IP SLA track comaptible router
Hii ,
I have to run IP SLA track commnad and wan run following config command , Which router with lowest cost run the following commands .
please also confirm which Ios can run following comand ,
can i run following configartion on 1900 series router or which lowesr end router can run following comands . iam using for it data as well voice trafic
I tested it on C3750 swicth
Cisco IOS Software, C3750 Software (C3750-ADVIPSERVICESK9-M), Version 12.2(44)SE
1, RELEASE SOFTWARE (fc1)
Switch Ports Model SW Version SW Image
* 1 28 WS-C3750G-24TS-1U 12.2(44)SE1 C3750-ADVIPSERVICESK9-M
config:Samle
For icmp tracking of HOST X.Y.171.1
#ip sla 100
icmp-echo X.Y.171.1
ip sla schedule 100 life forever start-time now
To track profile ( who will track and what to track )
#track 100 rtr 100
“Track 100 “ is tracking profile
where “rtr 100” means situation result in “IP sla 100” has to be monitored
Static routes used
IBS_Nerul_L3_Switch#sh run | i X.Y.170.0
ip route X.Y.170.0 255.255.255.0 Tunnel500 track 100 ( primary route in action till Ip is reachable )
ip route X.Y.170.0 255.255.255.0 Tunnel501 100 (Secondary route take over once Track object is unreachable )
Hi Nitin,
I dont know about the cheap router but you can use IP sla feature on 1900 series ISR.
IP SLA on ISR G2 platforms like your 1900 require Data K9 licence. Can you paste the output of show version.
IP SLA also works on1841, 2800 and 2900 series routers.
Regards
Hope it helps.
Similar Messages
-
ASA SLA Tracking w/ multiple icmp checks
I would like to setup a backup internet connection but I don't want the connection to failover if one IP address or sla monitor is down. I would like at least two to fail before it goes down. The only way I can think of is the config below. Is there an easier way?
route ouside 0.0.0.0 0.0.0.0 <isp1 route> 1 track 1
route ouside 0.0.0.0 0.0.0.0 <isp1 route> 2 track 2
route outside 0.0.0.0 0.0.0.0 <isp2 route> 254
sla monitor 101
type echo protocol ipIcmpEcho 10.0.0.1 interface outside
num-packets 3
frequency 10
sla monitor 102
type echo protocol ipIcmpEcho 10.0.0.2 interface outside
num-packets 3
frequency 10
sla monitor schedule 101 life forever start-time now
sla monitor schedule 102 life forever start-time now
track 1 rtr 101 reachability
track 2 rtr 102 reachabilityHey, I know I am late, but I had found your article earlier today looking for an answer for a very similar issue. The problem I see with your solution is that the second route will overwrite the first line. Your cannot have two routes for the same network and same next-hop in a Cisco ASA. My problem was slightly different than yours, as I have a single ISP behind the ASA, but wanted to using multiple SLA monitors for the default-route so it is in the routing table if any SLA is up. The default is being redistributed into EIGRP.
Her is my solution, I hope this will help someone, someday. It is not nice and short as we would like them, but works perfectly for what I needed. I tried to put enough comments so that you understand some choices I had to make.
WAIT! Did I tell you what follows doesn't look nice? This is for trained professionals only. Make sure you have a deep understanding of IP routing, IP routing protocols and route redistribution before you use this ! Use at your own risks!
OK her it goes...
! Monitoring a single hosts in unsufficient in many production environments.
! Very limited IP SLA tracking in ASA doesn't really allow to monitor multiple hosts at the same time.
! Only one monitor process per track process and no configurable delays for down or up events
! This will show how to create dummy default-routes each bound to a different SLA monitor for distribution into EIGRP, such that a default-route will exist in the routing table if any of the monitored hosts is responding and how to filter redistribution of static routes into EIGRP
! The actual routes the ASA will use are 0.0.0.0/1 and 128.0.0.0/1, but those routes will only be used locally by the ASA, because they are a longer-match than the 0.0.0.0/0
! The most difficult part is preventing the 0.0.0.0/1 routes from getting redistributed in EIGRP along with the 0.0.0.0/0 route.
