and R1 should take over .
we have forgot one of the most important commands
r1(config)#ip sla schedule 1  start-time now life forever
r2(config)#ip sla schedule 1 start-time now life forever
r2#show ip sla stat
Round Trip Time (RTT) for       Index 1
Latest RTT: 107 milliseconds
Latest operation start time: *00:32:34.023 UTC Fri Mar 1 2002
Latest operation return code: OK
Number of successes: 4
Number of failures: 0
Operation time to live: Forever
r3(config)#int fa0/1
r3(config-if)#
r3(config-if)#
r3(config-if)#shut
r3(config-if)#
*Mar  1 00:33:32.727: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 23.0.0.2 (FastEthernet0/1) is down: interface down
r3(config-if)#
*Mar  1 00:33:34.483: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
*Mar  1 00:33:35.483: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
r3(config-if)#
r2#debug ip sla error
IP SLAs ERROR debugging for all operations is on
r2#
*Mar  1 00:33:38.007: %TRACKING-5-STATE: 1 rtr 1 state Up->Down
r2#
*Mar  1 00:33:40.527: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Active -> Speak
r2#
*Mar  1 00:33:46.283: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 23.0.0.3 (FastEthernet0/1) is down: holding time expired
r2#
*Mar  1 00:33:50.527: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Speak -> Standby
r2#
look at sla debug message
Mar  1 00:33:38.007: %TRACKING-5-STATE: 1 rtr 1 state Up->Down
r4#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 32/73/120 ms
r4#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 10.0.0.1 164 msec 68 msec 16 msec -> its going through r1 now
2 13.0.0.3 28 msec
lets us look at sla output message
r2#show ip sla stat
Round Trip Time (RTT) for       Index 1
Latest RTT: NoConnection/Busy/Timeout
Latest operation start time: *00:35:34.023 UTC Fri Mar 1 2002
Latest operation return code: Timeout ———————> SEE ITS TIMEOUT HERE
Number of successes: 4
Number of failures: 3
Operation time to live: Forever
Now i would make some changes .. first i would increase the priority of R2 to 110 from defaul HSRP priority of 100 and then i will no shut or bring up the interface on R3 . lets see how sla tracks that .
r2
int fa0/0
standby 1 priority 110
R3
int fa0/0
no shut
r2#
*Mar  1 00:40:54.455: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 23.0.0.3 (FastEthernet0/1) is up: new adjacency
r2#
*Mar  1 00:41:34.543: %TRACKING-5-STATE: 1 rtr 1 state Down->Up
*Mar  1 00:41:34.731: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -> Active
r2#
———–
This can be extended to track any protocol and can be used in any FHRP process as an effective tool .