Hello everyone, in this article I’ll create a Documentation of my learning about configuration IP SLA. IP SLA are used for monitoring connection and automatically failover link when we have two network link or ISP and we need to have automatic failover when primary link goes down.
The Following is the topology are used :
In This scenario we will use ISP1 as Main link, and ISP2 as Backup link. Let say we already configured for ISP Connection.
First Configure ip address for R-A e0/0 and e0/1
R-A(config)#ip add R-A(config)#int e0/0 R-A(config-if)#ip add 10.1.1.2 255.255.255.0 R-A(config-if)#description ISP1 R-A(config-if)#no shut R-A(config)#int e0/1 R-A(config-if)#ip add 10.2.2.2 255.255.255.0 R-A(config-if)#description ISP2 R-A(config-if)#no shut
Then do connection test to 10.1.1.1 (ISP1) and 10.2.2.1 (ISP2) and make sure the connection is successfull.
R-A#ping 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R-A#ping 10.2.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.2.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R-A#
Next configured for IP SLA, as example I’ll use public address 1.1.1.1 for ip monitoring sla and use ip 10.1.1.2 for source address so if ip address 10.1.1.2 from ISP1 network doesn’t reach to 1.1.1.1, IP SLA will triggered.
For some parameters I’ll confirued timeout on 500 ms and ip sla will send icmp echo every 1 second
R-A(config)#ip sla 1 R-A(config-ip-sla)#icmp-echo 1.1.1.1 source-ip 10.1.1.2 R-A(config-ip-sla-echo)#timeout 500 R-A(config-ip-sla-echo)#frequency 1 R-A(config-ip-sla-echo)#exit
Then Activate ip sla 1
R-A(config)#ip sla schedule 1 start-time now life forever
Configure static routing for monitoring public ip 1.1.1.1 through ISP1 network
R-A(config)#ip route 1.1.1.1 255.255.255.255 10.1.1.1 name Route_Monitoring
Verification ip route and test ping to 1.1.1.1.1
R-A#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP ............... 1.0.0.0/32 is subnetted, 1 subnets S 1.1.1.1 [1/0] via 10.1.1.1 10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks C 10.1.1.0/24 is directly connected, Ethernet0/0 R-A(config)#do ping 1.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 24/28/36 ms R-A(config)#exit
R-A#show ip sla statistics IPSLAs Latest Operation Statistics IPSLA operation id: 1 Type of operation: icmp-echo Latest RTT: 24 milliseconds Latest operation start time: *07:59:10.367 UTC Wed Oct 18 2023 Latest operation return code: OK Number of successes: 120 Number of failures: 37 Operation time to live: Forever
Configure Track for ip sla1 and set trigger if ip sla did not get icmp replay within 5 second it will considered as down
R-A(config)#track 1 ip sla 1 reachability R-A(config-track)#delay up 5 down 5
Verification track. As the following the track connection is UP.
R-A#show track Track 1 IP SLA 1 reachability Reachability is Up 1 change, last change 00:00:29 Delay up 5 secs, down 5 secs Latest operation return code: OK Latest RTT (millisecs) 28 R-A#
Then configure default route to ISP1 with track1 and default route to ISP2 with distance metric 10 so it will be backup route.
R-A(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.1 track 1 R-A(config)#ip route 0.0.0.0 0.0.0.0 10.2.2.1 10
Verification ip route. As the shown bellow, active default route is ISP1.
R-A#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP ............. Gateway of last resort is 10.1.1.1 to network 0.0.0.0 S* 0.0.0.0/0 [1/0] via 10.1.1.1 1.0.0.0/32 is subnetted, 1 subnets S 1.1.1.1 [1/0] via 10.1.1.1
Test connection with traceroute and the connection goes through ISP1 gateway
R-A#traceroute 8.8.8.8 num Type escape sequence to abort. Tracing the route to 8.8.8.8 1 10.1.1.1 4 msec 0 msec 4 msec 2 172.16.118.2 4 msec 8 msec 4 msec 3 192.168.251.1 8 msec 8 msec 8 msec ................ 13 8.8.8.8 32 msec 28 msec 28 msec
And then I’ll test for disable connection on ISP1, as the shown on log there are information log that inform the ip sla 1 goes to Down.
R-A# *Oct 18 08:07:52.143: %TRACKING-5-STATE: 1 ip sla 1 reachability Up->Down R-A#
Verification on track ip SLA is Down
R-A#show track Track 1 IP SLA 1 reachability Reachability is Down 2 changes, last change 00:00:18 Delay up 5 secs, down 5 secs Latest operation return code: No connection Tracked by: STATIC-IP-ROUTING 0
When Main link goes to down, Main route will inactive based on track and second route will be active automatically.
R-A#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP ............ Gateway of last resort is 10.2.2.1 to network 0.0.0.0 S* 0.0.0.0/0 [10/0] via 10.2.2.1 1.0.0.0/32 is subnetted, 1 subnets S 1.1.1.1 [1/0] via 10.1.1.1
Verification with traceroute and the connection goes through ISP2 Gateway
R-A#traceroute 8.8.8.8 num Type escape sequence to abort. Tracing the route to 8.8.8.8 1 10.2.2.1 8 msec 0 msec 4 msec 2 172.16.118.2 0 msec 4 msec 4 msec 3 192.168.251.1 8 msec 8 msec 4 msec ............. 13 8.8.8.8 40 msec
Test for enable connection on ISP1, then ip sla goes to UP again. Then verification track the status is UP
R-A# *Oct 18 08:10:17.219: %TRACKING-5-STATE: 1 ip sla 1 reachability Down->Up R-A#show track Track 1 IP SLA 1 reachability Reachability is Up 3 changes, last change 00:00:05 Delay up 5 secs, down 5 secs Latest operation return code: OK Latest RTT (millisecs) 24 Tracked by: STATIC-IP-ROUTING 0
Verification ip route already back to ISP1 Gateway
R-A#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP ............... Gateway of last resort is 10.1.1.1 to network 0.0.0.0 S* 0.0.0.0/0 [1/0] via 10.1.1.1 1.0.0.0/32 is subnetted, 1 subnets