IP SLA with Object Tracking - Configuration example -Troubleshooting

Where it can be implemented Static Routing Hot Standby Router Protoco (HSRP) Policy Based Routing (PBR)

When NOT to use Object Tracking Directly connected interfaces. Running routing protocol (i.e. RIP, OSPF, EIGRP, BGP, etc.) Tracks G0/0 G0/0 RA RB No route being advertised 192.168.1.0/24 200.2.2.0/24 RA RC RD

Configuration Components IP SLA Define IP SLA Operation Object Tracking Link track to IP SLA Operation Objects Link objects to track. Such as Static route, PBR, HSRP, etc.

Static Routing with Object Tracking On RA: interface Ethernet0/0 description primary-link ip address 200.1.1.2 255.255.255.0 ! interface Ethernet0/1 description backup-link ip address 200.2.2.2 255.255.255.0 ! ip sla 1 icmp-echo 212.23.1.1 source-ip 200.1.1.2 frequency 3 ip sla schedule 1 life forever start-time now track 2 ip sla 1 reachability ! ip route 0.0.0.0 0.0.0.0 200.1.1.1 track 2 ip route 0.0.0.0 0.0.0.0 200.2.2.1 250 ! access-list 101 permit icmp any host 212.23.1.1 route-map LOCAL-POLICY permit 10 match ip address 101 set ip next-hop 200.1.1.1 ! ip local policy route-map LOCAL-POLICY

HSRP with Object Tracking On RA (Active Router): ip sla 1 icmp-echo 4.2.2.2 frequency 3 ip sla schedule 1 life forever start-time now ! track 2 ip sla 1 reachability ! interface Ethernet0/0 ip address 10.10.10.1 255.255.255.0 standby 1 ip 10.10.10.3 standby 1 priority 110 standby 1 preempt standby 1 track 2 decrement 15 ! access-list 101 permit icmp any host 4.2.2.2 route-map LOCAL-POLICY permit 10 match ip address 101 set ip next-hop 200.1.1.1 ! ip local policy route-map LOCAL-POLICY

PBR with Multiple Object Tracking On RA: ip sla 1 icmp-echo 200.1.1.2 frequency 3 ip sla schedule 1 life forever start-time now ! ip sla 2 icmp-echo 200.2.2.2 frequency 3 ip sla schedule 2 life forever start-time now ! track 11 ip sla 1 reachability track 22 ip sla 2 reachability ! access-list 101 permit 10.10.10.0 0.0.0.255 any route-map LAB permit 10 match ip addess 101 set ip next-hop verify-availability 200.1.1.2 10 track 11 set ip next-hop verify-availability 200.2.2.2 20 track 22 ! Interface Ethernet1/0 ip address 10.10.10.1 255.255.255.0 ip policy route-map LAB the configured policy is that packets received on e0/0(10.1.1.0/24), should be forwarded to 200.1.1.1 only if that device is reachable (responding to pings). If 200.1.1.1 is not up, then the packets should be forwarded to 200.2.2.1. If 200.2.2.1 is also not reachable, then the policy routing fails and the packets are routed according to the routing table. © 2009, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

Parameters Frequency Sets the rate at which a specified Cisco IOS IP SLAs operation is sent into the network. Timeout Sets the amount of time for which the Cisco IOS IP SLAs operation waits for a response from its request packet. Threshold Sets the rising threshold that generates a reaction event and stores history information for the Cisco IOS IP SLAs operation. Example: ip sla 1 icmp-echo 212.23.1.1 timeout 500 threshold 2 frequency 3 ip sla schedule 1 life forever start-time now

“Show” Commands for IP SLA show ip sla statistics Displays the current state of the Cisco IOS IP SLAs operation Example: R1#show ip sla statistics Round Trip Time (RTT) for Index 1 Latest RTT: 1 milliseconds Latest operation start time: *03:55:56.835 EST Mon Oct 25 2010 Latest operation return code: OK Number of successes: 87 Number of failures: 24 Operation time to live: Forever IP SLA operations status: OK = good Over Threshold = exceed threshold < timeout Timeout = over timeout value Successes & Failure icmp packet statistics Duration of operation © 2009, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

“Show” Commands for IP SLA show ip sla configuration The output will list the supported operations Example: R1#sh ip sla configuration Entry number: 1 Type of operation to perform: icmp-echo Target address/Source address: 212.23.1.1/200.1.1.2 Operation timeout (milliseconds): 500 Schedule: Operation frequency (seconds): 3 Next Scheduled Start Time: Start Time already passed ….. Life (seconds): Forever Threshold (milliseconds): 2 …. Operation number Operation type Source & destination addresses Timeout (msec) Frequency (sec) Operation duration Threshold (msec) © 2009, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

“Show” Commands for Object Tracking show track Display the detail of the tracked objects Example: R1#sh track Track 1 Response Time Reporter 1 reachability Reachability is Up 3 changes, last change 01:31:14 Latest operation return code: OK Latest RTT (millisecs) 1 Tracked by: STATIC-IP-ROUTING 0 Track number IP SLA operation number. The object is tracking the reachability of ip sla 1. Reachability or State status - Up or down IP SLA operations status: OK = good Over Threshold = exceed threshold < timeout Timeout = over timeout value Type of objects tracked by this track number

“Show” Commands for Object Tracking show track brief Display a list of the tracked objects and its status Example: R1#sh track brief Track Object Parameter Value Last Change 1 rtr 1 reachability Up 01:47:32 2 rtr 1 state Down 00:33:33 Track Number Reachability or State status up/down Reachability or State IP SLA operation that the track is tracking

“Show” Commands for Static Routing show ip route track-table To display information about the tracked static table. Example: R1#sh ip route track-table ip route 0.0.0.0 0.0.0.0 200.1.1.1 track 1 state is [up] Track Number State of tracked static route - up/down

“Show” Commands for PBR Show ip access-list [access number] Using the access-list to confirm if the icmp packets are routed through the right path. Example: R1#sh ip access-lists Extended IP access list 101 10 permit icmp any host 212.23.1.1 (23 matches) Extended IP access list 102 10 permit icmp host 212.23.1.1 host 200.1.1.2 (15 matches)

Troubleshooting Steps Step 1: Ping Test Step 2: IP SLA Check IP SLA operation status Step 3: Object Tracking Check tracked object status Step 4: Tracked Static Route/PBR/HSRP Check routing table Check HSRP router roles Check route-map (show ip route-map & show ip policy)

Useful Debugs IP SLA: debug ip sla trace, debug ip sla error Object Tracking: debug track ICMP packet: debug ip icmp, debug ip packet <access-list> HSRP: debug standby event/packets PBR: debug ip policy, debug route-map

Reference Introduction to IP SLA http://www.cisco.com/en/US/tech/tk920/tsd_technology_support_sub-protocol_home.html Reliable Static Routing Backup Using Object Tracking http://www.cisco.com/en/US/docs/ios/12_3/12_3x/12_3xe/feature/guide/dbackupx.html Policy Based Routing (PBR) http://www.cisco.com/en/US/products/ps6637/products_ios_protocol_option_home.html PBR Support for Multiple Tracking Options http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtpbrtrk.html Enhanced Object Tracking http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_eot.html Configuring HSRP with Object Tracking http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_hsrp.html Configuring GLBP with Object Tracking http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_glbp.html Configuring VRRP with Object Tracking http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_vrrp.html