cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
640
Views
5
Helpful
3
Replies

Help with IP SLA to track default gateway

poulid
Level 1
Level 1

I know this has been asked over and over again, but I'm still having some issues with it. We're trying to track a host on the Internet (8.8.8.8) in order to detect a problem with the provider, and when it fails we move the default route to a different gateway. We really weren't sure what we could monitor on the Internet that was guaranteed to be up all the time, so we picked a Google DNS server.

We've had some flapping problems, where after one ping was missed the default gateway failed over. This causes serious problems with a very sensitve realtime trading application some of our important clients are using, so I add a command that I thought would fix it. Have a look at my config;

track 1 ip sla 1 reachability

ip sla 1

icmp-echo 8.8.8.8

timeout 10000

frequency 20

ip sla schedule 1 life forever start-time now

ip sla reaction-configuration 1 react timeout threshold-type consecutive 2

ip sla enable reaction-alerts

The command I added that I thought would fix my problem was ;

ip sla reaction-configuration 1 react timeout threshold-type consecutive 2

I've read the I should use the delay command, which would allow it to try more times before it fails the SLA, but is this not the same thing the command I already tried should do? Also, is there something more reliable someone can recommend that I ping?

3 Replies 3

Keith McElroy
Level 1
Level 1

I personally use the delay command and it works like a charm. Obviously the only issue with that is the time delay is 1 second at minimum, but that is within reason for a backup route I would say.

Thanks Keith. Could you, or somebody else tell me if the current configuration I have is should behave as I think it should? Here is how I assume its working;

- Ping 8.8.8.8 every 20 seconds (frequency 20)

- Timeout after two consecutive 10 second timeouts (timeout 10000), (react timeout threshold-type consecutive 2)

So 8.8.8.8 would need to be unavailable for 20 consecutive seconds in order for the SLA to timeout?

It won't work like you think it will. It is a bit counterintutive at first, but realize that with the SLA, all you are doing is reporting statistics, so the delay can't actually be added there. All that will actually happen is each IMCP message will just wait 10 seconds for a response from the initial message. If the other side still drops the packet for whatever reason, it will just take longer to report it to the other process.

Easy way to think about what you are doing is IP SLA is just a statistic collector, you need something to read and interpret those statistics, in this case, the track process. Under the track process, you can set the delay before it goes up and down. The command is just delay seconds under the track process configuration. You can just set it to 1 second at first, if it is still touchy, move it up a bit. Should still be within reason for a failover since it will break current sessions anyway when you move over.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco