09-04-2010 12:09 AM
Hi,
I have configured the IP SLA i my network, now my requirement is I want interface to be down automatically when there is SLA failure, I am looking for the config for the same
Here is present config
config @ A localtion
-----------------
ip sla monitor 1
type echo protocol ipicmpecho 10.255.0.2
timeout 1000
frequency 3
threshold 2
ip sla monitor schedule 1 life forever start-time now
track 123 rtr 1 reachability
ip route 10.20.0.0 255.255.0.0 10.255.0.2 track 123
ip route 10.20.0.0 255.255.0.0 Tunnel0 10
Configuration @ B location
-----------------
ip sla monitor 1
type echo protocol ipicmpecho 10.255.0.1
timeout 1000
frequency 3
threshold 2
ip sla monitor schedule 1 life forever start-time now
track 123 rtr 1 reachability
ip route 10.10.0.0 255.255.0.0 10.255.0.1 track 123
ip route 10.10.0.0 255.255.0.0 Tunnel0 10
no ip route 10.20.0.0 255.255.0.0 10.255.0.2 track 123
no ip route 192.168.200.0 255.255.255.0 10.255.0.2
ip route 192.168.200.0 255.255.255.0 fa0/2 track 123
ip route 192.168.200.0 255.255.255.0 fa0/2
Regards
Kumar
Solved! Go to Solution.
09-06-2010 10:02 AM
You do not need to add delay unless you are seeing brief intermittent problems in the network, and you'd like to dampen the switch-overs. The EEM policy must be watching the tracked object, so 123 is correct in this case.
I really do not understand what you're saying for option 2. A physical interface does not have to go down for an IP SLA collector to timeout. However, the IP address that you are pinging must only be reachable over one of the interfaces.
Typically, for what you are doing a user will have a router with two outbound interfaces (e.g. two interfaces that connect to the internet). They ping an IP address in the cloud, but not one with which they typically need to communicate. When the collector times out, they fail over to the other interface. If you ping an address that is reachable across both interfaces, then the ping will always succeed, and you will see constant failovers when the IP is not reachable across the primary path.
The problem with the constant failovers is actually bug CSCtf11508. In 15.1(2)T and later (where this bug is fixed) specifying a source address for your IP SLA collector will mitigate this problem allowing you to specify any IP address to ping. For example:
type echo protocol icmpEcho 10.255.0.2 source-interface Gi0/0
09-05-2010 09:40 AM
You could use EEM to do this.
event manager applet shut-intf
event track state down
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "int fa0/2"
action 4.0 cli command "shut"
action 5.0 cli command "end"
event manager applet no-shut-intf
event track state up
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "int fa0/2"
action 4.0 cli command "no shut"
action 5.0 cli command "end"
09-05-2010 09:09 PM
Hi,
Thanks for your prompt response, eem config is fine but here is the my requirement....
Option1: Need to track the remote IP address for reachability. If the reachability is down then interface to be shut down, if rechabilty has restored then again interface to be up(no shut)
Option2: If reachability is down then remove the route and add the route again vice-versa..
Regards
Kumar
09-05-2010 09:32 PM
The EEM applets I posted will take care of Option 1 provided you specify the correct interface. The catch is that the IP address that you are pinging cannot be reachable when the secondary route is up. If that is the case, then you can either go with the floating static routes option or the EEM option.
09-05-2010 10:31 PM
Hi,
For option 1: Here is the final config..pls validate...
ip sla monitor 1
type echo protocol ipicmpecho 10.255.0.2
timeout 1000
frequency 3
threshold 2
ip sla monitor schedule 1 life forever start-time now
track 123 rtr 1 reachability
Do i need add delay ?
delay down 60 up 60 ---> Without this will my present config work?
event manager applet shut-intf
event track 123 state down --------------> I need to call IP SLA with number ryt ?
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "int fa0/2"
action 4.0 cli command "shut"
action 5.0 cli command "end"
event manager applet no-shut-intf
event track 123 state up
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "int fa0/2"
action 4.0 cli command "no shut"
action 5.0 cli command "end"
Option2: As per the connectivty below allways primary interface shows up as switch to router always shows up if the fibre link got failurealso.. due to this my router never switched over to floating route....
Location A -- Switch --- Fibre -- switch - LocationB
I appreciate your quick reply....
Regards
kumar....
09-06-2010 10:02 AM
You do not need to add delay unless you are seeing brief intermittent problems in the network, and you'd like to dampen the switch-overs. The EEM policy must be watching the tracked object, so 123 is correct in this case.
I really do not understand what you're saying for option 2. A physical interface does not have to go down for an IP SLA collector to timeout. However, the IP address that you are pinging must only be reachable over one of the interfaces.
Typically, for what you are doing a user will have a router with two outbound interfaces (e.g. two interfaces that connect to the internet). They ping an IP address in the cloud, but not one with which they typically need to communicate. When the collector times out, they fail over to the other interface. If you ping an address that is reachable across both interfaces, then the ping will always succeed, and you will see constant failovers when the IP is not reachable across the primary path.
The problem with the constant failovers is actually bug CSCtf11508. In 15.1(2)T and later (where this bug is fixed) specifying a source address for your IP SLA collector will mitigate this problem allowing you to specify any IP address to ping. For example:
type echo protocol icmpEcho 10.255.0.2 source-interface Gi0/0
09-08-2010 02:26 AM
hI,
I have tried to configure the same in switch, but i haven`t find EVENT TRACK command..any suggestions on IOS? Here is the present IOS details
Switch model: 3550
Version: 12.2(52) SE
SBDC-PROD-CORE1(config)#event manager applet test
SBDC-PROD-CORE1(config-applet)#even
SBDC-PROD-CORE1(config-applet)#event ?
application Application specific event
cli CLI event
counter Counter event
identity Identity event
interface Interface event
ioswdsysmon IOS WDSysMon event
ipsla IPSLA Event
mat MAC address table event
neighbor-discovery Neighbor Discovery event
none Manually run policy event
oir OIR event
routing Routing event
rpc Remote Procedure Call event
snmp SNMP event
snmp-notification SNMP Notification Event
snmp-object SNMP object event
syslog Syslog event
tag event tag identifier
timer Timer event
-----------------------------------------------------------------
SBDC-PROD-CORE1#sh event manager version
Embedded Event Manager Version 3.20
Component Versions:
eem: (v320_throttle)2.1.50
eem-gold: (v320_throttle)1.0.4
eem-call-home: (v320_throttle)1.0.4
Event Detectors:
Name Version Node Type
application 01.00 node0/0 RP
neighbor-discovery 01.00 node0/0 RP
identity 01.00 node0/0 RP
mat 01.00 node0/0 RP
syslog 01.00 node0/0 RP
routing 03.00 node0/0 RP
cli 01.00 node0/0 RP
counter 01.00 node0/0 RP
interface 01.00 node0/0 RP
ioswdsysmon 01.00 node0/0 RP
none 01.00 node0/0 RP
oir 01.00 node0/0 RP
snmp 01.00 node0/0 RP
snmp-object 01.00 node0/0 RP
ipsla 01.00 node0/0 RP
snmp-notification 01.00 node0/0 RP
timer 01.00 node0/0 RP
rpc 01.00 node0/0 RP
pls help me..
Regards
Kumar
09-11-2010 05:42 PM
The track ED is not available on Cat3Ks. You will need to use the syslog ED instead, and match on the TRACKING syslog messages.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide