Genie's Tech Blog

Where knowledge has no dimensions

IP SLA with Object Tracking

Hello Friends,

Today we are going to discuss about one of the highly used feature on Cisco IOS in production environments - IP SLA. IP SLA allows users to monitor IP application and services by checking their reachability / availability. IP SLA is also used to monitor the below performance metrics as well:

  • Delay (both round-trip and one-way)
  • Jitter (directional)
  • Packet loss (directional)
  • Packet sequencing (packet ordering)
  • Path (per hop)
  • Connectivity (directional)
  • Server or website download time

IP SLA is capable of generating traffic which can measure or monitor above performance metrics. We can check this with the help of an example. Lets consider the below topology to demonstrate this behavior:


In the above topology, we have two links. One if the primary. On the secondary link, we are not assigning static IP but rather learning the IP using DHCP. We will then create two static route. One of the route will use the tracking object which will monitor the reachability and another object which will check for the status of the link (if its up or not). Lets now have a look at the configuration:

Config on R1:
=============
track 1 ip sla 1 reachability
 delay down 50 up 180
!
track 2 interface FastEthernet0/0 line-protocol
 delay down 50 up 180
!
track 50 list boolean and
 object 1
 object 2
!
track 60 list boolean and
 object 1 not
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 12.12.12.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address dhcp
 duplex auto
 speed auto
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1 track 60
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 12.12.12.2
!
ip sla 1
 icmp-echo 12.12.12.2 source-interface FastEthernet0/0
 tos 104
 threshold 1000
 frequency 15
ip sla schedule 1 life forever start-time now

Config on R2:
=============
ip dhcp excluded-address 21.21.21.1 21.21.21.9
!
ip dhcp pool test
 network 21.21.21.0 255.255.255.0
!
ip dhcp-server 21.21.21.2
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip address 12.12.12.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 21.21.21.2 255.255.255.0
 duplex auto
 speed auto
!

In the above configuration, we can see that R2 is configured as the DHCP server. On R1, we have the tracking enabled to check the reachability on the primary interface and another tracking to see if the line-protocol is up or down.

Lets have a close look at the IP SLA configuration:

ip sla 1
 icmp-echo 12.12.12.2 source-interface FastEthernet0/0
 tos 104
 threshold 1000
 frequency 15
ip sla schedule 1 life forever start-time now

In the above configuration, we create an IP SLA probe. The probe sends ICMP echo packets to next-hop IP 12.12.12.2 every 15 seconds. We define the upper threshold value as 1000 ms for calculating network monitoring statistics. Default threshold value is 5000 ms. We define the Type of Service (TOS) value to 104 (Default value is 0) in the IP header. Finally we start the probe setting the probe to run forever.

Finally we created two static routes. One is the primary route on the primary link and the other one is the secondary route which kicks in when the secondary gets active.

Lets now see how the IP SLA works with the tracking that we have set.

Output on R1:
=============
R1#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 12.12.12.2 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 12.12.12.2, FastEthernet0/0
      1.0.0.0/32 is subnetted, 1 subnets
C        1.1.1.1 is directly connected, Loopback0
      12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        12.12.12.0/24 is directly connected, FastEthernet0/0
L        12.12.12.1/32 is directly connected, FastEthernet0/0
      21.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        21.21.21.0/24 is directly connected, FastEthernet0/1
L        21.21.21.11/32 is directly connected, FastEthernet0/1
R1#
R1#sh ip cef 2.2.2.2
0.0.0.0/0
  nexthop 12.12.12.2 FastEthernet0/0
R1#
R1#sh ip route track-table
 ip route 0.0.0.0 0.0.0.0 FastEthernet0/1 track 60 state is [down]
R1#
R1#sh track
Track 1
  IP SLA 1 reachability
  Reachability is Up
    3 changes, last change 00:01:09
  Delay up 180 secs, down 50 secs
  Latest operation return code: OK
  Latest RTT (millisecs) 102
  Tracked by:
    Track-list 50
    Track-list 60
Track 2
  Interface FastEthernet0/0 line-protocol
  Line protocol is Up
    3 changes, last change 00:01:48
  Delay up 180 secs, down 50 secs
  Tracked by:
    Track-list 50
Track 50
  List boolean and
  Boolean AND is Up
    4 changes, last change 00:01:08
    object 1 Up
    object 2 Up
Track 60
  List boolean and
  Boolean AND is Down
    3 changes, last change 00:01:08
    object 1 not Up
  Tracked by:
    STATIC-IP-ROUTING 0
R1#

