Cisco IP SLA Configuration

In this article we focus on the configuration of Cisco IP SLA in three flavours: ICMP-echo, ICMP Jitter and delay.

Configuration steps

The quick steps to configure IP SLA on a Cisco device are:
– create the IP SLA monitor
– configure it
– schedule it
Cisco IOS did not show me help when I type interrogation mark. Yet, commands are accepted.

IP SLA Track Delay

IP SLA delay is an option that facilitates the failover and fallback of links when you have multiple of them. A common complaint among network engineers is that a primary link flaps up and down, and with it flaps the secondary links too.

In order to avoid flapping back and forth between the primary and the secondary links, and assuming there is IP SLA configuration with tracking (see a sample configuration for IP SLA tracking applied to Policy-based Routing), you can tell the IOS to wait a certain delay before declaring an tracked object officially down or up.

Cisco IP SLA delay configuration

The delay command is a subcommand of the track command. It is not a subcommand of the IP SLA as you might have thought. The syntax is as follow:

track {TRACKED-OBJ} ip sla {IP-SLA-OP} reachabilitydelay up {UP-DLY} down {DOWN-DLY}

IP SLA Tracking with Delay: example

Topology

This simple topology is enough to understand the concept of delay in IP SLA tracking. The topology consists of two routers R2 and R4.

ip sla topology

R2 is configured with IP SLA operation number 1

cisco-ip-sla-track-delay-2

R2 IP SLA and tracking with delay configuration

ip sla 1icmp-echo 192.168.100.5 source-interface FastEthernet0/0frequency 10ip sla schedule 1 life forever start-time now ageout 3600!track 11 ip sla 1 reachabilitydelay down 20 up 10
R2(config)#do sh ip sla configIP SLAs Infrastructure Engine-IIIEntry number: 1Owner:Tag:Operation timeout (milliseconds): 5000Type of operation to perform: icmp-echoTarget address/Source interface: 192.168.100.5/FastEthernet0/0Type Of Service parameter: 0x0Request size (ARR data portion): 28Verify data: NoVrf Name:Schedule:Operation frequency (seconds): 10 (not considered if randomly scheduled)Next Scheduled Start Time: Start Time already passedGroup Scheduled : FALSERandomly Scheduled : FALSELife (seconds): ForeverEntry Ageout (seconds): 3600Recurring (Starting Everyday): FALSEStatus of entry (SNMP RowStatus): ActiveThreshold (milliseconds): 5000Distribution Statistics:Number of statistic hours kept: 2Number of statistic distribution buckets kept: 1Statistic distribution interval (milliseconds): 20Enhanced History:History Statistics:Number of history Lives kept: 0Number of history Buckets kept: 15History Filter Type: None

We make sure that the IP SLA operation works correctly

R2#sh ip sla statIPSLAs Latest Operation StatisticsIPSLA operation id: 1        Latest RTT: 51 millisecondsLatest operation start time: 13:19:42 UTC Mon Nov 13 2017Latest operation return code: OKNumber of successes: 9Number of failures: 1Operation time to live: ForeverR2#sh ip sla statIPSLAs Latest Operation StatisticsIPSLA operation id: 1        Latest RTT: 19 millisecondsLatest operation start time: 13:19:52 UTC Mon Nov 13 2017Latest operation return code: OKNumber of successes: 10Number of failures: 1Operation time to live: Forever

and the track object is correctly set up with the delay feature:

R2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Up    1 change, last change 00:01:52  Delay up 10 secs, down 20 secs  Latest operation return code: OK  Latest RTT (millisecs) 20

Testing IP SLA and tracking with delay

Now we test the delay feature. We shut down the R4 interface that is being monitored by IP SLA. And we observe the tracked object:

R4(config)#interf f0/0R4(config-if)#shut
R2#sh ip sla statistics 1IPSLAs Latest Operation StatisticsIPSLA operation id: 1        Latest RTT: 20 millisecondsLatest operation start time: 13:21:42 UTC Mon Nov 13 2017Latest operation return code: OKNumber of successes: 21Number of failures: 1Operation time to live: ForeverR2#sh ip sla statistics 1IPSLAs Latest Operation StatisticsIPSLA operation id: 1        Latest RTT: NoConnection/Busy/TimeoutLatest operation start time: 13:21:52 UTC Mon Nov 13 2017Latest operation return code: TimeoutNumber of successes: 21Number of failures: 2Operation time to live: Forever

The track object on R2 will remain in the up state. However, the delay counter for the down state fires up:

R2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Up, delayed Down (18 secs remaining)    3 changes, last change 00:00:36  Delay up 10 secs, down 20 secs  Latest operation return code: OK  Latest RTT (millisecs) 11R2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Up, delayed Down (14 secs remaining)    3 changes, last change 00:00:40  Delay up 10 secs, down 20 secs  Latest operation return code: OK  Latest RTT (millisecs) 11R2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Up, delayed Down (9 secs remaining)    3 changes, last change 00:00:45  Delay up 10 secs, down 20 secs  Latest operation return code: OK  Latest RTT (millisecs) 11R2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Up, delayed Down (5 secs remaining)    3 changes, last change 00:00:50  Delay up 10 secs, down 20 secs  Latest operation return code: OK  Latest RTT (millisecs) 11R2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Up, delayed Down (3 secs remaining)    3 changes, last change 00:00:51  Delay up 10 secs, down 20 secs  Latest operation return code: OK  Latest RTT (millisecs) 11R2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Up, delayed Down (2 secs remaining)    3 changes, last change 00:00:52  Delay up 10 secs, down 20 secs  Latest operation return code: OK  Latest RTT (millisecs) 11R2#*Nov 13 13:24:54.895: %OSPF-5-ADJCHG: Process 11, Nbr 192.168.100.5 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expiredR2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Down    4 changes, last change 00:00:01  Delay up 10 secs, down 20 secs  Latest operation return code: TimeoutR2#*Nov 13 13:24:58.347: %TRACK-6-STATE: 11 ip sla 1 reachability Up -> Down

It took 20 seconds for the Track object to be considered really down. And that is good, because in the real world the service provider link could flap for a couple of seconds and then stabilize itself again.

Let us see now the behaviour of the tracked object, when R4 interface reachability is restored.

R4(config)#interf f0/0R4(config-if)#no shut
R2#*Nov 13 13:25:50.903: %OSPF-5-ADJCHG: Process 11, Nbr 192.168.100.5 on FastEthernet0/0 from LOADING to FULL, Loading DoneR2#sh ip sla statistics 1IPSLAs Latest Operation StatisticsIPSLA operation id: 1        Latest RTT: 31 millisecondsLatest operation start time: 13:25:52 UTC Mon Nov 13 2017Latest operation return code: OKNumber of successes: 26Number of failures: 21Operation time to live: ForeverR2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Down, delayed Up (9 secs remaining)    4 changes, last change 00:00:55  Delay up 10 secs, down 20 secs  Latest operation return code: TimeoutR2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Down, delayed Up (7 secs remaining)    4 changes, last change 00:00:57  Delay up 10 secs, down 20 secs  Latest operation return code: TimeoutR2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Down, delayed Up (6 secs remaining)    4 changes, last change 00:00:58  Delay up 10 secs, down 20 secs  Latest operation return code: TimeoutR2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Down, delayed Up (5 secs remaining)    4 changes, last change 00:00:59  Delay up 10 secs, down 20 secs  Latest operation return code: TimeoutR2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Down, delayed Up (4 secs remaining)    4 changes, last change 00:01:00  Delay up 10 secs, down 20 secs  Latest operation return code: TimeoutR2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Down, delayed Up (3 secs remaining)    4 changes, last change 00:01:01  Delay up 10 secs, down 20 secs  Latest operation return code: TimeoutR2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Down, delayed Up (2 secs remaining)    4 changes, last change 00:01:02  Delay up 10 secs, down 20 secs  Latest operation return code: TimeoutR2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Down, delayed Up (1 sec remaining)    4 changes, last change 00:01:03  Delay up 10 secs, down 20 secs  Latest operation return code: TimeoutR2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Down, delayed Up (1 sec remaining)    4 changes, last change 00:01:04  Delay up 10 secs, down 20 secs  Latest operation return code: TimeoutR2#sh track 11Track 11  IP SLA 1 reachability  Reachability is Up    5 changes, last change 00:00:00  Delay up 10 secs, down 20 secs  Latest operation return code: OK  Latest RTT (millisecs) 7R2#R2#*Nov 13 13:26:03.359: %TRACK-6-STATE: 11 ip sla 1 reachability Down -> UpR2#

It took 10 seconds of delay before the tracked object state is considered officially UP.

IP SLA UDP-Echo

According to Cisco documentation, IP SLA Responder is optional for the IP SLA UDP Echo operation. However, I experienced a different situation in my EVE-NG home lab.

Topology

I am using the same topology as in the Cisco IP SLA track with Delay section.

Configuration

The basic configuration of Cisco IP SLA UDP-Echo is:

ip sla {SLA-OP-ID}

udp-echo {DST-IP} {DST-PORT} [source-ip ]

and its scheduling.

R2#sh ip sla config 1IP SLAs Infrastructure Engine-IIIEntry number: 1Owner:Tag:Operation timeout (milliseconds): 5000Type of operation to perform: udp-echoTarget address/Source address: 192.168.100.5/192.168.100.6Target port/Source port: 5000/0Type Of Service parameter: 0x0Request size (ARR data portion): 16Verify data: NoData pattern:Vrf Name:Control Packets: enabledSchedule:   Operation frequency (seconds): 60  (not considered if randomly scheduled)   Next Scheduled Start Time: Start Time already passed   Group Scheduled : FALSE   Randomly Scheduled : FALSE   Life (seconds): 3600   Entry Ageout (seconds): 3600   Recurring (Starting Everyday): FALSE   Status of entry (SNMP RowStatus): ActiveThreshold (milliseconds): 5000Distribution Statistics:   Number of statistic hours kept: 2   Number of statistic distribution buckets kept: 1   Statistic distribution interval (milliseconds): 20Enhanced History:History Statistics:   Number of history Lives kept: 0   Number of history Buckets kept: 15   History Filter Type: None

The result does not seem good at first.

R2#sh ip sla stat 1IPSLAs Latest Operation StatisticsIPSLA operation id: 1        Latest RTT: NoConnection/Busy/TimeoutLatest operation start time: 21:02:56 UTC Wed Nov 15 2017Latest operation return code: No connectionNumber of successes: 0Number of failures: 4Operation time to live: 3382 secR2#sh ip sla stat 1IPSLAs Latest Operation StatisticsIPSLA operation id: 1        Latest RTT: NoConnection/Busy/TimeoutLatest operation start time: 21:02:56 UTC Wed Nov 15 2017Latest operation return code: No connectionNumber of successes: 0Number of failures: 4Operation time to live: 3363 sec

In the debug messages the timeout error is clear.

R2#Nov 15 21:04:01.655: IPSLA-OPER_TRACE:OPER:1 TimeoutNov 15 21:04:01.655: IPSLA-OPER_TRACE:OPER:1 Ctrl msg: id=41, type=1, len=52, dest_ip=192.168.100.5, enablePort=5000, duration=5000Nov 15 21:04:01.659: IPSLA-OPER_TRACE:OPER:1 src_ip=192.168.100.6, src_port=0Nov 15 21:04:01.659: IPSLA-OPER_TRACE:OPER:1 table_id=0, topo_id=0 pktinfo_tableid = 0

And then I activated IP SLA Responder on the target Cisco device and it worked

R4(config)#ip sla responderR4(config)#
R2#sh ip sla stat 1IPSLAs Latest Operation StatisticsIPSLA operation id: 1        Latest RTT: NoConnection/Busy/TimeoutLatest operation start time: 21:03:56 UTC Wed Nov 15 2017Latest operation return code: No connectionNumber of successes: 0Number of failures: 5Operation time to live: 3295 secR2#sh ip sla stat 1IPSLAs Latest Operation StatisticsIPSLA operation id: 1        Latest RTT: 20 millisecondsLatest operation start time: 21:04:56 UTC Wed Nov 15 2017Latest operation return code: OKNumber of successes: 1Number of failures: 5Operation time to live: 3285 sec

IP SLA ICMP Jitter

The syntax of the ICMP Jitter operation is:

(config-ip-sla)#icmp-jitter {DST}

where DST is the destination host.

Let us use it to collect measurements between R2 and R4, of this topology.

R2(config)#ip sla 1R2(config-ip-sla)#icmp-jitter ?Hostname or A.B.C.D Destination IP address or hostname, broadcast disallowedR2(config-ip-sla)#icmp-jitter 192.168.100.5 ?interval Inter Packet Intervalnum-packets Number of Packets to be transmittedsource-ip Source Address<cr>R2(config-ip-sla)#icmp-jitter 192.168.100.5 source-ip 192.168.100.6R2(config-ip-sla-icmpjitter)#R2(config-ip-sla-icmpjitter)#?IP SLAs Icmp Jitter Configuration Commands:default Set a command to its defaultsexit Exit operation configurationfrequency Frequency of an operationhistory History and Distribution Datano Negate a command or set its defaultsowner Owner of Entrypercentile Set percentile statistics levelstag User defined tagthreshold Operation threshold in millisecondstimeout Timeout of an operationtos Type Of Servicevrf Configure IP SLAs for a VPN Routing/Forwarding instanceR2(config-ip-sla-icmpjitter)#frequency 5R2(config-ip-sla-icmpjitter)#

The results can be seen with show ip sla statistics 1

R2#sh ip sla statistics 1IPSLAs Latest Operation StatisticsIPSLA operation id: 1Type of operation: icmp-jitterLatest RTT: 17 millisecondsLatest operation start time: 13:54:02 UTC Tue Nov 14 2017Latest operation return code: OKRTT Values:Number Of RTT: 10 RTT Min/Avg/Max: 8/17/28 millisecondsLatency one-way time:Number of Latency one-way Samples: 0Source to Destination Latency one way Min/Avg/Max: 0/0/0 millisecondsDestination to Source Latency one way Min/Avg/Max: 0/0/0 millisecondsJitter Time:Number of SD Jitter Samples: 9Number of DS Jitter Samples: 9Source to Destination Jitter Min/Avg/Max: 0/9/17 milliseconds Destination to Source Jitter Min/Avg/Max: 0/12/19 millisecondsOver Threshold:Number Of RTT Over Threshold: 0 (0%)Packet Late Arrival: 0Out Of Sequence: 0Source to Destination: 0 Destination to Source 0In both Directions: 0Packet Skipped: 0 Packet Unprocessed: 0Packet Loss: 0Loss Periods Number: 0Loss Period Length Min/Max: 0/0Inter Loss Period Length Min/Max: 0/0Number of successes: 2Number of failures: 0Operation time to live: Forever

As I have colored the relevant information, Cisco IP SLA ICMP Jitter operation displays information about:
– number of RTTs
– RTT minimum, average and maximum values
– one-way delay from Source to Destination
– one-way delay from Destination to Source
– operation code

IP SLA Track For PBR

We learn in this section how to leverage Cisco IOS IP SLA tracking with PBR.

Cisco IP SLA track for PBR: a sample topology

I used Eve-NG to generate this network topology.

cisco-ip-sla-track-pbr-topology

Using PBR to change the path of the packet

The normal behaviour is: IP traffic from host A destined to loopback0 goes through DLS1 then Router.

cisco-ip-sla-pbr-topology-2

I configured policy-based routing PBR on DLS1 with this pseudo-algorithm:

if IP or UDP traffic sourced from Host-A destined to loopback0 comes on SVI 100 (which happens to be the default gateway of Host-A)

then force it to go to DLS2 first, then on to Router.

VPCS> trace 2.2.2.2trace to 2.2.2.2, 8 hops max, press Ctrl+C to stop 1   172.16.100.1   21.232 ms  15.710 ms  6.978 ms 2   11.11.11.10   20.314 ms  24.029 ms  18.548 ms !!! this is DLS2 3   *11.11.11.5   31.603 ms (ICMP type:3, code:3, Destination port unreachable)  *VPCS>

Policy-based Routing works great. However, when the DLS1-DLS2 link fails, we get a routing hole:

VPCS> trace 2.2.2.2trace to 2.2.2.2, 8 hops max, press Ctrl+C to stop 1   172.16.100.1   16.755 ms  18.482 ms  16.274 ms !!! traffic reaches DLS1 and then PBR sends it towards DLS2, which is down. 2     *  *  * 3     *  *  * 4     *  *  * 5     *  *  * 6     *  *  *^C 7VPCS>

One solution is to implement IP SLA with Object Tracking, alongside with Policy-based Routing.

Cisco IP SLA with object tracking

The solution suggested to the abovementioned challenge is to implement Object Tracking with IP SLA, then to invoke the Tracking Object within the PBR statement.

Configure an IP SLA operation

First configure the IP SLA operation on DLS1. In the real world, it can be either ICMP Echo or a UDP Echo IP SLA. Since I’m using Cisco virtual IOS in my home lab, then I know that IP SLA ICMP-Echo-based operations are not supported by my equipement. Therefore I used UDP Echo IP SLA operations instead.

ip sla 3 udp-echo 11.11.11.10 5000 source-ip 11.11.11.9 source-port 5001 frequency 10ip sla schedule 3 start-time after 00:01:00

Configure a Tracking object

Configure a Tracking Object and set it to track the IP SLA operation you configured above.

track 33 ip sla 3

I named it 33 because it reminds me of IP SLA operation number 3 :)

Cisco IP SLA Track for PBR

You would configure a route-map normally, with an access-list that defines the traffic to be matched and a set command. But instead of setting set ip next-hop {blabla}, use set ip next-hop verify-availability  command.

route-map RmapPBR permit 10 match ip address PBRacl1 continue 20 set ip next-hop verify-availability 11.11.11.10 1 track 33

This configuration line conditions the existence of the next hop 11.11.11.10 with the reachability of the IP SLA operation 3, tracked by the Tracking object 33. The 1 after 11.11.11.10 refers to the sequence number. In fact, we can configure many set ip next-hop verify-availability commands in a same Route-map.
cisco-ip-sla-track-pbr

When the IP SLA 3 gives a reachable host (here 11.11.11.10) then the next hop in the Route-map is 11.11.11.10.

VPCS> trace 2.2.2.2trace to 2.2.2.2, 8 hops max, press Ctrl+C to stop 1   172.16.100.1   15.724 ms  21.130 ms  14.142 ms 2   11.11.11.10   28.583 ms  21.695 ms  25.356 ms 3   *11.11.11.5   11.877 ms (ICMP type:3, code:3, Destination port unreachable)  *VPCS>VPCS>

If the IP SLA 3 gives an unreachable host, then the Tracking Object notifies Route-map with that. And the whole set ip next-hop command has no longer any effect: traffic is routed according to the regular routing table:

-------Sep 25 15:38:08.561: %TRACK-6-STATE: 33 ip sla 3 state Up -> Down------VPCS> trace 2.2.2.2trace to 2.2.2.2, 8 hops max, press Ctrl+C to stop 1   172.16.100.1   16.167 ms  44.836 ms  25.935 ms 2   *11.11.11.1   23.718 ms (ICMP type:3, code:3, Destination port unreachable)  *VPCS>

When reachability of the tracked object (the UDP-Echo-based IP SLA to DLS2 from DLS1) is established, the Tracking Object returns a positive status code to the route-map, and the set ip next-hop statement is valid again.

Sep 25 15:38:33.573: %TRACK-6-STATE: 33 ip sla 3 state Down -> Up

Now you can scroll the sections and copy the text below into your own home lab in order to be able to reproduce my network topology.

Host A config

ip 172.16.100.101/24 172.16.100.1
save Config

Host B config

ip 172.16.200.101/24 172.16.200.1
save Config

Router config

version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
clock timezone EET 2 0
no ipv6 cef
ipv6 multicast rpf use-bgp
!
ip cef
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Ethernet0/0
duplex auto
!
interface Ethernet0/1
description — to DLS1 —
no switchport
ip address 11.11.11.1 255.255.255.252
!
interface Ethernet0/2
description — to DLS2 —
no switchport
ip address 11.11.11.5 255.255.255.252
!
interface Ethernet0/3
duplex auto
!
!
router eigrp 2534
network 2.2.2.2 0.0.0.0
network 11.11.11.0 0.0.0.3
network 11.11.11.4 0.0.0.3
!
!
no ip http server
!
!
!
!
!
control-plane
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
end

ALS1 config

version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname ALS-1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
spanning-tree mst configuration
name CCNP
revision 1
instance 1 vlan 99-100
instance 2 vlan 110, 120
!
spanning-tree vlan 666 priority 36864
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel2
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
!
interface Port-channel3
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet0/0
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
switchport mode trunk
switchport nonegotiate
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
switchport mode trunk
switchport nonegotiate
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
switchport access vlan 100
switchport mode access
media-type rj45
negotiation auto
spanning-tree portfast edge
!
interface GigabitEthernet0/3
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
switchport mode trunk
switchport nonegotiate
shutdown
media-type rj45
negotiation auto
!
interface GigabitEthernet1/0
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
negotiation auto
channel-protocol lacp
channel-group 2 mode active
!
interface GigabitEthernet1/1
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
negotiation auto
channel-protocol lacp
channel-group 2 mode active
!
interface GigabitEthernet1/2
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
negotiation auto
channel-protocol lacp
channel-group 3 mode active
!
interface GigabitEthernet1/3
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
negotiation auto
channel-protocol lacp
channel-group 3 mode active
!
interface Vlan99
ip address 172.16.99.101 255.255.255.0
!
interface Group-Async1
physical-layer async
no ip address
encapsulation slip
!
ip default-gateway 172.16.99.1
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
ip sla responder
ip sla responder udp-echo ipaddress 172.16.99.1 port 5000
!
!
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login
!
ntp source Vlan99
ntp server 172.16.99.1
!
end

ALS2 config

version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname ALS-2
!
boot-start-marker
boot-end-marker
!
!
logging discriminator EXCESS severity drops 6 msg-body drops EXCESSCOLL
logging buffered 50000
logging console discriminator EXCESS
enable password ine
!
no aaa new-model
no process cpu autoprofile hog
clock timezone cet 1 0
!
!
!
!
!
vtp file vlan.dat
!
!
!
no ip domain-lookup
ip cef
ipv6 multicast rpf use-bgp
no ipv6 cef
!
!
!
spanning-tree mode mst
spanning-tree portfast edge default
spanning-tree extend system-id
!
spanning-tree mst configuration
name CCNP
revision 1
instance 1 vlan 99-100
instance 2 vlan 110, 120
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel2
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
!
interface Port-channel3
switchport access vlan 5
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet0/0
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
channel-protocol lacp
channel-group 2 mode active
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
channel-protocol lacp
channel-group 2 mode active
!
interface GigabitEthernet0/2
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
switchport mode trunk
switchport nonegotiate
media-type rj45
negotiation auto
channel-protocol pagp
spanning-tree mst 2 cost 10000
!
interface GigabitEthernet0/3
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
!
interface GigabitEthernet1/0
switchport access vlan 200
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
switchport mode access
switchport nonegotiate
media-type rj45
negotiation auto
!
interface GigabitEthernet1/1
switchport access vlan 2
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
switchport mode trunk
switchport nonegotiate
media-type rj45
negotiation auto
!
interface GigabitEthernet1/2
switchport access vlan 5
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
negotiation auto
channel-protocol lacp
channel-group 3 mode active
!
interface GigabitEthernet1/3
description — to router R4 —
switchport access vlan 4
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
channel-protocol lacp
channel-group 3 mode active
spanning-tree portfast edge
!
interface Vlan1
ip address 1.1.1.22 255.255.255.0
shutdown
!
interface Vlan4
ip address 4.4.4.22 255.255.255.0
shutdown
!
interface Vlan99
ip address 172.16.99.102 255.255.255.0
!
ip default-gateway 172.16.99.1
ip forward-protocol nd
!
ip http server
no ip http secure-server
!
!
!
ip sla responder
ip sla responder udp-echo ipaddress 172.16.99.1 port 5000
!
!
!
control-plane
!
line con 0
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
password ine
login
!
!
end

