IP SLAs on Cisco routers can be used for a lot of reasons. I like to use them for dual ISP configurations, together with tracking objects and an EEM script to send email alerts whenever a failover has occurred. Below is a simple example demonstrating the overall configuration.
The easiest place to start is with creating a couple of IP SLAs. I prefer using more than one, just in case there is an issue effecting just the one IP.
1. Create two IP SLAs, I'll be using Google and OpenDNS/Cisco's secondary public DNS servers
ip sla 10
icmp-echo 8.8.4.4 source-interface GigabitEthernet0/0/0
frequency 10
ip sla schedule 10 life forever start-time now
!
ip sla 20
icmp-echo 208.67.220.220 source-interface GigabitEthernet0/0/0
frequency 10
ip sla schedule 20 life forever start-time now
2. Since I want the IP SLAs to test Internet connectivity for just the primary ISP, I'll create a static route pointing them to always go out the primary ISP
ip route 208.67.220.220 255.255.255.255 12.13.178.25 permanent name SLA_Tracking
ip route 8.8.4.4 255.255.255.255 12.13.178.25 permanent name SLA_Tracking
3. Now that our IP SLAs are testing our connection, lets setup some tracking objects to track the status of the IP SLAs. These two tracking objects will track their respective IP SLA and transition to a down state after the IP SLA has failed for over 30 seconds. This will help prevent route flapping and general network chaos.
track 1 ip sla 10 reachability
delay down 30
!
track 2 ip sla 20 reachability
delay down 30
4. To ensure that the internet has truly failed, I bundled the two individual tracking objects into one overall tracking object. This tracking object will only transition to a down state if BOTH tracking objects fail. This is handled by a Boolean OR and prevents primary/backup ISP failover if just one IP SLA is failing.
track 10 list boolean or
object 1
object 2
5. Almost there! Next, associate the tracking objects to two default static routes in the router configuration, one for the primary ISP and one for the backup ISP.
ip route 0.0.0.0 0.0.0.0 12.63.178.25 name PrimaryISP track 10
ip route 0.0.0.0 0.0.0.0 187.68.13.12 10 name BackupISP
6. Finally, setup an EEM script that sends an email whenever Track 10 changes its state UP or DOWN
event manager applet TRACK_SLA_10_DOWN
event track 10 state down
action 1.0 info type routername
action 2.0 mail server "smtp.email.com" to "noc@company.com.com" from “eem-alerts@company.com" subject "$_info_routername - Primary ISP is DOWN" body "Router is using backup ISP" source-interface Loopback0
!
event manager applet TRACK_SLA_10_UP
event track 10 state up
action 1.0 info type routername
action 2.0 mail server "smtp.email.com" to "noc@company.com" from "eem-alerts@company.com" subject "$_info_routername - Primary ISP is UP" body "Router is using primary ISP" source-interface Loopback0
The easiest place to start is with creating a couple of IP SLAs. I prefer using more than one, just in case there is an issue effecting just the one IP.
1. Create two IP SLAs, I'll be using Google and OpenDNS/Cisco's secondary public DNS servers
ip sla 10
icmp-echo 8.8.4.4 source-interface GigabitEthernet0/0/0
frequency 10
ip sla schedule 10 life forever start-time now
!
ip sla 20
icmp-echo 208.67.220.220 source-interface GigabitEthernet0/0/0
frequency 10
ip sla schedule 20 life forever start-time now
2. Since I want the IP SLAs to test Internet connectivity for just the primary ISP, I'll create a static route pointing them to always go out the primary ISP
ip route 208.67.220.220 255.255.255.255 12.13.178.25 permanent name SLA_Tracking
ip route 8.8.4.4 255.255.255.255 12.13.178.25 permanent name SLA_Tracking
3. Now that our IP SLAs are testing our connection, lets setup some tracking objects to track the status of the IP SLAs. These two tracking objects will track their respective IP SLA and transition to a down state after the IP SLA has failed for over 30 seconds. This will help prevent route flapping and general network chaos.
track 1 ip sla 10 reachability
delay down 30
!
track 2 ip sla 20 reachability
delay down 30
4. To ensure that the internet has truly failed, I bundled the two individual tracking objects into one overall tracking object. This tracking object will only transition to a down state if BOTH tracking objects fail. This is handled by a Boolean OR and prevents primary/backup ISP failover if just one IP SLA is failing.
track 10 list boolean or
object 1
object 2
5. Almost there! Next, associate the tracking objects to two default static routes in the router configuration, one for the primary ISP and one for the backup ISP.
ip route 0.0.0.0 0.0.0.0 12.63.178.25 name PrimaryISP track 10
ip route 0.0.0.0 0.0.0.0 187.68.13.12 10 name BackupISP
6. Finally, setup an EEM script that sends an email whenever Track 10 changes its state UP or DOWN
event manager applet TRACK_SLA_10_DOWN
event track 10 state down
action 1.0 info type routername
action 2.0 mail server "smtp.email.com" to "noc@company.com.com" from “eem-alerts@company.com" subject "$_info_routername - Primary ISP is DOWN" body "Router is using backup ISP" source-interface Loopback0
!
event manager applet TRACK_SLA_10_UP
event track 10 state up
action 1.0 info type routername
action 2.0 mail server "smtp.email.com" to "noc@company.com" from "eem-alerts@company.com" subject "$_info_routername - Primary ISP is UP" body "Router is using primary ISP" source-interface Loopback0
No comments:
Post a Comment