SLA Ping Tracking on 3750 SMI

Similar Messages

• Cisco ASA sla and track commands

  Cisco ASA 5520's running 8.2.5 and using sla and track commands
  Am I right in thinking that sla and track can be used for any pair of routes using diverse routes between 2 locations, these commands are NOT just restricted to being sued for a default route?
  Example: I have 2 MPLS carriers between the 2 sites, the networks advertised by the MPLS carriers would be idnetical
  e.g.Site A has
  route outside 172.16.0.0 255.255.0.0 2.2.2.2 1 track 1
  route outside 172.16.0.0 255.255.0.0 3.3.3.3 128
  There would of course be the track 1 rtr...command and some corresponding sla commands

  Matthew
  Am I right in thinking that sla and track can be used for any pair of routes
  As far as I know, yes, they don't need to be default routes, it's just that they usually are.
  I would have thought if both routes are pointing via the outside interface though the next hop IPs would be in the same subnet ?
  Jon

• 3750 SMI and EMI

  Hi,
  I am just about to place an order for a large quantity of 3750 switches.
  Yesterday i was told by a consultant of company who will be supplying the kit that the 3750 SMI does not support IGMP snooping and that we would need to EMI images to support this.
  We have existing 3750 SMI switches at another site and i can see that IGMP snooping is enabled by default on all interfaces/VLAN however we don't have multicast configured at this site so i can do any testing easily.
  Could someone just confirm that i don't need to purchase an EMI image for IGMP snooping as we definately need this support.
  Many thanks
  Paddy

  Guys,
  Sorry to jump on the back of this thread but I also have a similar issue and could use some clarification.
  I am currently rolling out Multicast services across many of our European offices, many of which have 3750 switches installed (all SMI). Most of these offices only use the 3750 switches as Layer 2 devcies and their Default Gateway is the on-site WAN router which is configured for PIM and we use a static Multicast RP config which works ok.
  However, some of the larger sites are using the Layer 3 feature of the 3750 and creating an SVI for each separate Vlan (separate IP subnet) - usual practice, this then becomes the users Default Gateway for off-network traffic. They then tend to have a Static route configured which points at the site WAN router which then redistributes the statics into the Global WAN.
  The problem we're having here is that when we try and configure the 3750 for 'ip multicast-routing' it's not taking the command as I presume these 3750's need to be EMI and NOT SMI - do I have this correct - if so does anybody have a work around or are we looking at multiple upgrades to EMI.?
  Thanks..John

• IP SLA and Tracking for alerting

  Hi,
  I configured IP SLAs for sites that connect to the Internet via a 2911 router
  Config:
  ip sla 199
   icmp-echo 4.2.2.2 source-interface GigabitEthernet0/2
  ip sla schedule 199 life forever start-time now
  ip sla logging traps
  track 199 ip sla 199
   delay down 120 up 120
  Works great - sends a syslog message to the Solarwinds box and message sets off an email alert.
  We have a couple of smaller sites that connect to the Internet via a 5510. I'm trying to accomplish the same thing but, it doesn't seem to have the options to set a "delay down and delay up"
  Below seems to be my only option:
  "track 199 rtr 199 reachability"
  Will this tracking-config log the ping fail and if so, is there a way to delay the logging for 120 secs - for Up and Down events?
  Thanks, Pat

  Hello Pat,
  Have you tried entering the command "track 199 rtr 199 reachability"
  The prompt should look like this after:
  Router(config-track)#
  Here you should be able to enter the command "delay down 120 up 120" to my recollection.

• IP SLA and track at Cat3750

  Hi. everyone.
  Our client wanted that apply IP SLA Track at Cat3750
  So follows this is sample config.
  =========================================================
  ip sla 1 ! The IP SLA operation is defined here
  icmp-echo 192.0.2.2
    frequency 10 ! The 192.0.2.2 is pinged each 10 seconds
    threshold 500 ! Pings over 500msec are considered delayed
    timeout 1000 ! Pings over 1000msec are considered timeouted
  ip sla schedule 1 life forever start-time now
  ip route 0.0.0.0 0.0.0.0 10.1.254.1 track 10
  =========================================================
  But I have wonder a few question.
  1. How many support that IP SLA operation count.?(Support must be at least 30 count)
  2. How many support that track count in static route?(Support must be at least 30 count)
  3. IOS version that supports IP SLA What is this?
  I`m try that find cisco web site and all web site.
  but I can not found this.
  Best Regeads.

  Hi ,
   You can configure IP SLA on your device using below link 
  http://www.cisco.com/c/en/us/td/docs/ios/12_4/ip_sla/configuration/guide/hsla_c/hsicmp.html
  you need to download MIB on to your MRTG server for montioring 
  CISCO-IPSLA-ECHO-MIB
  CISCO-IPSLA-ETHERNET-MIB
  Look into below url for loading MIB 
  http://oss.oetiker.ch/mrtg/doc/mrtg-reference.en.html
  HTH
  Sandy

• IP SLA Monitor /Tracking 2921

  I am looking or IOS code for a Cisco 2921/K9 that will allow me to do IP SLA Tracking. The current code "c2900-universalk9-mz.SPA.151-4.M.bin" will only allow me to sset up IP SLA responder or IP SLA Server but  NOT IP SLA Monitor or IP SLA RTR.
  I have used the Cisco feature set research tool and chose what it recommended but to no avail.
  Am I missing something? Will the Server or Responder perform tracking?
  Thanks in advance to anyone who can  assist..
  ~g

  Dear All,
  I have the same problem with C2921. I want to config IP SLA for my C2921 but it seems do not support. The below for your reference.
  ####### Do not have option monitor
  ip sla ?
    key-chain  Use MD5 Authentication for IP SLAs Control Messages
    responder  Enable IP SLAs Responder
    server     IPPM server configuration
  Show version
  System image file is "flash0:c2900-universalk9-mz.SPA.151-4.M1.bin"
  License Info:
  License UDI:
  Device#   PID                   SN
  *0        CISCO2921/K9          FGL153913PM    
  Technology Package License Information for Module:'c2900'
  Technology    Technology-package           Technology-package
                Current       Type           Next reboot 
  ipbase        ipbasek9      Permanent      ipbasek9
  security      None          None           None
  uc            None          None           None
  data          None          None           None
  Please kindly advise what ios I can use for configuring IP SLA. there're any problem with my licence for that
  Best Regards,
  Binh

• 3750 SMI is HSRP possible with inter-VLAN routing

  Dear Netprof,
  Wondering if anyone has managed to do this in practice.
  I have two sites separate by a LES100 circuit, which is currently configured as a trunk.
  I have 2 x 3750G-48-SMI's at each site (total of 4).
  I want to have the same vlan numbering at each site, i.e vlans 10, 20, 30, etc for users and vlans 100, 200, 300 for servers then another load of vlans for DMZ and market feeds.
  The same VLANs would be presented at both sites.
  Is it possible to setup HSRP so that on each stack inter-VLAN routing can occur on each site if the LES 100 fails.
  Any web links would be appreciated.
  Thanks in advance,
  Regards, adrian.

  Hi, many thanks for your assistance on this.
  I totally agree, the best way would be to have a different default gateway configured at each site. However I have all the client machines with static addresses and this would involve a lot of work.
  The vlans that are split between the sites has the majority of users at one site, so vlan 10 would have 95% of the users at site 1 and vlan 20 would have 95% of the users at site 2.
  I was planning on balancing the HSRP between the switches so on vlan 10 the primary switch (active) would be at site 1 and secondary (standby) would be at site 2. The reverse configuration would be used for vlan 20.
  I am thinking along the lines of something like this for the config, can I have your thoughts?
  Site 1
  Interface vlan 10
  Ip address 192.168.10.2 255.255.255.0
  Standby 1 ip 192.168.10.1
  standby 1 priority 110
  standby 1 preempt
  Interface vlan 20
  Ip address 192.168.20.2 255.255.255.0
  Standby 2 ip 192.168.20.1
  Interface vlan 30
  Ip address 192.168.30.2 255.255.255.0
  Standby 3 ip 192.168.30.1
  standby 3 priority 110
  standby 3 preempt
  Interface vlan 40
  Ip address 192.168.40.2 255.255.255.0
  Standby 4 ip 192.168.40.1
  Site 2
  Interface vlan 10
  Ip address 192.168.10.3 255.255.255.0
  Standby 1 ip 192.168.10.1
  Interface vlan 20
  Ip address 192.168.20.3 255.255.255.0
  Standby 2 ip 192.168.20.1
  standby 2 priority 110
  standby 2 preempt
  Interface vlan 30
  Ip address 192.168.30.3 255.255.255.0
  Standby 3 ip 192.168.30.1
  Interface vlan 40
  Ip address 192.168.40.3 255.255.255.0
  Standby 4 ip 192.168.40.1
  standby 4 priority 110
  standby 4 preempt
  I thought CEF should only need to route the first packet and all remaining packets in the flow should be switched (not routed) ?
  Thank again for your assistance.
  Regards, Adrian.

• IP SLA Default Route state down to much

  Hello,
  I am attempting to use IP SLA trackers to dynamically set the default route going out over a DSL connection.  if the sla trackers are down the default route learned from the WAN will take over, but normally we want to send internet/default route bound traffic out over the DSL connection.  
  ip route 208.67.220.220 255.255.255.255 1.2.3.4
  ip route 208.67.222.222 255.255.255.255 1.2.3.4
  ip route 0.0.0.0 0.0.0.0 1.2.3.4 track 3
  track 1 ip sla 1
   delay down 60 up 60
  track 2 ip sla 2
   delay down 60 up 60
  track 3 list boolean or
   object 1
   object 2
  ip sla 1
   icmp-echo 208.67.222.222 source-ip 1.2.3.5
   threshold 1000
   frequency 10
  ip sla schedule 1 life forever start-time now
  ip sla 2
   icmp-echo 208.67.220.220 source-ip 1.2.3.5
   threshold 1000
   frequency 10
  ip sla schedule 2 life forever start-time now
  the issue we are having is if the SLA threshold is breached, it immediately sends the trackers into a delay down state.  the tracker delays down for 60 seconds, then very quickly comes back up.  What we want to accomplish is only if the sla tracker has breached the threshold or is down for 60 seconds, then put the tracker into a down state.
  Thanks.

  The configuration seems to be correct: IP SLA change as soon as the icmp fail but the tracker delay should ensure the it changes its state after 60seconds of icmp failure. Do you experience a different behaviour ?
  What I'm worried about is that, after the default router through the WAN is in routing table,  the ip sla ping will be successful and therefore the static route 
  ip route 0.0.0.0 0.0.0.0 71.32.39.46 track 3
  will be used but, at that point, which is the path to 71.32.39.46 ? 
  Another thing is that, in case of DSL link failure, this configuration will not automatically revert to WAN link because 71.32.39.46 will be still up and running, isn't it ?
  Let me know,
  enrico

• IPV6 statics and IP SLA

  Hi,
  I have a test setup working fine in general with IPV4/IPV6. However, I have one situation where I'd like to do what I do in IPV4 for IPV6
  The situation is where an IPV4 SLA pings two IP addresses. Then there are two static routes tracking these two routes. Under certain failure conditions, the tested destinations disappear and the pings fail. The static routes disappear and a floating static on another router seen via OSPF takes over.
  All this works well with IPV4.
  I'd like to do the same in IPV6 but there is no equivalent to the
  ip route x.x.x.x y.y.y.y z.z.z.z track N command
  I have 12.4.22T and can configure the icmp echo tests fine and they go up/down correctly when the tested destination goes, but I can't configure the ipv6 static as there is no command:
  ipv6 route x:x:x:x::/x z:z:z:z::z track N
  Had a look round 15.2 code and still nothing.
  Anyone know if this is coming ?
  Or is there another way ?

  Answered my own question. Found a link on a non-Cisco forum that said IPV6 static route track not yet there although on the list and referred to EEM as alternative.
  So this is what I did - and it all works correctly.
  #On c7200-adventerprisek9-mz.124-22.T4.bin
  #First create tests that check the availability of something known via BGP.
  #If BGP peering fails this goes away.
  #There are two tests to BGP peer loopbacks for resilience
  #since in this case there are two BGP peers
  ip sla 3
  icmp-echo FC00:1:11:115::1
  timeout 1000
  frequency 5
  ip sla schedule 3 life forever start-time now
  ip sla 4
  icmp-echo FC00:1:11:115::2
  timeout 1000
  frequency 5
  ip sla schedule 4 life forever start-time now
  #Then setup some trackers against the SLAs.
  track 3 ip sla 3 reachability
  delay down 2 up 2
  track 4 ip sla 4 reachability
  delay down 2 up 2
  #then set up 2 'down' handlers and 2 'up' handlers. The handlers add static routes if the BGP peers
  #are up. The handlers remove if they are down letting OSPF (in this case) deal with an alternate.
  #a syslog is sent to show the handler action.
  event manager applet track_ipv6_test1_down
  event track 3 state down
  action 1.0 syslog msg "EEM applet track_ipv6_test1_down - removing ipv6 static track route 1"
  action 2.0 cli command "enable"
  action 3.0 cli command "conf term"
  action 4.0 cli command "no ipv6 route fc00:1:12:48::/48 fc00:1:11:115::1"
  event manager applet track_ipv6_test2_down
  event track 4 state down
  action 1.0 syslog msg "EEM applet track_ipv6_test2_down - removing ipv6 static track route 2"
  action 2.0 cli command "enable"
  action 3.0 cli command "conf term"
  action 4.0 cli command "no ipv6 route fc00:1:12:48::/48 fc00:1:11:115::2"
  event manager applet track_ipv6_test1_up
  event track 3 state up
  action 1.0 syslog msg "EEM applet track_ipv6_test1_up - adding ipv6 static track route 1"
  action 2.0 cli command "enable"
  action 3.0 cli command "conf term"
  action 4.0 cli command "ipv6 route fc00:1:12:48::/48 fc00:1:11:115::1"
  event manager applet track_ipv6_test2_up
  event track 4 state up
  action 1.0 syslog msg "EEM applet track_ipv6_test2_up - adding ipv6 static track route 2"
  action 2.0 cli command "enable"
  action 3.0 cli command "conf term"
  action 4.0 cli command "ipv6 route fc00:1:12:48::/48 fc00:1:11:115::2"

• Object tracking in Policy BAsed Routing

  Does anyone out there know if it is possible to track an object's availability  (as part of a routing policy) but to specify the TTL of the ping packet used to track that object's availability?
  I am trying to prefer one route over another for specific traffic and want to monitor the IP address of a remote end of an attached L3 link BUT there is also another route to the remote end meaning that the ipEcho monitor will always get a response even if the preferred route is down making it useless in failing over to the route in the routing table in the event the preferred link is lost.
  NB - Using a preferred egress interface as part of the policy cannot be used in this particular case.
  Any help or alternative ways to achieve the same aim gratefully received.  Cheers

  Hi,
  How would specifying the TTL of SLA ping force the ping test on primary path?
  Is it because the destination is less hops away on the primary path than on the secondary ?
  You could do a local policy that sends the pings to the primary path next-hop or do a static host route for ping destination that goes over the primary path.
  Regards
  Alain
  Don't forget to rate helpful posts.

• EEM config to monitor ping failure

  Hello All,
  Excellent forum...
  I'm hoping someone can help me with my configuration...
  I'm looking at setting up EEM on my switch to basically bounce a few selected ports once their is an ICMP failure.
  Ideally i'll be conected to the device being monitored, and once their is a failure (ICMP failure), I'll like to trigger a reset on a few ports on the switch .
  Anyt help would be greatly appreciated.
  B.K

  You can use IP SLA, object tracking, and EEM for this.  For example:
  ip sla 1
  icmp-echo 10.1.1.1
  ip sla schedule 1 life forever start now
  track 1 ip sla 1 reachability
  event manager applet ping-watch
  event track 1 state down
  action 1.0 cli command "enable"
  action 2.0 cli command "config t"
  action 3.0 cli command "int range gi0/1 - 4"
  action 4.0 cli command "shut"
  action 5.0 cli command "end"

• Interface tracking

  Hello,
  Please can someone confirm what the following does.
  track 1 interface GigabitEthernet0/0/0.1101 line-protocol
  ip route vrf V411:test 10.12.0.0 255.255.0.0 10.9.1.10 name test track 1
  will this take the static route out of the routing table if interface gig0/0/0.1101 goes down?
  i thought the static route will still be removed if the interface goes down?
  Thanks

  If that's the only interface that route is accessible through, then there really is no point. Many times, the route could be learned from a dynamic routing protocol, but you'd rather use the static first. I have some in this scenario where I use a static route if a loopback is up, but I also learn that route via bgp from another source. I'd rather use the static first, but if the loopback is to go down I want to use the bgp route. My situation is a little different though because I'm pinging through a vpn tunnel to this loopback which means that my route would always be up unless my next hop (which is local to the core switch) were to go down. I track the ping in sla and then track that. My static route points to the track, and when it goes down I can then use the route that's in the bgp table.
  So in your example, if the interface goes down and it doesn't have any other way to the route, then the route will leave the routing table. If for some reason, you were want to track the route on the other side of the gateway, I would use sla and track that to verify that the route is up by some other means should the 10.9.1.10 address always be up. Does that make sense?
  Sorry for my short response above...I was doing that from my phone...
  HTH,
  John

• IP SLA, Tunnels, and static routes

  Here's the scenario:  1 router will have a primary and secondary ISP connection.  I set up an SLA to track connectivity on the primary connection.  Here are the static routes:
  ip route 0.0.0.0 0.0.0.0 Tunnel55 track 10
  ip route 12.54.X.X 255.255.255.240 GigabitEthernet0/0 track 10
  ip route 12.54.X.Y 255.255.255.255 X.15.115.X track 10
  ip route 192.168.32.0 255.255.240.0 Tunnel55 track 10
  ip route 192.168.48.0 255.255.252.0 Tunnel55 track 10
  ip route 192.168.56.0 255.255.255.0 Tunnel55 track 10
  ip route 0.0.0.0 0.0.0.0 Tunnel56 254
  ip route 12.54.X.X 255.255.255.240 GigabitEthernet0/1 254
  ip route 12.54.X.Y 255.255.255.255 X.15.81.X 254
  ip route 192.168.32.0 255.255.240.0 Tunnel56 254
  ip route 192.168.48.0 255.255.252.0 Tunnel56 254
  ip route 192.168.56.0 255.255.255.0 Tunnel56 254
  So I shut down the port (gi0/0) belonging to the primary port.  At this point, it seemed like it worked fine.  The routes shifted over to the backup routes.  However, when I re-enabled the port, only two of the routes switched back. The routes pointing to Tunnels stayed on the secondary tunnel. When I browsed my static routes, I saw this:
  Gateway of last resort is 0.0.0.0 to network 0.0.0.0
  S*    0.0.0.0/0 is directly connected, Tunnel56
        12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
  S        12.x.x.16/28 is directly connected, GigabitEthernet0/0
  S        12.x.y.20/32 [1/0] via x.15.115.x
  S     192.168.32.0/20 is directly connected, Tunnel56
  S     192.168.48.0/22 is directly connected, Tunnel56
  S     192.168.56.0/24 is directly connected, Tunnel56
  Is there something special I need to do for Tunnels to allow the Tunnel routes to switch back automatically?

  Hello Ken,
  I can see you are sending the probe packets to the same object ( using the track ID 10 )
  After you bring the interface tunnel up, can you confirm if you can send traffic to that object?
  Regards,
  Julio

• 3550 - 3750 problem. Fiber type or configuration?

  I'm having trouble with a link that was working with a 3600 as an end device, but won't work when replaced with a stack of 3750 switches. A couple of co-workers in our group has looked at it, but can't find anything obvious.
  The path is from a 6500 on multimode trunked fiber to a converter to single mode fiber, (then under the street) to a 3550 Long Haul Gbic. Then we took copper from the 3550 to a 3660 10/half(?). To this point it used to work. We pulled the 3600 and put in a 3750 stack, and configured the copper port on the 3550 to 100/full, and the same on the 3750. The problem is that we can go to the middle device and then ping and telnet both ways from there. But we cannot go from the 6513 through the 3550 to the 3750. I turned debug icmp on the 3550, and it's not seeing anything from the 3750 when I try to go to the gateway.
  Both swiches have the default gateway pointing back to the HSRP Vlan VIP of the 6513. CDP is seeing its neighbors. All interfaces seem to be up/up. Here are the snippets of configs for all ports. Maybe someone can see something I'm missing? The only thing I can think could be a mismatch somewhere between the switches, or the multimode to single mode fiber is not translating.
  6513:
  interface GigabitEthernet1/23
  description To Building E
  no ip address
  udld port aggressive
  switchport
  switchport trunk encapsulation dot1q
  3550 from 6500
  interface GigabitEthernet0/1
  switchport mode dynamic desirable
  3550 out to 3750:
  interface FastEthernet0/1
  switchport trunk encapsulation dot1q
  switchport mode trunk
  speed 100
  duplex full
  3750 stack:
  interface FastEthernet5/0/1
  switchport trunk encapsulation dot1q
  switchport mode trunk
  duplex full
  speed 100
  Any direction would be most appreciated.
  Thanks,
  Jim

  I can't say the configuration is eithre good or not as it does not really show a lot. As far as L2 configuration they seem okay as all the ports are configured for trunking, however, the trunk port between 3550 and 3750 looks like the are "forced" to turnk with the mode trunk. are the vlans in forwarding mode in both sides (show int trunk). What happens when the port between 3550 and 3750 are in desirable mode, does it build the trunk? More important questions is what ip address are you pinging on the 3750? What vlan should it belong to?
  Maybe you can post the following:
  1. ping from 6513 to the 3550.
  2. ping from 6513 to the 3750.
  I want to keep it short so might have some question after seeing the above outputs.

• ASA ios ver 7.2 Track command not working

  Hi
  I have ASA 5520 with 7.2 ios. i am having 2 vpn boxes in the dmz. i used to track and sla monitor command but the static route does not get removed from the routing table and the higher AD route does not get added. below is the Sla and Track command which are running
  sla monitor 1
  type echo protocol ipIcmpEcho 192.168.30.3 interface Dmz1
  sla monitor schedule 1 life forever start-time now
  track 20 rtr 1 reachability
  route Dmz1 192.168.206.0 255.255.255.0 192.168.30.3 1 track 20
  route Dmz1 192.168.206.0 255.255.255.0 192.168.30.4 50
  can someone tell me if i am going wrong somewhere

  The configs are not attached.