DLS1 config

version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname DLS-1
!
boot-start-marker
boot-end-marker
!
!
logging discriminator EXCESS severity drops 6 msg-body drops EXCESSCOLL
logging buffered 50000
logging console discriminator EXCESS
!
no aaa new-model
no process cpu autoprofile hog
clock timezone cet 1 0
!
!
!
!
!
vtp file vlan.dat
!
!
!
no ip domain-lookup
ip cef
ipv6 multicast rpf use-bgp
no ipv6 cef
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 99-100,200 priority 24576
!
vlan internal allocation policy ascending
!
track 33 ip sla 3
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
!
interface Port-channel2
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet0/0
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
!
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
channel-protocol lacp
channel-group 2 mode active
!
interface GigabitEthernet0/3
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
channel-protocol lacp
channel-group 2 mode active
!
interface GigabitEthernet1/0
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
no negotiation auto
channel-protocol lacp
channel-group 1 mode active
!
interface GigabitEthernet1/1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
no negotiation auto
channel-protocol lacp
channel-group 1 mode active
!
interface GigabitEthernet1/2
description — router —
no switchport
ip address 11.11.11.2 255.255.255.252
negotiation auto
!
interface GigabitEthernet1/3
shutdown
media-type rj45
negotiation auto
!
interface Vlan99
ip address 172.16.99.1 255.255.255.0
!
interface Vlan100
ip address 172.16.100.1 255.255.255.0
ip policy route-map RmapPBR
!
interface Vlan101
ip address 11.11.11.9 255.255.255.252
!
interface Vlan200
ip address 172.16.200.1 255.255.255.0
!
!
router eigrp 2534
network 11.11.11.0 0.0.0.3
network 11.11.11.8 0.0.0.3
network 172.16.100.0 0.0.0.255
!
ip forward-protocol nd
!
ip http server
no ip http secure-server
!
!
ip access-list extended PBRacl1
permit icmp host 172.16.100.101 host 2.2.2.2
permit udp host 172.16.100.101 host 2.2.2.2
permit ip host 172.16.100.101 host 2.2.2.2
!
ip sla 1
icmp-echo 172.16.100.101
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 172.16.200.101
ip sla schedule 2 life forever start-time now
ip sla 3
udp-echo 11.11.11.10 5000 source-ip 11.11.11.9 source-port 5001
frequency 10
ip sla schedule 3 start-time after 00:01:00
ip sla 4
udp-jitter 172.16.99.102 5000
ip sla schedule 4 life forever start-time now
ip sla 5
icmp-echo 11.11.11.10 source-ip 11.11.11.9
frequency 40
ip sla schedule 5 start-time after 00:30:00
!
route-map PmapPBR permit 10
match ip address PBRacl1
!
route-map RmapPBR permit 10
match ip address PBRacl1
continue 20
set ip next-hop verify-availability 11.11.11.10 1 track 33
!
!
!
control-plane
!
line con 0
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
login
!
ntp master 5
!
end

DLS2 config

version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname DLS-2
!
boot-start-marker
boot-end-marker
!
!
logging discriminator EXCESS severity drops 6 msg-body drops EXCESSCOLL
logging buffered 50000
logging console discriminator EXCESS
enable password ine
!
no aaa new-model
no process cpu autoprofile hog
clock timezone EET 2 0
!
!
!
!
!
vtp file vlan.dat
!
!
!
no ip domain-lookup
ip cef
ipv6 multicast rpf use-bgp
no ipv6 cef
!
!
!
spanning-tree mode rapid-pvst
spanning-tree portfast edge default
spanning-tree extend system-id
!
spanning-tree mst configuration
name CCNP
revision 1
instance 1 vlan 99-100
instance 2 vlan 110, 120
!
spanning-tree vlan 99-100,200 priority 28672
spanning-tree vlan 101 priority 24576
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
!
interface GigabitEthernet0/1
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
!
interface GigabitEthernet0/2
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
!
interface GigabitEthernet0/3
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
switchport mode trunk
switchport nonegotiate
media-type rj45
duplex full
no negotiation auto
!
interface GigabitEthernet1/0
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
switchport mode trunk
switchport nonegotiate
shutdown
media-type rj45
negotiation auto
!
interface GigabitEthernet1/1
switchport trunk allowed vlan 2-998,1000-4094
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
switchport mode trunk
switchport nonegotiate
shutdown
media-type rj45
negotiation auto
!
interface GigabitEthernet1/2
description — router —
no switchport
ip address 11.11.11.6 255.255.255.252
duplex full
no negotiation auto
spanning-tree portfast edge
!
interface GigabitEthernet1/3
switchport access vlan 4
switchport mode access
shutdown
media-type rj45
negotiation auto
!
interface Vlan1
ip address 1.1.1.33 255.255.255.0
!
interface Vlan99
ip address 172.16.99.2 255.255.255.0
!
interface Vlan101
ip address 11.11.11.10 255.255.255.252
!
!
router eigrp 2534
network 11.11.11.4 0.0.0.3
network 11.11.11.8 0.0.0.3
!
ip forward-protocol nd
!
ip http server
no ip http secure-server
!
!
!
ip sla responder
ip sla responder udp-echo ipaddress 11.11.11.9 port 5000
!
!
!
control-plane
!
line con 0
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
password ine
login
!
!
end

Comments

Post a Comment

Popular posts from this blog

The Thing With CUCM Device Packs

Image
To add a new phone on CUCM, whether it is a Cisco phone or one of the free softphones on the Internet, you go to Device –> phone. Sometimes the phone you want to add does not exist in the drop box, because the device model is new or the CUCM version is a bit old. What you can do here is to download a Device Pack of the new phone and install it. A Device Pack is a set of firmwares contained in a single file. Generally, it has the extension “sgn”. A Device Pack for phone X not only contains a load for it, but also loads for many other phone models. This is important to know because, once you install a Device Pack in CUCM, your existing phones by default will install the new version of their respective loads. I encountered a case where, after installing a Device Pack, some phones no longer worked. So I had to note down the “Active Load” and put it in the Device Defaults page. CUCM Device Pack download To download a Device Pack, you need to have a valid Cis...
Read more

En Bloc Dialing vs Digit-By-Digit Dialing

Image
Digit Signaling, aka Digit Addressing, is the method by which digits are sent from a dialing endpoint (e.g. phone) to a CUCM server, or by a voice gateway or trunk. There are three known digit signaling methods: En Bloc dialing SIP Dial Rules Digit-by-digit dialing 1. En Bloc digit dialing In the En Bloc digit signaling method, digits are sent as a whole block. Think of it like a brick that you send to UCM. This is the digit addressing method used on Type A Cisco phones, whether the endpoint signaling protocol is SIP or SCCP. En Bloc dialing is the default method used with the famous gateway protocols -MGCP, H323 and SIP- and also on H323 trunks and SIP trunks. Besides, the resulting pattern of a Translation Pattern operation is sent as En bloc to the call control system. 2. SIP Dial Rules It is important to know that all SIP phones support SIP dial rules, whether they are Type A or Type B. SIP dial rules are created on CUCM and downloaded by...
Read more

Call Forward And Call Hunt on CUCM

Image
Call forwarding is one of the features of the call coverage in Cisco CUCM. Call Hunting is when CUCM distributes a call on more than one Directory Number (DN), whether consecutively or simultaneously, depending on the algorithm. Hunt Pilot A Hunt Pilot is the entry point for the whole call hunting process. It is hit by a Call. The Hunt Pilot number is a dialable entity and has many similarities with Route Patterns : We can configure Route Filters with Hunt Pilots, Hunt Pilots can Provide Outside Dial Tone , We can set Hunt Pilots with the Urgent Priority flag, They can route or block calls, They can apply Calling and Called Party Transformations. Hunt Lists After hitting the Hunt Pilot, the call is presented by CUCM to the Hunt List. Each Hunt List contains one or more ordered Line Groups. A Hunt List can be pointed by one or more Hunt Pilots. Line Groups Each Line Group contains one or more member (we’ll refer to them as Hunt members, hunt parties or Line Group members). A Line Grou...
Read more