IP SLA LAB #1: Multiple routes

In this lab I will explore using IP SLA probes to decide which route to take towards a remote server.

Topology:

Initial Configuration:

All routers will be neighbors through EIGRP AS 10. I have chosen for this configuration because we are focusing on IP SLA in this lab, not routing protocols. Each router has been set up with the interface IP addresses you can see in the topology. The Client and Server objects are actually routers with a different symbol. They too participate in EIGRP.

I have used the same  Tcl scripting as in my previous updates, to test inter-connectivity of my base configuration; Everything is working and can communicate with each other.

CLIENT(tcl)#foreach address {
+>10.1.1.50
+>10.1.2.3
+>10.1.2.1
+>10.1.3.4
+>10.1.3.2
+>1.1.1.1
+>1.1.1.3
+>2.2.2.2
+>2.2.2.3
+>192.168.1.50
+>192.168.1.1
+>} { ping $address re 2
+>}

So my objective is;

  1. Configure IP SLA to test connectivity over the two ISP networks. If ISP 1 fails, communication should fail-over to ISP 2.

Now I will configure the IP SLA probe on the Branch Router. This is going to be an ICMP Echo probe which will be pointed at a destination in the ISP network, represented by a loopback interface on both router ISP_1 and ISP_2.

ISP_1 Loopback 10: 50.0.0.1 255.255.255.0
ISP_2 Loopback 10: 100.0.0.1 255.255.255.0

The probe will be created with the command “IP SLA 10“, the number 10 being its operation number. Further it will be configured as an ICMP-ECHO towards 50.0.0.1 with a frequency of every 10 seconds, a lifetime of forever and a start-time of now.

Branch_Office(config)#ip sla 10
Branch_Office(config-ip-sla)#icmp-echo 50.0.0.1
Branch_Office(config-ip-sla-echo)#frequency 10
Branch_Office(config-ip-sla-echo)#exit
Branch_Office(config)#ip sla schedule 10 life forever start-time now

More information about the probe we configured can be seen with the command “show ip sla configuration 10

You can also see some statistics about the probe with the command “show ip sla statistics“.

Here you can see, for example, the start time of the probe, how many times it succeeded and failed and its response time (RTT).

To enable tracking for our IP SLA probe towards 50.0.0.1 (To see if ISP_1 WAN link is OK), I will use the command “track 1 rtr 10 reachability“. Note that the command in later IOS versions will be “Track 1 ip sla 10

Branch_Office(config)#track 1 rtr 10 reachability
Branch_Office(config-track)#delay down 10 up 1
Branch_Office(config-track)#exit

I’ve additionally configured it with a delay down of 10 seconds, meaning the remote ip address has to be unreachable for 10 seconds before any action is taken.

After configuring the above, you can have the router automatically add or remove static routes with the command “ip route source destination metric track 1

Branch_Office(config)#ip route 0.0.0.0 0.0.0.0 10.1.2.1 2 track 1

I’ve given this default route a metric of 2 and it’s connected to “track 1“. As 50.0.0.1 is reachable, the static route is showing up in our routing table.

Branch_Office#sh ip route 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
Known via “static”, distance 2, metric 0, candidate default path
Routing Descriptor Blocks:
* 10.1.2.1
Route metric is 0, traffic share count is 1

To test proper functioning, I will also add an IP SLA probe for the backup path’s 100.0.0.1 IP address.

Branch_Office(config)#ip sla 20
Branch_Office(config-ip-sla)#icmp-echo 100.0.0.1
Branch_Office(config-ip-sla-echo)#freq
Branch_Office(config-ip-sla-echo)#frequency 10
Branch_Office(config-ip-sla-echo)#exit

Branch_Office(config)#track 2 rtr 20 reachability
Branch_Office(config-track)#delay down 10 up 1
Branch_Office(config-track)#exit
Branch_Office(config)#ip route 0.0.0.0 0.0.0.0 10.1.3.2 3 track 2

And now we can check if the second default route replaces the first one if the IP SLA 10 probe fails:

ISP_1#conf t
ISP_1(config)#int lo 10
ISP_1(config-if)#shut
*Mar 1 06:21:20.890: %LINK-5-CHANGED: Interface Loopback10, changed state to administratively down
*Mar 1 06:21:21.890: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback10, changed state to down

And did it change on the branch router?

Branch_Office#sh ip route 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
Known via “static”, distance 3, metric 0, candidate default path
Routing Descriptor Blocks:
* 10.1.3.2
Route metric is 0, traffic share count is 1

It sure did, traffic is now going over the ISP_2 router as intended!
Taking another look at our probe statistics, we can see that probe 10 has failed and that probe 20 is successful.

Branch_Office#sh ip sla stat

Round Trip Time (RTT) for Index 10
Latest RTT: NoConnection/Busy/Timeout
Latest operation start time: *06:18:52.050 UTC Fri Mar 1 2002
Latest operation return code: Timeout
Number of successes: 265
Number of failures: 39
Operation time to live: Forever

Round Trip Time (RTT) for Index 20
Latest RTT: 40 milliseconds
Latest operation start time: *06:18:43.430 UTC Fri Mar 1 2002
Latest operation return code: OK
Number of successes: 12
Number of failures: 0
Operation time to live: Forever

So there you have it, basic IP SLA configuration.
As always, constructive criticism is encouraged!

References:
IP SLA Track config example.
Object tracking for static route.