Yesterday, I was visiting the Juniper Fast Track page to find out what happened to the voucher I got when I passed the pre-assessment exam. I found out that Juniper is making the exam free and you can use the previous voucher you had to avail the free exam.
This may be inappropriate to post in this blog which is all about Cisco, but I think this will be a good certification to get. Besides, JNCIA-ER and JNCIS-ER are the certifications I targetted to achieve this year. These certifications will not only make your list of cerfications longer :), but also boost your morale for aimed certifications like the CCIE. This will give a networking individual a higher market value than those who only has Cisco certs. I am not pro Juniper or something. I consider Scott Morris my example for multi vendor certified experts and I think he has a wider market than those CCIE's who only have Cisco certifications. It's like having a coat of many colors! My opinion though, but my proof is there are a lot of companies out there looking for Juniper Certified individuals. You can check the job sites if you want to see for yourself.
As for me, I have booked my free JNCIA-ER exam by October and will be booking my JNCIS-ER by December. I am looking forward to passing these exams but I still don't neglect my aim for the CCDA/CCDP this year and ultimately the CCIE next year. Don't miss this chance to get a good and acknowledged certification for free! This will only be available throughout the rest of 2009. You have nothing to lose! :) Check the link below for more details.
https://learningportal.juniper.net/juniper/user_fasttrack_home.aspx
Technical Posts
- BGP AS-Path Prepending
- BGP Attrib Categories
- BGP Best Path Selection
- BGP Confederation
- BGP eBGP Multihop
- BGP Local Preference
- BGP Local-AS
- BGP Maximum-Prefix
- BGP MED
- BGP Regular Expressions
- BGP Remove-Private-AS
- BGP Synchronization
- BGP Weight Attribute
- Broadcast/Network Ping
- Cisco Router as a DNS server
- Command Multiple Filtering
- Comparing Config Differences
- Dynamips as Internet Router
- Firewall Security-Level
- Fun with TCL
- HSRP Route Tracking
- HSRP with IP SLA
- IGMP Version 1
- IGMP Version 2
- IPSEC VPN Configuration
- MPLS Basics
- MPLS VPN VRF Source Selection
- Multicast MiniLab Prep
- NAT Stateful Failover
- Network Statement Shortcut
- Qos: Classification/Marking
- TCL Ping Script
- Using Aliases
- Using Parser View
- VRF and VRF-lite
- VRF Basics
- VRF Route Target
Categories
- BGP (17)
- CCDA (1)
- CCIE (4)
- CCIP (15)
- CCNP (4)
- CCSP (2)
- Certifications (5)
- Cheat Sheet (1)
- CLI (7)
- Core Topic (1)
- Dynamips (1)
- Firewall (1)
- How To (1)
- HSRP (2)
- ICMP (1)
- IGMP (2)
- IOS (3)
- IPSEC (1)
- Juniper (2)
- Lab Challenge (2)
- Management (9)
- Misc (1)
- MPLS (5)
- Multicast (4)
- My Thoughts (21)
- NAT (2)
- Notes (1)
- OSPF (1)
- PIX/ASA (1)
- PPPoE (1)
- QoS (1)
- Question of the Day (20)
- Routing (20)
- Security (1)
- Study Tips (2)
- TCL (3)
- Troubleshooting (1)
- Video Blog (1)
- VPN (2)
- VRF (4)
- WAN (3)
- Written (1)
Recent Posts
Study References
Juniper Fast Track 100% Discount on Exams
Friday, September 25, 2009 | Filed Under Certifications, Misc, My Thoughts | 0 Comments
Anyone Reading?
I have been pretty busy this month. Not only I was sidetracked from my studies but also I tend to relax this month because, I just turned a year older. My counter shows people have been reading this blog but I am not sure if these are just one time visitor or there are people actually reading and learning something from this. Like I said first and foremost, I created this blog for my own personal reference and for others also who likes to learn from blogs.
If there are people out there who are following my entries, please comment and let me know how much more I can improve this blog for the benefit of us all. I know this blog can't even compare to other blogs but your comments can really help improve. If you have topics you want to be covered let me know cause, my way is I am covering mini focused labs per topic and per protocol.
If there are people out there who are following my entries, please comment and let me know how much more I can improve this blog for the benefit of us all. I know this blog can't even compare to other blogs but your comments can really help improve. If you have topics you want to be covered let me know cause, my way is I am covering mini focused labs per topic and per protocol.
Thursday, September 24, 2009 | Filed Under My Thoughts | 6 Comments
BGP Local Preference
Local Preference is one of the ways to alter the path taken by one AS to reach another AS. The difference between Local Preference and Weight is that Weight is just locally signifant in the router while Local Preference is what I call "Local AS significant". What I mean by that is that Local Preference is being propagated Intra AS but not outside the AS.
In this lab, local preference will be configured and will be using route map for more flexibility. Check the diagram below for details.
Here are the initial BGP configurations on the routers.
Let's see what is the best path taken by R1 to reach the networks advertised by R4.
It's clear that it prefers to take R2 to reach the networks in R4. Let's configure R3 so that all routes received by R3 will have a Local preference of 300
Immediately, even without clearing the BGP process, R3 now became the more preferred path to reach R4. Remember that in Local Preference, the higher the value, the more preferred.
Let's configure in R2 a route-map so the network 144.144.144.144/32 will have a local preference of 500. This will make R2 the best path to reach the mentioned network.
Firstly, why is that the route-map has an "in" direction. It's because we are receiving the route from another router, R2 is not the one advertising. You can see now that path to 144.144.144.144/32 will have R2 as the next hop. If you noticed also, why is that for 4.4.4.4/32 and 44.44.44.44/32, there is no other path except through 13.13.13.3. Check the route-map above and you'll find the answer. There is no succedding line after line 10, which means, it will block out the subnets and not advertised it to R1.
Let's configure the 20th sequence of the route-map.
Let's see now if there are changes.
That's it for local preference. Hopefully I can finish the BGP topics soon. :)
Local preference is to influence your own AS how to get or exit to another AS.
MED is to influence other AS how to enter your AS.
The higher the local preference, the more preferred.
In this lab, local preference will be configured and will be using route map for more flexibility. Check the diagram below for details.
R1, R2 and R3 belongs to AS 123. R4 is in AS4 and is advertising 4.4.4.4/32, 44.44.44.44/32 and 144.144.144.144/32
subnets.We need to set all routes learned from R3 to have local preference value of 300. After which, configure a
route-map that will assign a local preference of 500 in R2 for the network 144.144.144.144/32.
Here are the initial BGP configurations on the routers.
R1#
!
router bgp 123
no synchronization
bgp log-neighbor-changes
neighbor 12.12.12.2 remote-as 123
neighbor 13.13.13.3 remote-as 123
no auto-summary
R2#
!
router bgp 123
no synchronization
bgp log-neighbor-changes
neighbor 12.12.12.1 remote-as 123
neighbor 12.12.12.1 next-hop-self
neighbor 24.24.24.4 remote-as 4
no auto-summary
R3#
!
router bgp 123
no synchronization
bgp log-neighbor-changes
neighbor 13.13.13.1 remote-as 123
neighbor 13.13.13.1 next-hop-self
neighbor 34.34.34.4 remote-as 4
no auto-summary
R4#
!
router bgp 4
no synchronization
bgp log-neighbor-changes
network 4.4.4.4 mask 255.255.255.255
network 44.44.44.44 mask 255.255.255.255
network 144.144.144.144 mask 255.255.255.255
neighbor 24.24.24.2 remote-as 123
neighbor 34.34.34.3 remote-as 123
no auto-summary
Let's see what is the best path taken by R1 to reach the networks advertised by R4.
