Solved

IP SLA configuration

Posted on 2009-05-13
3
4,220 Views
Last Modified: 2012-08-13
We have multiple cisco routers and most of them have dual WAN connections thru different ISPs. So, we use IP SLA monitor with tracking object s to monitor each ISP availability/reliability and switch routing accordingly ( by IOS). So far, it has been working ok. However, recently, we had some ISP high latency and the connection to one ISP will be so slow but the IOS keep seeing it as UP, thus sending traffic thru it. So, I tried to change around the threshold numbers around with no luck. Is there any configuration/commands or tricks that can do the job here? I don't want the users to be the one to detect the Internet slowness and have me manually shut down an interface or change the static routes metrics. here is a sample of my config:

interface FastEthernet0/0 --->LAN
 ip address 192.168.1.1 255.255.255.0
 ip nat inside

interface FastEthernet0/1 ---> ISP1
 ip address 10.10.11.1 255.255.255.0
 ip nat outside
 

interface Serial0/0/0 ---> ISP2
 ip address 10.10.10.1 255.255.255.0
 ip nat outside

ip sla monitor 1
 type echo protocol ipIcmpEcho 68.94.156.1 source-interface s0/0/0
 frequency 60
 threshold 500
 timeout 1000
ip sla monitor schedule 1 life forever start-time now
ip sla monitor 2
 type echo protocol ipIcmpEcho 209.234.129.5 source-interface Fa0/1
 frequency 60
 threshold 500
 timeout 1000
ip sla monitor schedule 2 life forever start-time now

track 1 rtr 1 reachability
 delay down 15 up 60

track 2 rtr 2 reachability
 delay down 15 up 60

ip route 68.94.156.1 255.255.255.255 12.91.83.81 permanent
ip route 209.234.129.6 255.255.255.255 192.168.0.1 permanent

ip route 0.0.0.0 0.0.0.0 ISP2_Gtwy track 1
ip route 0.0.0.0 0.0.0.0 ISP1_Gtwy track 2

route-map ISP1 permit 30
 match ip address 100
 match interface FastEthernet0/1


route-map ISP2 permit 30
 match ip address 100
 match interface se0/0/0

ip nat inside source route-map ISP1 interface FastEthernet0/1 overload
ip nat inside source route-map ISP2 interface se0/0/0 overload

access-l ext 100 permit ip 192.168.1.0 0.0.0.255 any

0
Comment
Question by:SamBizimungu
  • 2
3 Comments
 
LVL 28

Expert Comment

by:asavener
ID: 24379544
I think you need to lower the timeout value.  One thousand milliseconds is one second.  I'd suggest trying a timeout value of 250 or so.
0
 

Author Comment

by:SamBizimungu
ID: 24380175
Thanks asavener. I will try that. However, I need to know how I can set the IP SLA  operation such it will remove a route if the RTT value is higher than the threshold.
0
 
LVL 28

Accepted Solution

by:
asavener earned 500 total points
ID: 24380496
That's my point with the timeout.  Set the timeout at the point where latency is too large, and the tracking object will report as down, because the ping will time out.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now