! The same technique could be applied for RIP or OSPF
! ISP router (default gateway)
name x.x.x.x ISPrtr
! Google DNS
name y.y.y.y SLAtesthost1
! Another host on the Internet
name z.z.z.z SLAtesthost2
! Some unused/invalid hosts in the inside interface's subnet, I always use a /28 or bigger subnets so it was easy to find usused host addresses in the subnet
name a.a.a.a invalid-host1
name a.a.a.b invalid-host2
sla monitor 1
type echo protocol ipIcmpEcho SLAtesthost1 interface outside
threshold 500
frequency 10
packets 3
sla monitor schedule 1 life forever start-time now
sla monitor 2
type echo protocol ipIcmpEcho SLAtesthost2 interface outside
threshold 500
frequency 10
packets 3
sla monitor schedule 2 life forever start-time now
track 1 rtr 1 reachability
track 2 rtr 2 reachability
! Split the default route in two routes, these will be used by the ASA(longer-match) to forward IP packets to the ISP router. It is EXTREMELY IMPORTANT that these two routes are NOT redistributed into any routing protocol if you rely of the default-route elsewhere on your network. The route-map redist-default below will achieve this, and allow only default
route outside 0.0.0.0 128.0.0.0 255.255.255.255 ISPrtr
route outside 128.0.0.0 128.0.0.0 255.255.255.255 ISPrtr
! Create two dummy routes, each bound to its own tracking object/SLA monitor, which won't be used to forward any traffic. They can point to hosts in the inside subnet. We use different and invalid hosts as the next hops (other than the ISP router). First because the same route/same nex-hop cannot coexist in the ASA configuration, secondly because the ISP router's address will be used in a route-map to block the previous 2 routes (split).
route inside 0.0.0.0 0.0.0.0 invalid-host1 track 1
route inside 0.0.0.0 0.0.0.0 invalid-host2 track 2
access-list deny-all-routes permit host 0.0.0.0
access-list default-route permit host 0.0.0.0
access-list ISP-router permit host ISPrtr
! The following route-map will ensure only a dummy default route is redistributed in EIGRP, we must absolutely blocck two split routes (0.0.0.0/1 and 128.0.0.0/1)
! Since ASA does not support extended ACL in route-map for filtering on the mask, the first route-map statement denies any route with the real ISP router as the next-hop
! The same route-map could be used for redistributing into RIPv2 or OSPF
route-map redist-default deny 10
match ip next-hop ISP-router
route-map redist-default permit 20
match ip address default-route
route-map redist-default deny 100
router eigrp 100
no auto-summary
! Block all inbound route in the ASA
distribute-list deny-all-routes in interface inside
! Allow only the default-route to be advertised toward inside peers
distribute-list default-route out interface inside
! Redistribute only the default-route, adjust metrics to your needs
redistribute static metric 10000 100 255 1 1500 route-map redist-default
passive-interface default
no passive-interface inside
network
Thanks,
Marc-André -
Hello,
I am facing problem with ip sla track mechanism.
I have two ISPs connected to my router C881.
ISP1 = primary (connected to FastEthernet4)
ISP2 = backup (connected to FastEterhet3/Vlan20)
I am using ISP1 as primary ISP and tracking reachability of IP address 8.8.4.4 through ip sla track 200:
ip sla 200
icmp-echo 8.8.4.4
request-data-size 200
timeout 3000
threshold 1000
owner SYSADMIN
frequency 5
history hours-of-statistics-kept 25
history distributions-of-statistics-kept 20
history lives-kept 2
history buckets-kept 60
history filter all
ip sla schedule 200 life forever start-time now
ip sla enable reaction-alerts
track 200 ip sla 200 reachability
delay down 30 up 180
Default-route to ISP1 is tracked and second default-route is configured with higher value of metric.
This is how my static routing looks like:
ip route 0.0.0.0 0.0.0.0 FastEthernet4 1.1.1.1 name ISP1 track 200
ip route 0.0.0.0 0.0.0.0 Vlan20 2.2.2.2 250 name ISP2
ip route 8.8.4.4 255.255.255.255 FastEthernet4 1.1.1.1 name force-ISP1
ip route 8.8.4.4 255.255.255.255 Null0 250 name deny-via-ISP2
It works almost as expected:
- when ISP1 is going down (i mean if 8.8.4.4 becomes unreachable via ISP1), after 30 seconds, default route is pointing to ISP2
- also when ISP1 is going up (8.8.4.4 becomes reachable again via ISP1), after 180 seconds, default route is pointing back to ISP1
*Mar 14 14:09:52.034: %TRACKING-5-STATE: 200 ip sla 200 reachability Up->Down
*Mar 14 14:12:57.039: %TRACKING-5-STATE: 200 ip sla 200 reachability Down->Up
...but
In some cases (I believe that it may be in situation, that ISP1 is down for longer time), ip sla/track is unable to detect that ISP1 becomes UP again and the default route is pointing to ISP2 forever (at least until FastEthernet4 is disconnected/connected again, or shut/no shut command is applied).
*Mar 17 14:18:13.019: %TRACKING-5-STATE: 200 ip sla 200 reachability Up->Down
This is how some show command outputs looks like:
ROUTER-MD#show ip route static
8.0.0.0/32 is subnetted, 2 subnets
S 8.8.4.4 [1/0] via 1.1.1.1, FastEthernet4
S* 0.0.0.0/0 [250/0] via 2.2.2.2, Vlan20
ROUTER-MD#show ip sla statistics 200 details
IPSLAs Latest Operation Statistics
IPSLA operation id: 200
Latest RTT: NoConnection/Busy/Timeout
Latest operation start time: *12:17:51.494 MET Wed Mar 18 2015
Latest operation return code: Timeout
Over thresholds occurred: FALSE
Number of successes: 0
Number of failures: 31
Operation time to live: Forever
Operational state of entry: Active
Last time this entry was reset: Never
ROUTER-MD#show track 200
Track 200
IP SLA 200 reachability
Reachability is Down
42 changes, last change 22:00:06
Delay up 180 secs, down 30 secs
Latest operation return code: Timeout
Tracked by:
STATIC-IP-ROUTING 0
But as you can see here, 8.8.4.4 is reachable from the router:
ROUTER-MD#show ip route 8.8.4.4
Routing entry for 8.8.4.4/32
Known via "static", distance 1, metric 0
Routing Descriptor Blocks:
* 1.1.1.1, via FastEthernet4
Route metric is 0, traffic share count is 1
ROUTER-MD#ping 8.8.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.4.4, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/41/44 ms
During that behavior, I see no icmp traffic destined to 8.8.4.4 with "debug ip icmp" command enabled.
Debug IP sla & track results are here:
ROUTER-MD#show debug
Track debugging is on
IP SLAs:
TRACE debugging is on for entries:
200
ERROR debugging is on for entries:
200
*Mar 18 12:40:16.530: IP SLAs(200) Scheduler: saaSchedulerEventWakeup
*Mar 18 12:40:16.530: IP SLAs(200) Scheduler: Starting an operation
*Mar 18 12:40:16.530: IP SLAs(200) echo operation: Sending an echo operation - destAddr=8.8.4.4, sAddr=1.1.1.2
*Mar 18 12:40:16.530: IP SLAs(200) echo operation: Sending ID: 27
*Mar 18 12:40:19.530: IP SLAs(200) echo operation: Timeout - destAddr=8.8.4.4, sAddr=1.1.1.2
*Mar 18 12:40:19.530: IP SLAs(200) Scheduler: Updating result
*Mar 18 12:40:19.530: IP SLAs(200) Scheduler: start wakeup timer, delay = 2000
*Mar 18 12:40:21.530: IP SLAs(200) Scheduler: saaSchedulerEventWakeup
*Mar 18 12:40:21.530: IP SLAs(200) Scheduler: Starting an operation
*Mar 18 12:40:21.530: IP SLAs(200) echo operation: Sending an echo operation - destAddr=8.8.4.4, sAddr=1.1.1.2
*Mar 18 12:40:21.530: IP SLAs(200) echo operation: Sending ID: 27
*Mar 18 12:40:24.530: IP SLAs(200) echo operation: Timeout - destAddr=8.8.4.4, sAddr=1.1.1.2
*Mar 18 12:40:24.530: IP SLAs(200) Scheduler: Updating result
*Mar 18 12:40:24.530: IP SLAs(200) Scheduler: start wakeup timer, delay = 2000
...etc
I would appreciate any help.
Thank you,
MBHi,
>>when ISP 1 is down, is the static route to 8.8.4.4 via 1.1.1.1 still in the routing table?
Unfortunately I can not catch the situation, when ISP1 is down. Now the ISP1 is UP.
But there can be two situations regarding this configuration:
ip route 8.8.4.4 255.255.255.255 FastEthernet4 1.1.1.1 name force-ISP1
1. If FE4 goes down, static route is removed from the routing table.
2. If FE4 remains up (but connection to 8.8.4.4 is broken within ISP1 network), static route is still in the routing table.
As I can see in logs, FE4 was not down, so route to 8.8.4.4 via ISP1 was in RT all the time.
>> Are you sure that reach ability to 8.8.4.4 is actually going through ISP2?
No, reach ability to 8.8.4.4 is actually going through ISP1 as configured:
S 8.8.4.4 [1/0] via 1.1.1.1, FastEthernet4
ROUTER#ping 8.8.4.4 source fastEthernet 4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.4.4, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.2
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/40/44 ms
, my problem is that ip sla is somehow not seeing this:
ROUTER#show ip sla statistics
IPSLAs Latest Operation Statistics
IPSLA operation id: 200
Latest RTT: NoConnection/Busy/Timeout
Latest operation start time: *09:48:42.553 METDST Mon Apr 27 2015
Latest operation return code: Timeout
Number of successes: 0
Number of failures: 42
Operation time to live: Forever
>> have you applied ACL denying ICMP destined to 8.8.4.4 through ISP2 to make sure that 8.8.4.4 is not pingable through ISP2?
No... I have applied more specific static route to 8.8.4.4 via ISP1.
Besides of that, I have applied source-ip command under the ip sla configuration:
ip sla 200
icmp-echo 8.8.4.4 source-ip 1.1.1.2
Sure, I can try to deny icmp to 8.8.4.4 through ISP2 as third action, and we will see...
What will be better from your point of view? To use ACL as you mentioned, or to use "ip local policy route-map" as pille1234 mentioned...? Maybe both, to be 100% sure? -
Hello Guys,
My scenario is:
2 Sites interconnected by 2 MPLS Links and BGP between the routers.
I need some help to force some traffic to be routed using one Link based on Protocol or TCP Port.
But if the link goes down, I need the traffic to be send using another link.
I want to do a PBR using track that validates a specific BGP Route or BGP Neighbor.
Can someone tell me some tips for this case?
Best Regards.
Heleno FagundesHi,
For your two concerns.
**2 Sites interconnected by 2 MPLS Links and BGP between the routers
Do you have some sort of network diagram ????
**I want to do a PBR using track that validates a specific BGP Route or BGP Neighbor.
We can always apply a track and an IP sla monitoring an IP address which the router is receiving from its BGP peer which you wish to monitor.
I am sure if you provide me sample diagram/config i'll be able to give some more descriptive answer.
Regards,
HK -
Can you help? Two dialer interfaces with IP SLA for default route failover - issues
I have an issue with a Cisco 2821, it has an ADSL2+ HWIC whose ATM interfaces is linked to dialer 1 and a Gi0/1 interface with a pppoe client which is linked to dialer 2. Both dialer interfaces are up with their respective IP addresses. If the ADSL on dialer 1 fails i want the IP SLA to kick and and replace the default route for dialer 1 with one for dialer 2.
This config works if you manually shut down the dialer 1 interface, it injects the default route for dialer 2 and then when you unshut the interface, the default route for dialer 1 comes back. The problem i have is if you take out the cable for the ATM interface and take it down, it does not take the route out the routing table and the default route for dialer2, which works if you just shut down dialer 1 does not appear.
whats the difference between shutting down dialer1 and it fails over the default route and taking the cable out then it does not?
Here is my config, i'm sure its something simple i'm doing wrong, can anyone help???
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Router
boot-start-marker
boot-end-marker
logging message-counter syslog
enable secret 5 $1$qOOJ$HV5AH6US/YZMuCGPYp3pP.
no aaa new-model
dot11 syslog
ip source-route
ip cef
ip dhcp excluded-address 192.168.0.1
ip dhcp pool pool1
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 188.92.232.50 188.92.232.100
no ip domain lookup
no ipv6 cef
multilink bundle-name authenticated
voice-card 0
no dspfarm
archive
log config
hidekeys
track 1 ip sla 1 reachability
interface GigabitEthernet0/0
description Gi0/30 Local LAN
ip address 192.168.0.1 255.255.255.0
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
no ip mroute-cache
duplex auto
speed auto
snmp trap ip verify drop-rate
no mop enabled
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 2
interface ATM0/2/0
description ATM0_DSL
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
logging event atm pvc state
logging event subif-link-status
no atm ilmi-keepalive
dsl operating-mode auto
dsl enable-training-log
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface Dialer1
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
keepalive 1 3
no cdp enable
ppp lcp predictive
ppp authentication pap chap callin
ppp chap hostname ********@ccsleeds.net
ppp chap password 0 ********
ppp pap sent-username *******@ccsleeds.net password 0 ********
interface Dialer2
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
encapsulation ppp
dialer pool 2
keepalive 1 3
no cdp enable
ppp lcp predictive
ppp authentication pap chap callin
ppp chap hostname **********@adsllogin.co.uk
ppp chap password 0 *********
ppp pap sent-username *********@adsllogin.co.uk password 0 ***********
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 Dialer2 10
no ip http server
no ip http secure-server
ip nat inside source list 1 interface Dialer1 overload
ip sla 1
icmp-echo 8.8.8.8 source-interface di1
timeout 1000
threshold 100
frequency 3
ip sla schedule 1 life forever start-time now
access-list 1 permit 192.168.0.0 0.0.0.255
control-plane
gatekeeper
shutdown
line con 0
line aux 0
line vty 0 4
password test
login
scheduler allocate 20000 1000
endSure that EEM can shut/unshut interface...you have "event track" in EEM for monitoring track events...for example:
event manager applet test
event track 1 state down
action 1.0 command "enable"
action 1.1 command "conf t"
action 1.2 command "interfac dialer 1"
action 1.3 command "shut"
action 1.4 syslog "Dialer 1 down!!!"
action 1.5 end
This would be an example from head :)
You would need another EEM similar to this one for unshutting interface with "event track 1 state up" for bringing interface up again.
Again as I said you would need to test this before putting in production and you would maybe need to tweak this a little bit acording to your needs...
BR,
Dragan -
Track ip route metric threshold
Hi guys
Is there someone who can explain the follow output:
c3750#sh track
Track 1
IP route 8.8.4.4 255.255.255.255 metric threshold
Metric threshold is Up (EIGRP/28416/11)
147 changes, last change 00:00:04
Metric threshold down 210 up 190
First-hop interface is Vlan1
Track 2
IP route 8.8.8.8 255.255.255.255 metric threshold
Metric threshold is Up (OSPF/20/20)
40 changes, last change 01:13:36
Metric threshold down 255 up 254
First-hop interface is Vlan1
I've not found documentation about line :
(EIGRP/28416/11) and (OSPF/20/20)
I've not understood which is the metric that track match with his configuration:
Thanks many much in advance
Daniele
Some configuration detail:
track 1 ip route 8.8.4.4 255.255.255.255 metric threshold
threshold metric up 190 down 210
track 2 ip route 8.8.8.8 255.255.255.255 metric threshold
c3750#sh ip route
O E2 8.8.8.8 [110/20] via 192.168.0.100, 00:00:04, Vlan1
D EX 8.8.4.4 [170/28416] via 192.168.0.1, 00:00:31, Vlan1As far as tracking goes, it will be "Up" as long as there is a route to 7.1.1.7/32 in the routing table of the routers configured with track 1. It must be a /32 route due to the "255.255.255.255" in the track 1 statement. With that being said, track 1 will be "Down" since e1/0 on r7 is most likely not configured with a /32 mask. I say most likely because it is conneced to R2 and ethernet interfaces cannot be configured with a /32 mask. Attempting to would result in "Bad mask /32 for address 7.1.1.7". To bring track 1 up, the mask needs to match the route for 7.1.1.7 exactly as seen in the routing tables of R3 and R4.
With the current topology any issue causing eigrp on R2 to not advertise 7.1.1.7/32 will take track 1 down on both R3 and R4. The HSRP priority on both routers will decrement 10 which means that R3 will never take priority. No failover will occur as a permanent state in a converged network.
Another point to make in this scenario is that tracking 7.1.1.7/32 could cause instability in the network. If connectivity between R2 and R7 fails, HSRP will failover. This topology change causes updates and and traffic disruptions in an unrelated part of the network. Traffic destined to R2 or possibly another router off R2 is now affected even though only connectivity to R7 is of concern. Also, R2's hold timer for R7 could cause long delays for eigrp updates to make it down to R3 and R4.
Optimally, R3 and R4 should track the status of an object specifically related to their own connectivity to R2 such as interface line-protocol or IP. This will give the network stability, increase routing accuracy, cause faster failover, and better avaibility, etc, etc, etc.