R1#sh ip bgp
BGP table version is 10, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i4.4.4.4/32 12.12.12.2 0 100 0 4 i
* i 13.13.13.3 0 100 0 4 i
*>i44.44.44.44/32 12.12.12.2 0 100 0 4 i
* i 13.13.13.3 0 100 0 4 i
*>i144.144.144.144/32
12.12.12.2 0 100 0 4 i
* i 13.13.13.3 0 100 0 4 i
R1#sh ip route | beg Gateway
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
4.0.0.0/32 is subnetted, 1 subnets
B 4.4.4.4 [200/0] via 12.12.12.2, 00:04:00
144.144.0.0/32 is subnetted, 1 subnets
B 144.144.144.144 [200/0] via 12.12.12.2, 00:04:00
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, Serial1/2
13.0.0.0/24 is subnetted, 1 subnets
C 13.13.13.0 is directly connected, Serial1/3
44.0.0.0/32 is subnetted, 1 subnets
B 44.44.44.44 [200/0] via 12.12.12.2, 00:04:00
It's clear that it prefers to take R2 to reach the networks in R4. Let's configure R3 so that all routes received by R3 will have a Local preference of 300
R3#config t
R3(config)#router bgp 123
R3(config-router)#bgp default local-preference 300
R1#sh ip bgp
BGP table version is 13, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i4.4.4.4/32 12.12.12.2 0 100 0 4 i
*>i 13.13.13.3 0 300 0 4 i
* i44.44.44.44/32 12.12.12.2 0 100 0 4 i
*>i 13.13.13.3 0 300 0 4 i
* i144.144.144.144/32
12.12.12.2 0 100 0 4 i
*>i 13.13.13.3 0 300 0 4 i
Immediately, even without clearing the BGP process, R3 now became the more preferred path to reach R4. Remember that in Local Preference, the higher the value, the more preferred.
Let's configure in R2 a route-map so the network 144.144.144.144/32 will have a local preference of 500. This will make R2 the best path to reach the mentioned network.
R2(config)#access-list 1 permit host 144.144.144.144
R2(config)#route-map LOCALPREF500 permit 10
R2(config-route-map)#match ip address 1
R2(config-route-map)#set local-preference 500
R2#(config)# router bgp 123
R2(config-router)#neighbor 24.24.24.4 route-map LOCALPREF500 in
R2# clear ip bgp *
R1#sh ip bgp
BGP table version is 14, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i4.4.4.4/32 13.13.13.3 0 300 0 4 i
*>i44.44.44.44/32 13.13.13.3 0 300 0 4 i
*>i144.144.144.144/32
12.12.12.2 0 500 0 4 i
* i 13.13.13.3 0 300 0 4 i
Firstly, why is that the route-map has an "in" direction. It's because we are receiving the route from another router, R2 is not the one advertising. You can see now that path to 144.144.144.144/32 will have R2 as the next hop. If you noticed also, why is that for 4.4.4.4/32 and 44.44.44.44/32, there is no other path except through 13.13.13.3. Check the route-map above and you'll find the answer. There is no succedding line after line 10, which means, it will block out the subnets and not advertised it to R1.
Let's configure the 20th sequence of the route-map.
R2(config)#route-map LOCALPREF500 permit 20
Let's see now if there are changes.
R1#sh ip bgp
BGP table version is 16, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i4.4.4.4/32 12.12.12.2 0 100 0 4 i
*>i 13.13.13.3 0 300 0 4 i
* i44.44.44.44/32 12.12.12.2 0 100 0 4 i
*>i 13.13.13.3 0 300 0 4 i
*>i144.144.144.144/32
12.12.12.2 0 500 0 4 i
* i 13.13.13.3 0 300 0 4 i
That's it for local preference. Hopefully I can finish the BGP topics soon. :)
Wednesday, September 23, 2009 | Filed Under BGP, CCIP, CCNP, Routing | 11 Comments
HSRP Route Tracking
I have been accustomed to tracking the WAN interface to determine the HSRP priority. However, there are more ways to use tracking in HSRP and one of those is to track a certain prefix in the routing table. This works by checking a specific route configured in "track" if it is still in the routing table. If not, it will decrease the priority according the configured decrement.
The pre-configuration of the routers is found below.
Let's configure tracking and apply it on the HSRP group of 1.
Ok, lets see how a "show track" output looks like.
Notice that tracking knows what routing protocol the route is learned from. It also shows how long its up, which interface and what HSRP group is using. Pretty neat huh? :) Let's remove the announcement of 3.3.3.3/32 in R3 to simulate lost of entry in the routing table.
Let's see how R1 reacts to that.
Ok, as we can see, once OSPF detected that the network isn't anymore reachable, HSRP reacted as well by decrementing the priority by 11 as per configured. The priority is now 89, 11 less than the default HSRP priority of 100. "show track" also indicated that there is no more route going to 3.3.3.3. I would just like to point out here that if the command "standby 1 preempt" was not configured in R2, it would not assume the Active state and R1 will still remain the Active HSRP router. Preempt feature will make HSRP renegotiate.
Let's advertise again the route and see the changes.
As expected R1 will reassume the HSRP Active state because the route is now found in the routing table. :)
R1 and R2 are in one site. R1 is the Active HSRP route while R2 is the standby. R1 and R2 shouldThis is not the best way to track this scenario but just for example sake. Excuse the IP addressing scheme as well because I find it easier to know which ip is from which router just by number in the last octet. (e.g. .1 is in R1, .2 is in R2 and .3 is in R3)
not be OSPF neighbors. Traffic should go to R2 once a route to 3.3.3.3/32 is lost in R1.
The pre-configuration of the routers is found below.
R1#
interface FastEthernet0/0
ip address 10.10.20.1 255.255.255.0
duplex half
standby 1 ip 10.10.20.10
standby 1 preempt
!
interface Serial1/0
ip address 10.10.13.1 255.255.255.0
serial restart-delay 0
no fair-queue
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
passive-interface FastEthernet0/0
network 10.10.13.0 0.0.0.255 area 0
network 10.10.20.0 0.0.0.255 area 0
R2#
interface FastEthernet0/0
ip address 10.10.20.2 255.255.255.0
duplex half
standby 1 ip 10.10.20.10
standby 1 priority 91
standby 1 preempt
!
interface Serial1/0
ip address 10.10.23.2 255.255.255.0
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
passive-interface FastEthernet0/0
network 10.10.20.0 0.0.0.255 area 0
network 10.10.23.0 0.0.0.255 area 0
R3#
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface Serial1/0
ip address 10.10.13.3 255.255.255.0
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
ip address 10.10.23.3 255.255.255.0
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 10.10.13.0 0.0.0.255 area 0
network 10.10.23.0 0.0.0.255 area 0
Let's configure tracking and apply it on the HSRP group of 1.
R1(config)#track 1 ip route 3.3.3.3 255.255.255.255 reachability
R1(config-track)#int fa0/0
R1(config-if)#standby 1 track 1 decrement 11
Ok, lets see how a "show track" output looks like.
R1#sh track 1
Track 1
IP route 3.3.3.3 255.255.255.255 reachability
Reachability is Up (OSPF)
1 change, last change 00:01:22
First-hop interface is Serial1/0
Tracked by:
HSRP FastEthernet0/0 1
Notice that tracking knows what routing protocol the route is learned from. It also shows how long its up, which interface and what HSRP group is using. Pretty neat huh? :) Let's remove the announcement of 3.3.3.3/32 in R3 to simulate lost of entry in the routing table.
R3(config-router)#no network 3.3.3.3 0.0.0.0 area 0
Let's see how R1 reacts to that.
R1#
*Sep 4 16:57:37.679: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial1/0 from FULL to DOWN, Neighbor Down: Dead timer expired
*Sep 4 16:57:53.679: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Active -> Speak
*Sep 4 16:58:03.675: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Speak -> Standby
*Sep 4 16:58:08.747: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial1/0 from LOADING to FULL, Loading Done
*Sep 4 16:58:23.691: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Standby -> Active
*Sep 4 16:58:38.831: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Active -> Speak
*Sep 4 16:58:48.831: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 1 state Speak -> Standby
R1#sh standby br
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Fa0/0 1 89 P Standby 10.10.20.2 local 10.10.20.10
R1#sh track 1
Track 1
IP route 3.3.3.3 255.255.255.255 reachability
Reachability is Down (no route)
4 changes, last change 00:00:56
First-hop interface is unknown
Tracked by:
HSRP FastEthernet0/0 1
Ok, as we can see, once OSPF detected that the network isn't anymore reachable, HSRP reacted as well by decrementing the priority by 11 as per configured. The priority is now 89, 11 less than the default HSRP priority of 100. "show track" also indicated that there is no more route going to 3.3.3.3. I would just like to point out here that if the command "standby 1 preempt" was not configured in R2, it would not assume the Active state and R1 will still remain the Active HSRP router. Preempt feature will make HSRP renegotiate.
Let's advertise again the route and see the changes.
R3(config)#router ospf 1
R3(config-router)#network 3.3.3.3 0.0.0.0 area 0
R1#sh standby br
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Fa0/0 1 100 P Active local 10.10.20.2 10.10.20.10
As expected R1 will reassume the HSRP Active state because the route is now found in the routing table. :)
Friday, September 04, 2009 | Filed Under CLI, HSRP, Management, Routing | 0 Comments
IP SLA with HSRP
My friend recently had an implementation involving an EoSDH connection from one site to another involving 2 routers. LAN side of Site 1 requires HSRP to be running and it needs to track the EoSDH connection so the Active HSRP will shift to R2 incase of primary link failure. The problem is most EoSDH connection like his implementation has no way of detecting Layer 1 and Layer 2 failures upstream because there are switches installed in the customer premise and even within the ISP EoSDH connection. Houston we have a problem! :)
As a solution he can have a transit connection between R1 and R2 and run OSPF but configure the routes received from R2 to have a higher admin distance than the OSPF which has 110. He could also use IP SLA feature to detect failures and track it in the HSRP group so that any breaches on the configured IP SLA will make HSRP decrement priority. The diagram is shown below similar to most setups.
The challenge here is how to track the EoSDH link which is like a FastEthernet/ GigabitEthernet network run across the
WAN. Tracking the interface of R1 or R2 connected to the switch won't do any good in HSRP because, even if there is
an upstream failure, that connection will still remain up. HSRP only decrements priority once it detects the router's interface
down. The solution to this problem is to configure IP SLA.
Before we proceed the routers' initial configs are shown below.
Now, lets configure and SLA that constantly pings the Loopback address of R3 from R1. We will set the frequency of 10 , timeout and threshold of 2000.
The frequency means it will do a ping in every 10 seconds to check if the configured netework is still reachable. The timeout and threshold values will determine if there is a "breach" in the configured SLA. Now let's start the SLA now and let it continue "forever" as long as the router is alive. You can also set other parameters like what time of the day this will start and what time it will end.
Let's do a "debug ip icmp" and see if it is really doing its job now.
Ok, its clear its receiving replies every 10 seconds. We are not done yet, we have to configure this to be tracked by HSRP.
The command "track 1 rtr 1" means that the IP SLA 1 is marked as tracked number 1. It doesn't matter what track number you use. Now, the HSRP config means that if the SLA is "breached" decrement by 11. First let's see the statistics of the configured IP SLA.
I will shut down the connection from R1 to R3. The threshold and timeout are set to 2000 but if there isn't a reply its also a breach. Let's check what happens to the HSRP.
When the router is able to ping again the loopback of R3. The HSRP state will become active again.
As a solution he can have a transit connection between R1 and R2 and run OSPF but configure the routes received from R2 to have a higher admin distance than the OSPF which has 110. He could also use IP SLA feature to detect failures and track it in the HSRP group so that any breaches on the configured IP SLA will make HSRP decrement priority. The diagram is shown below similar to most setups.
Cisco IOS IP SLAs is a feature included in the Cisco IOS Software that can allow administrators the ability to
Analyze IP Service Levels for IP applications and services.IP SLA's uses active traffic-monitoring technology to
monitor continuous traffic on the network. This is a reliable method in measuring over head network performance.
Cisco Routers provide IP SLA Responders that give accuracy of measured data across a network.
-Wikipedia-
In our diagram, the requirement is to run HSRP on the LAN and connect the primary router R1
and backup router, R2 to Site 2 which has R3. Connections to R1 -R3 and R2 - R3 should be in
different subnets. Imagine the network after SW1 towards R3 will be on the ISP side and could
have several switches towards R3. R1 is the Active HSRP router and R2 is the Standby.
The challenge here is how to track the EoSDH link which is like a FastEthernet/ GigabitEthernet network run across the
WAN. Tracking the interface of R1 or R2 connected to the switch won't do any good in HSRP because, even if there is
an upstream failure, that connection will still remain up. HSRP only decrements priority once it detects the router's interface
down. The solution to this problem is to configure IP SLA.
Before we proceed the routers' initial configs are shown below.
R1#
interface FastEthernet0/0
ip address 10.10.20.1 255.255.255.0
duplex full
!
interface FastEthernet1/0
ip address 192.168.100.10 255.255.255.0
duplex full
speed auto
standby 12 ip 192.168.100.1
standby 12 preempt
!
router ospf 1
log-adjacency-changes
passive-interface FastEthernet1/0
network 10.10.20.0 0.0.0.255 area 0
network 192.168.100.0 0.0.0.255 area 0
R2#
!
interface FastEthernet0/0
ip address 10.10.30.2 255.255.255.0
duplex full
!
interface FastEthernet1/0
ip address 192.168.100.20 255.255.255.0
duplex full
speed auto
standby 12 ip 192.168.100.1
standby 12 priority 91
!
router ospf 1
log-adjacency-changes
passive-interface FastEthernet1/0
network 10.10.30.0 0.0.0.255 area 0
network 192.168.100.0 0.0.0.255 area 0
R3#
!
interface Loopback0
ip address 192.168.33.33 255.255.255.255
!
interface FastEthernet0/0
ip address 10.10.20.3 255.255.255.0
duplex full
!
interface FastEthernet1/0
ip address 10.10.30.3 255.255.255.0
duplex full
speed auto
!
router ospf 1
log-adjacency-changes
network 10.10.20.0 0.0.0.255 area 0
network 10.10.30.0 0.0.0.255 area 0
network 192.168.33.33 0.0.0.0 area 0
distance 254 10.10.30.2 0.0.0.0
Now, lets configure and SLA that constantly pings the Loopback address of R3 from R1. We will set the frequency of 10 , timeout and threshold of 2000.
R1(config)#ip sla monitor 1
R1(config-sla-monitor)#type echo protocol ipIcmpEcho 192.168.33.33
R1(config-sla-monitor-echo)#timeout 2000
R1(config-sla-monitor-echo)#threshold 2000
R1(config-sla-monitor-echo)#frequency 10
The frequency means it will do a ping in every 10 seconds to check if the configured netework is still reachable. The timeout and threshold values will determine if there is a "breach" in the configured SLA. Now let's start the SLA now and let it continue "forever" as long as the router is alive. You can also set other parameters like what time of the day this will start and what time it will end.
R1(config)#ip sla monitor schedule 1 start-time now life forever
Let's do a "debug ip icmp" and see if it is really doing its job now.
R1#debug ip icmp
ICMP packet debugging is on
R1#
*Sep 2 10:57:31.507: ICMP: echo reply rcvd, src 192.168.33.33, dst 10.10.20.1
*Sep 2 10:57:41.523: ICMP: echo reply rcvd, src 192.168.33.33, dst 10.10.20.1
*Sep 2 10:57:51.523: ICMP: echo reply rcvd, src 192.168.33.33, dst 10.10.20.1
*Sep 2 10:58:01.547: ICMP: echo reply rcvd, src 192.168.33.33, dst 10.10.20.1
Ok, its clear its receiving replies every 10 seconds. We are not done yet, we have to configure this to be tracked by HSRP.
R1(config)#track 1 rtr 1 reachability
R1(config-track)#int fa1/0
R1(config-if)#standby 12 track 1 decrement 11
The command "track 1 rtr 1" means that the IP SLA 1 is marked as tracked number 1. It doesn't matter what track number you use. Now, the HSRP config means that if the SLA is "breached" decrement by 11. First let's see the statistics of the configured IP SLA.
R1#sh ip sla monitor statistics 1
Round trip time (RTT) Index 1
Latest RTT: 28 ms
Latest operation start time: *11:04:01.523 UTC Wed Sep 2 2009
Latest operation return code: OK
Number of successes: 42
Number of failures: 0
Operation time to live: Forever
I will shut down the connection from R1 to R3. The threshold and timeout are set to 2000 but if there isn't a reply its also a breach. Let's check what happens to the HSRP.
R1#sh standby br
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Fa1/0 12 89 P Standby 192.168.100.20 local 192.168.100.1
When the router is able to ping again the loopback of R3. The HSRP state will become active again.
Wednesday, September 02, 2009 | Filed Under CLI, HSRP, Management, Routing | 6 Comments
Certifications
The Dreamer
- Pete
- A fun loving person who enjoys learning new things. Currently working as a Network Engineer supporting the global network of a Fortune 500 company. This blog serves as my notes for the labs I created for my CCIE journey. I can guarantee there are errors in my posts. If you spot them, please let me know.
Join my Facebook Page I WANT TO BE A CCIE
Donate to the Cause
My aim is to create materials for free and possibly a free lab. If you wish to help out, please send any amount. Thanks.
Join my Bandwagon
Posts Storage
- October 2014 (1)
- April 2014 (1)
- January 2014 (1)
- December 2013 (1)
- November 2013 (1)
- October 2013 (1)
- September 2013 (2)
- August 2013 (1)
- June 2013 (1)
- June 2011 (1)
- January 2011 (1)
- December 2010 (1)
- October 2010 (1)
- August 2010 (2)
- June 2010 (1)
- May 2010 (6)
- February 2010 (1)
- January 2010 (2)
- December 2009 (1)
- November 2009 (2)
- October 2009 (8)
- September 2009 (5)
- August 2009 (10)
- July 2009 (28)
- June 2009 (1)
- May 2009 (5)
- April 2009 (1)
- March 2009 (1)
- February 2009 (5)
- January 2009 (1)
Blogs that I Read
-
-
-
-
IPv6 radius accounting is still a mess - Since the beginning of putting IPv6 into production BRAS/BNG (almost 3 years ago), we were facing the following issue: radius accounting records were missi...10 years ago
-
Internetwork Expert Volume IV (Troubleshooting) Workbook Review: Part 3 - Once you get the initial configurations loaded you’re ready to begin the lab. This is when the “fun” begins. Those of us who are used to starting labs wi...15 years ago
-
-
Cavani Authorize Central Approached Atletico Madrid Squad - Atletico Madrid Squad – PSG striker Edinson Cavani, incredulously, if he is a similar player Luis Suarez, though they are both from Uruguay. CAVANI will be...7 years ago
-
Network Engineer Jobs - So you want to work for Google as Network Engineer? Check out one of the job ads here. I pasted the screenshot below just in case the ad is removed once...7 years ago
-
Interested in Microsoft Azure? Tune into James Rudley’s Newest Course - Get ready to explore the different methods of automating technical and business challenges with Azure in James Rudley’s new course; Automation With Microso...6 years ago
-
MUST READ: Meaningful Availability - Defining service availability using the famous X nines (and all the hacks like “planned downtime doesn’t count”) is pretty useless in a highly distribute...4 years ago
-
Clearing the fog around open switching terminology - The networking industry is making a decisive move toward open switches. Much of the media's attention is on mega-scale operators' do-it-yourself switche...9 years ago
-
-
A Short Summary of Planes - A Short Summary of Planes (the network kind) When the CCDE program was first developed, Cisco conveniently broke down the included technologies into five...6 years ago
-
Book Review: Model-Driven DevOps - Earlier this month at Cisco Live in Las Vegas, I attended a presentation by Steven Carter and Jason King titled *Model-Driven DevOps: The Enterprise Auto...1 year ago
-
Data Center Study - Notes 01 - - reverse proxy caching - the user of loadbalancers for server health monitoring - the need for jumbo frames - the need for NIC features such as interrupt co...11 years ago
-
-
I’m Back - Well hello blog world. Yes it’s been a while since I last posted an update. I meant to update sooner but because I haven’t logged on to WordPress in such a...11 years ago
-
Integrating the Nexus 1000v VSM with vCenter - This is a follow-up to my previous post regarding the Nexus 1000v. Now that I help set the stage for what the Nexus 1000v really is, we can start looking a...15 years ago
-