Testing on R2:
==============
R2(config)#ip access-list exte 101
R2(config-ext-nacl)#deny ip any any
R2(config-ext-nacl)#exi
R2(config)#int fa0/0
R2(config-if)#ip access-group 101 in
R2(config-if)#
Logs on R1:
===========
R1#
*Feb  6 16:26:14.716: %TRACKING-5-STATE: 1 ip sla 1 reachability Up->Down
*Feb  6 16:26:14.724: %TRACKING-5-STATE: 50 list boolean and Up->Down
*Feb  6 16:26:14.728: %TRACKING-5-STATE: 60 list boolean and Down->Up
R1#
R1#sh ip route track-table
 ip route 0.0.0.0 0.0.0.0 FastEthernet0/1 track 60 state is [up]
R1#
R1#sh track
Track 1
  IP SLA 1 reachability
  Reachability is Down
    4 changes, last change 00:05:25
  Delay up 180 secs, down 50 secs
  Latest operation return code: Timeout
  Tracked by:
    Track-list 50
    Track-list 60
Track 2
  Interface FastEthernet0/0 line-protocol
  Line protocol is Up
    3 changes, last change 00:11:54
  Delay up 180 secs, down 50 secs
  Tracked by:
    Track-list 50
Track 50
  List boolean and
  Boolean AND is Down
    5 changes, last change 00:05:25
    object 1 Down
    object 2 Up
Track 60
  List boolean and
  Boolean AND is Up
    4 changes, last change 00:05:25
    object 1 not Down
  Tracked by:
    STATIC-IP-ROUTING 0
R1#

With the above testing, we can see how the tracking kicks in as soon as the reachability is lost. Though since the frequency is 15 sec, it does take time to detect the reachability condition. We can tweek the frequency in production environments.

Lets now do another testing where we try to shutdown the link from other side i.e. R2 and see what happens.

Logs on R1:
===========
*Feb  6 16:34:16.856: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
R1#
*Feb  6 16:35:03.860: %TRACKING-5-STATE: 2 interface Fa0/0 line-protocol Up->Down
R1#
R1#sh ip route track-table
 ip route 0.0.0.0 0.0.0.0 FastEthernet0/1 track 60 state is [up]
R1#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

S*    0.0.0.0/0 is directly connected, FastEthernet0/1
      1.0.0.0/32 is subnetted, 1 subnets
C        1.1.1.1 is directly connected, Loopback0
      21.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        21.21.21.0/24 is directly connected, FastEthernet0/1
L        21.21.21.11/32 is directly connected, FastEthernet0/1
R1#
R1#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 112/135/144 ms
R1#
R1#sh track
Track 1
  IP SLA 1 reachability
  Reachability is Down
    4 changes, last change 00:13:34
  Delay up 180 secs, down 50 secs
  Latest operation return code: Socket set option error
  Tracked by:
    Track-list 50
    Track-list 60
Track 2
  Interface FastEthernet0/0 line-protocol
  Line protocol is Down 
    4 changes, last change 00:04:45
  Delay up 180 secs, down 50 secs
  Tracked by:
    Track-list 50
Track 50
  List boolean and
  Boolean AND is Down
    5 changes, last change 00:13:34
    object 1 Down
    object 2 Down
Track 60
  List boolean and
  Boolean AND is Up
    4 changes, last change 00:13:34
    object 1 not Down
  Tracked by:
    STATIC-IP-ROUTING 0
R1#

Thus in the above output, we can see that the Track 2 gets kicked in as the line protocol becomes down. Also, the RIB gets updated with the correct static route entry. 

Hope this helps understanding the basics of IP SLA. Please note that IP SLA can be a very powerful tool in the network for tracking and statistics collecting purposes and can be proved very useful during troubleshooting complex packet loss issues.

Feel free to reach out to me for any queries.

Cheers...!!!

Genie
www.codergenie.com

Comments are closed