Check out Configuring Enhanced Object Tracking @ http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp/configuration/15-mt/iap-15-mt-book/iap-eot.html
Ian -
Anyone can help to understand Track ip route 0.0.0.0 0.0.0.0 reachability
Hi All
Please see the diagram in attachment. R7 e1/0 ip address is 7.1.1.7. R3 and R4 are configured with HSRP. R3, R4, R2, and R7 are configured with EIGRP.
HSRP are configured in R3 and R4 as following. Do you think the track configuration is correct ? Thank you
R3(config-if)#do sh run int vlan 4
interface Vlan4
ip address 4.1.1.3 255.255.255.0
standby 2 ip 4.1.1.1
standby 2 preempt
standby 2 track 1
R3(config-if)#do sh run | s track
track 1 ip route 7.1.1.7 255.255.255.255 reachability
R4(config-if)#do sh run int vlan 4
interface Vlan4
ip address 4.1.1.4 255.255.255.0
standby 2 ip 4.1.1.1
standby 2 priority 105
standby 2 preempt
standby 2 track 1
R4(config-if)#do sh run | s track
track 1 ip route 7.1.1.7 255.255.255.255 reachabilityAs far as tracking goes, it will be "Up" as long as there is a route to 7.1.1.7/32 in the routing table of the routers configured with track 1. It must be a /32 route due to the "255.255.255.255" in the track 1 statement. With that being said, track 1 will be "Down" since e1/0 on r7 is most likely not configured with a /32 mask. I say most likely because it is conneced to R2 and ethernet interfaces cannot be configured with a /32 mask. Attempting to would result in "Bad mask /32 for address 7.1.1.7". To bring track 1 up, the mask needs to match the route for 7.1.1.7 exactly as seen in the routing tables of R3 and R4.
With the current topology any issue causing eigrp on R2 to not advertise 7.1.1.7/32 will take track 1 down on both R3 and R4. The HSRP priority on both routers will decrement 10 which means that R3 will never take priority. No failover will occur as a permanent state in a converged network.
Another point to make in this scenario is that tracking 7.1.1.7/32 could cause instability in the network. If connectivity between R2 and R7 fails, HSRP will failover. This topology change causes updates and and traffic disruptions in an unrelated part of the network. Traffic destined to R2 or possibly another router off R2 is now affected even though only connectivity to R7 is of concern. Also, R2's hold timer for R7 could cause long delays for eigrp updates to make it down to R3 and R4.
Optimally, R3 and R4 should track the status of an object specifically related to their own connectivity to R2 such as interface line-protocol or IP. This will give the network stability, increase routing accuracy, cause faster failover, and better avaibility, etc, etc, etc.
Check out Configuring Enhanced Object Tracking @ http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp/configuration/15-mt/iap-15-mt-book/iap-eot.html
Ian -
LMS 4.2 User tracking and router arp table
Hi,
If I have understand correctly, the IP address - mac address matching was made with the arp table of a cisco acces switch if it will made the L3.
My access switch wasn't used for L3 routing, only L2
It's possible to set user track to use the arp table of a firewall or a router for made this matching ?
Thanks a lotAs long as you have a supported Cisco Layer 3 device in your LMS-management domain, you should be able to correlate the IP-MAC addresses in User Tracking (UT).
UT support is not specifically listed for the ASA firewall - I'm not sure it will support that feature if it is the users' gateway.
Useful links:
UT explanation from the LMS Admin Guide
Supported devices listing
Hope this helps. -
I know in many apps you can define your route and it tells you where to go, but I need an App to do the opposite. I want it to record my position as I go and then show me in the Map where I have been and the route I've taken. Does anybody knows any application like this?
Solved!
Go to Solution.Have a look at Nokia Sportstracker which I think does what you want. Have a look at the link below.
http://betalabs.nokia.com/betas/view/sports-tracker
You did not tell us what phone you have so be sure to check for compatibility with your phone before installing. -
I am trying to setup a fault tolerant configuration for a branch site using MPLS as the primary and DMVPN as the backup. The MPLS cloud uses BGP, our data center and directly connected sites use EIGRP. BGP routes are injected into the EIGRP network at the data center.
My problem is that when both MPLS and DMVPN are in use, routers at the data center see EIGRP advertisements as a lower cost than the BGP injected route. Traffic is returned on the much slower backup circuit.
My setup...
