IP SLA (Service-Level Agreement) is a great feature on Cisco IOS devices that can be used to “measure” network performance.
This can be something simple like a ping where we check the round-trip time or something more advanced like a VoIP RTP packet where we check the delay, jitter and calculate a MOS score that gives you an indication what the voice quality will be like.
Measuring network performance is pretty cool but what makes IP SLA even more powerful is that you can combine it with static routes, policy based routing and routing protocols like OSPF or EIGRP.
Let me give you an example why this is a great feature to use. Take a look at the image below:
Above we have a customer router connected to two ISPs. Somewhere on the Internet there’s a server we’d like to reach. In a scenario like this, typically we use two default routes with different ADs. Whenever ISP1 fails, we switch over to ISP2.
The problem with this setup is that it’s not very reliable. The default route will be in the routing table as long as the interface is up and/or the next hop is reachable. It’s possible that ISP1 is having connectivity issues and unable to reach that remote server but we still use them for all our traffic.
To prevent this from happening we can combine default routes with IP SLA. Here’s an example:
Our customer router is now using IP SLA to ping the remote server. As long as we get a reply, we will keep using ISP1 as our main route. When the ping fails, we switch over to ISP2. This method is far more reliable as we check end-to-end connectivity.
Here’s another example where IP SLA might be useful:
Above we have two ISPs that we can use to reach a remote branch router. Instead of a simple ping, we can send RTP packets and check these for a certain delay, jitter and calculate a MOS score. When we get below a certain threshold we will switch from ISP1 to ISP2.
Each measurement that we do with IP SLA is called an operation. For each operation we have to configure the type of traffic, source IP, destination IP, port numbers, etc. We can then configure when to run the operation…24/7, 9-to-5, etc.
When you use IP SLA for a simple ping then you only have to configure your local router. However when you want to use it for some more advanced things like sending RTP packets then you have to configure the remote router to respond to your IP SLA traffic.
Besides pings and RTP, there are a lot of different operations we can use:
Now you have an idea what IP SLA is about, let’s take a look how we can configure an operation.
I will show you two examples so you will learn how to configure IP SLA operations. We’ll try an example with pings and an example with UDP jitter.
We will use the following topology:
All I need is two routers, R1 will send ICMP echo requests and R2 will reply to them. Here’s how to configure IP SLA:
R1(config)#ip sla 1 R1(config-ip-sla)#? IP SLAs entry configuration commands: dhcp DHCP Operation dns DNS Query Operation ethernet Ethernet Operations exit Exit Operation Configuration ftp FTP Operation http HTTP Operation icmp-echo ICMP Echo Operation icmp-jitter ICMP Jitter Operation mpls MPLS Operation path-echo Path Discovered ICMP Echo Operation path-jitter Path Discovered ICMP Jitter Operation tcp-connect TCP Connect Operation udp-echo UDP Echo Operation udp-jitter UDP Jitter Operation voip Voice Over IP OperationFirst we have to choose an operation number, let’s pick number 1. You can see that there are a lot of different operations we can choose from. Let’s start with the icmp echo:
R1(config-ip-sla)#icmp-echo 192.168.12.2 R1(config-ip-sla-echo)#? IP SLAs Icmp Echo Configuration Commands: default Set a command to its defaults exit Exit operation configuration frequency Frequency of an operation history History and Distribution Data no Negate a command or set its defaults owner Owner of Entry request-data-size Request data size tag User defined tag threshold Operation threshold in milliseconds timeout Timeout of an operation tos Type Of Service verify-data Verify data vrf Configure IP SLAs for a VPN Routing/Forwarding instanceLet’s send ICMP echos to 192.168.12.2. There are a lot of optional parameters you can configure for an operation, for example let’s change the frequency:
R1(config-ip-sla-echo)#frequency 10We’ll send an ICMP echo every 10 seconds. The only thing left to do is to start our IP SLA operation. This is how you do it:
R1(config)#ip sla schedule 1 ? ageout How long to keep this Entry when inactive life Length of time to execute in seconds recurring Probe to be scheduled automatically every day start-time When to start this entry
You have to use the ip sla schedule command to start your operation. You can schedule it but we will start our operation right now and let it run forever:
R1(config)#ip sla schedule 1 start-time ? after Start after a certain amount of time from now hh:mm Start time (hh:mm) hh:mm:ss Start time (hh:mm:ss) now Start now pending Start pendingR1(config)#ip sla schedule 1 start-time now ? ageout How long to keep this Entry when inactive life Length of time to execute in seconds recurring Probe to be scheduled automatically every dayR1(config)#ip sla schedule 1 start-time now life ? Life seconds (default 3600) forever continue running foreverR1(config)#ip sla schedule 1 start-time now life foreverIt should now be up and running. You can check your IP SLA configuration like this:
