Configuring IP SLA PBR Object Tracking

This chapter describes the PBR object tracking capabilities of IP Service Level Agreements (SLAs).

This chapter includes the following sections:

IP SLA PBR Object Tracking

This feature allows you to make sure that the next hop is reachable before that route is used. If the next hop is not reachable, another route is used as defined in the policy-based routing (PBR) configuration. If no other route is present in the route map, the routing table is used.

Object Tracking

Object tracking monitors objects such as the following:

  • State of the line protocol of an interface

  • Existence of an entry in the routing table

Clients, such as PBR, can register their interest in specific, tracked objects and then take action when the state of the objects changes.

IP SLA PBR Object Tracking Overview

The PBR Object Tracking feature gives policy-based routing (PBR) access to all the objects that are available through the tracking process. The tracking process enables you to track individual objects—such as ICMP ping reachability, routing adjacency, an application running on a remote device, a route in the Routing Information Base (RIB)—or to track the state of an interface line protocol.

Object tracking functions in the following manner: PBR informs the tracking process that a certain object should be tracked, and the tracking process then notifies PBR when the state of that object changes.

Configuring IP SLA PBR Object Tracking

SUMMARY STEPS

  1. configure terminal
  2. ip sla operation-number
  3. icmp-echo destination-ip-address
  4. exit
  5. ip sla schedule operation-number life forever start-time now
  6. track object-number ip sla entry-number reachability
  7. exit
  8. ip access-list standard access-list-name
  9. permit ip source destination
  10. ipv6 access-list access-list-name
  11. permit ipv6 source destination
  12. exit
  13. route-map map-tag
  14. match ip address access-list-name
  15. match ipv6 address access-list-name
  16. set ip next-hop verify-availability next-hop-address track object
  17. set ipv6 next-hop verify-availability next-hop-address track object
  18. exit
  19. interface type number
  20. ip address ip-address mask
  21. ipv6 address ip-address mask
  22. ip policy route-map map-tag
  23. ipv6 policy route-map map-tag
  24. end
  25. show track object-number
  26. show route-map map-name

DETAILED STEPS

  Command or Action Purpose

Step 1

configure terminal

Example:


switch# configure terminal

Enters global configuration mode.

Step 2

ip sla operation-number

Example:


switch(config)# ip sla 1

Starts a Cisco IOS IP Service Level Agreement (SLA) operation configuration and enters IP SLA configuration mode.

Step 3

icmp-echo destination-ip-address

Example:


switch(config-ip-sla)# icmp-echo 10.3.3.2

Configures an IP SLA Internet Control Message Protocol (ICMP) echo probe operation.

Step 4

exit

Example:


switch(config-ip-sla)# exit

Exits IP SLA configuration mode and returns the router to global configuration mode.

Step 5

ip sla schedule operation-number life forever start-time now

Example:


switch(config)# ip sla schedule 1 life forever start-time now

Configures the scheduling parameters for a single Cisco IOS IP SLA operation.

  • In this example, the time parameters for the IP SLA operation are configured.

Note 
Repeat Steps 2 to 5 to configure and schedule other IP SLA operations.

Step 6

track object-number ip sla entry-number reachability

Example:


switch(config)# track 1 ip sla 1 reachability

Tracks the reachability of an object and enters tracking configuration mode.

Note 
Repeat this step to track other operations.

Step 7

exit

Example:


switch(config-track)# exit

Exits tracking configuration mode and returns the router to global configuration mode.

Step 8

ip access-list standard access-list-name

Example:


switch(config)# ip access-list standard ACL

Defines an IP access list and an access control list (ACL) in order to enable filtering for packets.

Step 9

permit ip source destination

Example:



switch(config-acl)# permit ip 192.0.2.0/24 198.51.100.0/24

Creates an access control list (ACL) rule that permits traffic matching its conditions.

Step 10

ipv6 access-list access-list-name

Example:


switch(config)# ipv6 access-list IPv6ACL

Defines an IPv6 access list ACL in order to enable filtering for packets.

Step 11

permit ipv6 source destination

Example:



switch(config-ipv6-acl)# permit ipv6 2001:DB8::/32 2001:DB8::/48

Creates an access control list (ACL) rule that permits traffic matching its conditions.

Step 12

exit

Example:


switch(config-ipv6-acl)# exit

Exits ACL configuration mode and returns the router to global configuration mode.

Step 13

route-map map-tag

Example:


switch(config)# route-map PBR

Specifies a route map and enters route-map configuration mode.

Step 14

match ip address access-list-name

Example:


switch(config-route-map)# match ip address ACL

Distributes any routes that have a destination IPv4 network number address that is permitted by a standard access list.

Step 15

match ipv6 address access-list-name

Example:


switch(config-route-map)# match ipv6 address IPv6ACL

Distributes any routes that have a destination IPv6 network number address that is permitted by a standard access list.

Step 16

set ip next-hop verify-availability next-hop-address track object

Example:


switch(config-route-map)# set ip next-hop verify-availability 198.51.100.2 track 1

Configures the route map to verify the reachability of the tracked object.

Note 
Repeat this step to configure the route map to verify the reachability of other tracked objects.

Step 17

set ipv6 next-hop verify-availability next-hop-address track object

Example:


switch(config-route-map)# set ipv6 next-hop verify-availability 2001:DB8:1::1 track 1

Configures the route map to verify the reachability of the tracked object.

Note 
Repeat this step to configure the route map to verify the reachability of other tracked objects.

Step 18

exit

Example:


switch(config-route-map)# exit

Exits route-map configuration mode and returns the router to global configuration mode.

Step 19

interface type number

Example:


switch(config)# interface ethernet 0/0

Specifies an interface type and number and enters interface configuration mode.

Step 20

ip address ip-address mask

Example:


switch(config-if)# ip address 10.2.2.1 255.255.255.0

Specifies a primary IP address for an interface.

Step 21

ipv6 address ip-address mask

Example:


switch(config-if)# ipv6 address 2001:DB8::/48

Specifies a primary IPv6 address for an interface.

Step 22

ip policy route-map map-tag

Example:


switch(config-if)# ip policy route-map PBR

Enables policy routing and identifies a route map to be used for policy routing.

Step 23

ipv6 policy route-map map-tag

Example:


switch(config-if)# ipv6 policy route-map PBR

Enables IPv6 policy routing and identifies a route map to be used for policy routing.

Step 24

end

Example:


switch(config-if)# end

Exits interface configuration mode and returns the router to privileged EXEC mode.

Step 25

show track object-number

Example:


switch# show track 1

(Optional) Displays tracking information.

Use this command to verify the configuration.

Step 26

show route-map map-name

Example:


switch# show route-map PBR

(Optional) Displays route map information.

Example: Configuring IP SLA PBR Object Tracking

This example shows that object tracking is configured for PBR: 


! Configure and schedule IP SLA operations
ip sla 1
 icmp-echo 10.3.3.2
ip sla schedule 1 life forever start-time now
!
ip sla 2
 udp-echo 10.4.4.2
ip sla schedule 2 life forever start-time now
!
ip sla 3
 icmp-echo 10.5.5.2
ip sla schedule 3 life forever start-time now
!
ip sla 4
 icmp-echo 10.6.6.2
ip sla schedule 4 life forever start-time now
!
ip sla 5
 icmp-echo 10.7.7.2
ip sla schedule 5 life forever start-time now
!
! Configure Object Tracking to track the operations 
!
track 1 ip sla 1 reachability
track 2 ip sla 2 reachability
track 3 ip sla 3 reachability
track 4 ip sla 4 reachability
track 5 ip sla 5 reachability
!
! Configure ACL
ip access-list standard ACL
	permit ip 10.2.2.0/24 10.1.1.1/32
!
! Configure PBR policing on the router
route-map PBR
	match ip address ACL
	set ip next-hop verify-availability 10.3.3.2 track 1
	set ip next-hop verify-availability 10.4.4.2 track 2
	set ip next-hop verify-availability 10.5.5.2 track 3
!
! Apply PBR policy on the incoming interface of the router.
interface ethernet 0/0
 ip address 10.2.2.1 255.255.255.0
 	ip policy route-map PBR
!
! Display PBR related information 
show route-map
show track brief
show ip sla stat
show ip sla application
!