Router 1
100 mbps MPLS connection
HSRP priority 200
SLA Track BGP reachability with HSRP priority decrement 150
Router 2
10 mpbs DMVPN over direct internet connection
HSRP priory 100
Ideally, I would like router 2 to only advertise its the local subnet on EIGRP when it is the primary HSRP router. Another option is to setup an SLA track on router 2 to watch the BGP neighbor of router 1. I have not found any examples of how to advertise routes based on an SLA.
I am okay with the convergence delay of EIGRP when the MPLS connection fails. In my tests performing this manually, it takes less than 30 seconds, an acceptable outage for this site.Hi! Did you get a solution for this? I've been planning the same and reached the conclusion the eigrp on the dmvpn would be an issue potentially. I'm now thinking of running bgp on the dmvpn, as we're already running it on the mpls network. I'm using eigrp internally, and redistributing the router to each other.
-
IP SLA Default Route state down to much
Hello,
I am attempting to use IP SLA trackers to dynamically set the default route going out over a DSL connection. if the sla trackers are down the default route learned from the WAN will take over, but normally we want to send internet/default route bound traffic out over the DSL connection.
ip route 208.67.220.220 255.255.255.255 1.2.3.4
ip route 208.67.222.222 255.255.255.255 1.2.3.4
ip route 0.0.0.0 0.0.0.0 1.2.3.4 track 3
track 1 ip sla 1
delay down 60 up 60
track 2 ip sla 2
delay down 60 up 60
track 3 list boolean or
object 1
object 2
ip sla 1
icmp-echo 208.67.222.222 source-ip 1.2.3.5
threshold 1000
frequency 10
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 208.67.220.220 source-ip 1.2.3.5
threshold 1000
frequency 10
ip sla schedule 2 life forever start-time now
the issue we are having is if the SLA threshold is breached, it immediately sends the trackers into a delay down state. the tracker delays down for 60 seconds, then very quickly comes back up. What we want to accomplish is only if the sla tracker has breached the threshold or is down for 60 seconds, then put the tracker into a down state.
Thanks.The configuration seems to be correct: IP SLA change as soon as the icmp fail but the tracker delay should ensure the it changes its state after 60seconds of icmp failure. Do you experience a different behaviour ?
What I'm worried about is that, after the default router through the WAN is in routing table, the ip sla ping will be successful and therefore the static route
ip route 0.0.0.0 0.0.0.0 71.32.39.46 track 3
will be used but, at that point, which is the path to 71.32.39.46 ?
Another thing is that, in case of DSL link failure, this configuration will not automatically revert to WAN link because 71.32.39.46 will be still up and running, isn't it ?
Let me know,
enrico -
Hi. everyone.
Our client wanted that apply IP SLA Track at Cat3750
So follows this is sample config.
=========================================================
ip sla 1 ! The IP SLA operation is defined here
icmp-echo 192.0.2.2
frequency 10 ! The 192.0.2.2 is pinged each 10 seconds
threshold 500 ! Pings over 500msec are considered delayed
timeout 1000 ! Pings over 1000msec are considered timeouted
ip sla schedule 1 life forever start-time now
ip route 0.0.0.0 0.0.0.0 10.1.254.1 track 10
=========================================================
But I have wonder a few question.
1. How many support that IP SLA operation count.?(Support must be at least 30 count)
2. How many support that track count in static route?(Support must be at least 30 count)
3. IOS version that supports IP SLA What is this?
I`m try that find cisco web site and all web site.
but I can not found this.
Best Regeads.Hi ,
You can configure IP SLA on your device using below link
http://www.cisco.com/c/en/us/td/docs/ios/12_4/ip_sla/configuration/guide/hsla_c/hsicmp.html
you need to download MIB on to your MRTG server for montioring
CISCO-IPSLA-ECHO-MIB
CISCO-IPSLA-ETHERNET-MIB
Look into below url for loading MIB
http://oss.oetiker.ch/mrtg/doc/mrtg-reference.en.html
HTH
Sandy -
Cisco ASA sla and track commands
Cisco ASA 5520's running 8.2.5 and using sla and track commands
Am I right in thinking that sla and track can be used for any pair of routes using diverse routes between 2 locations, these commands are NOT just restricted to being sued for a default route?
Example: I have 2 MPLS carriers between the 2 sites, the networks advertised by the MPLS carriers would be idnetical
e.g.Site A has
route outside 172.16.0.0 255.255.0.0 2.2.2.2 1 track 1
route outside 172.16.0.0 255.255.0.0 3.3.3.3 128
There would of course be the track 1 rtr...command and some corresponding sla commandsMatthew
Am I right in thinking that sla and track can be used for any pair of routes
As far as I know, yes, they don't need to be default routes, it's just that they usually are.
I would have thought if both routes are pointing via the outside interface though the next hop IPs would be in the same subnet ?
Jon -
HSRP route reachability tracking
Hi,
I've been tasked with designing an HSRP solution for one of our sites and I seem to have hit a snag when tracking a route. In the situation where an intermediate link goes down resulting in the most efficient route being via the Standby router so I want that router to become the Active. But, because we use OSPF, the Active and Standby roles do not change as the route tracked is always reachable as far as the Active router is concerned, so the traffic bounces from the Active to the Standby (via the LAN) and across the WAN.
Has anyone else came across this? How did you resolve the problem?
Many Thanks,
Scottstill doesnt converge route in 2 sec takes almost 10 to 30 sec
ciscoasa(config)# sh sla monitor operational-state ?
exec mode commands/options:
<1-2147483647> Entry Number
| Output modifiers
ciscoasa(config)# sh sla monitor operational-state
Entry number: 1
Modification time: 00:37:36.465 UTC Tue Nov 30 1999
Number of Octets Used by this Entry: 1480
Number of operations attempted: 23
Number of operations skipped: 0
Current seconds left in Life: Forever
Operational state of entry: Active
Last time this entry was reset: Never
Connection loss occurred: FALSE
Timeout occurred: TRUE
Over thresholds occurred: FALSE
Latest RTT (milliseconds): NoConnection/Busy/Timeout
Latest operation start time: 00:41:06.646 UTC Tue Nov 30 1999
Latest operation return code: Timeout
RTT Values:
RTTAvg: 0 RTTMin: 0 RTTMax: 0
NumOfRTT: 0 RTTSum: 0 RTTSum2: 0 -
Hi -
My network is as follows:
Two Cat 3750 running SMI with HSRP at a main site (let's call them s1
and s2 - w/ s1 as the primary).
s1 is connected to a remote site via metro enet to a router r1
s2 is connected to the same remote site via a router r2 connected to a
T1 to r1
r1 and r2 are 1700s w/ IP feature set.
At r1, my default route is to s1 w/ another default route to r2 as a
backup with a higher metric.
Here's what I'm trying to accomplish (this is mainly going to require
configuration on r1 and s1 I think).
The metro enet interface on r1 and s1 NEVER goes down, even if the
circuit does. As a result, I was using SLA tracking on r1 to ping s1.
Works fine - the route fails over and back (although slowly on the
failback).
Problem is on s1. With SMI, how do I say: route traffic to the remote
site via s2 if r1 is not pingable?
I set up SLA monitoring (rtr) on s1, but the tracking functionality
doesn't seem to be in the SMI.
I know this is easily fixed by running EIGRP, but I'm trying to NOT buy
the EMI.
Thanksthe following are the tools for monitoring tools for SLA
1.CiscoWorks Internetworking Performance Monitor (IPM)
2.Cisco Network Service Performance Engine (CNS PE)
3.VPN Solution Center (VPN SC)
Maybe you are looking for
-
Safari Quits Unexpectedly Every Time I Open It
Every time I try to run safari, it quits immediatly. Below is the diagnostic report. Can anyone tell me why this is happening and how to fix it? Thanks! Process: Safari [2591] Path: /Applications/Safari.app/Contents/MacOS/Safari
-
Can't Get Full Screen Album Artwork On My Computer Anymore When Playing Itunes
It worked until recently, then all of a sudden the full screen option was greyed out. Oddly enough, sometimes full screen comes up arbitrarily right after a video plays and it switches back to music but then disappears again if I close Itunes and the
-
How to convert oracle 9i database to mysql using JSP?
Dear friends, I want to convert oracle 9i database to mysql using JSP technology. Does there anyone who have a hint or some web links about this task? I searched the internet and found all of them are not free and no source code. In fact, what I want
-
Tap / click button fault - any ideas?
Hi there. After around two years of use no problems, the track pad button (I don't know if this has an official name) has stopped working properly. The only place on it I can get it to connect it when I click in the top right corner. When I click in
-
Hi, As of now, I believe we can create one Universe based on sigle BW query. But is there a possibility of having a single Universe based on Multiple BW queries. If No then can anyone tell me when is this planned (which version)? If yes then how?