Configure IP SLAs HTTPS Operations

This module describes how to configure an IP Service Level Agreements (SLAs) HTTPS operation to monitor the response time between a Cisco device and an HTTPS server to retrieve a web page. The IP SLAs HTTPS operation supports both the normal GET requests and customer RAW requests. This module also demonstrates how the results of the HTTPS operation can be displayed and analyzed to determine how an HTTPS server is performing.

Restrictions for IP SLAs HTTP Operations

  • IP SLAs HTTP operations support only HTTP/1.0.

  • HTTP/1.1 is not supported for any IP SLAs HTTP operation, including HTTP RAW requests.

  • If IP SLA probe fails while configuring IP SLA HTTP operation using a public server, install your target server's certificate authority (CA) certificate as a trusted CA in the router.

Information About IP SLAs HTTPS Operations

HTTPS Operation

The HTTPS operation measures the round-trip time (RTT) between a Cisco device and an HTTPS server to retrieve a web page. The HTTPS server response time measurements consist of three types:

The HTTPS operation measures the round-trip time (RTT) between a Cisco device and an HTTPS server to retrieve a web page.

The IPSLA HTTPS operation uses the Cisco IOS XE HTTPS secure client to send the HTTPS request, process the response from the HTTPS server and pass the response back to IPSLA.

The HTTPS server response time measurements consist of two types:

DNS lookup--RTT taken to perform domain name lookup.

HTTPS transaction time-- RTT taken by the Cisco IOS XE HTTPS secure client to send HTTPS request to the HTTPS server, get the response from the server.

The DNS operation is performed first and the DNS RTT is measured. Once the domain name is found, request with GET or HEAD method is sent to the Cisco IOS XE HTTPS secure client to send HTTPS request to the HTTPS server and RTT taken to retrieve the home HTML page from the HTTPS server is measured. This RTT includes the time taken for SSL handshake, TCP connection to the server and HTTPS transactions.

The total RTT is a sum of the DNS RTT and the HTTPS transaction RTT.

Currently, the error codes are determined, and the IP SLA HTTPS operation goes down only if the return code is not 200. Use http-status-code-ignore command to ignore the HTTPS status code and consider the operation’s status as OK.

How to Configure IP SLAs HTTP Operations

Configure an HTTPS GET Operation on the Source Device


Note

This operation does not require an IP SLAs Responder on the destination device.

Perform only one of the following tasks:

Configure a Basic HTTPS GET Operation on the Source Device

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. ip sla operation-number
  4. http secure {get | head } url [name-server ip-address ] [version version-number ] [source-ip {interface-name} ]
  5. frequency seconds
  6. end

DETAILED STEPS

  Command or Action Purpose

Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3

ip sla operation-number

Example:

Device(config)# ip sla 10

Begins configuration for an IP SLAs operation and enters IP SLA configuration mode.

Step 4

http secure {get | head } url [name-server ip-address ] [version version-number ] [source-ip {interface-name} ]

Example:
Device(config-ip-sla)# http secure get https://www.cisco.com/index.html

Defines anHTTPs operation and enters IP SLA configuration mode.

Step 5

frequency seconds

Example:

Device(config-ip-sla-http)# frequency 90

(Optional) Sets the rate at which a specified IP SLAs HTTPS operation repeats. The default and minimum frequency value for an IP SLAs HTTPS operation is 60 seconds.

Step 6

end

Example:

Device(config-ip-sla-http)# end

Exits to privileged EXEC mode.

Configure an HTTPS GET Operation with Optional Parameters on the Source Device

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. ip sla operation-number
  4. http secure {get | raw } url [name-server ip-address ] [version version-number ] [source-ip ip-address {interface-name }]
  5. frequency seconds
  6. end

DETAILED STEPS

  Command or Action Purpose

Step 1

enable

Example:
Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:
Device# configure terminal

Enters global configuration mode.

Step 3

ip sla operation-number

Example:
Device(config)# ip sla 10

Begins configuration for an IP SLAs operation and enters IP SLA configuration mode.

Step 4

http secure {get | raw } url [name-server ip-address ] [version version-number ] [source-ip ip-address {interface-name }]

Example:
Device(config-ip-sla)# http secure get https://www.cisco.com/index.html

Defines an HTTPS operation and enters IP SLA configuration mode.

Step 5

frequency seconds

Example:
Device(config-ip-sla-http)# frequency 90

(Optional) Sets the rate at which a specified IP SLAs HTTP operation repeats. The default and minimum frequency value for an IP SLAs HTTP operation is 60 seconds.

Step 6

end

Example:
Device(config-ip-sla-http)# end

Exits to privileged EXEC mode.

Configuring an HTTP RAW Operation on the Source Device


Note

This operation does not require an IP SLAs Responder on the destination device.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. ip sla operation-number
  4. http {get | raw } url [name-server ip-address ] [version version-number ] [source-ip {ip-address | hostname }] [source-port port-number ] [cache {enable | disable }] [proxy proxy-url ]
  5. http-raw-request
  6. Enter the required HTTP 1.0 command syntax.
  7. end

DETAILED STEPS

  Command or Action Purpose

Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

ip sla operation-number

Example:


Device(config)# ip sla 10

Begins configuration for an IP SLAs operation and enters IP SLA configuration mode.

Step 4

http {get | raw } url [name-server ip-address ] [version version-number ] [source-ip {ip-address | hostname }] [source-port port-number ] [cache {enable | disable }] [proxy proxy-url ]

Example:


Device(config-ip-sla)# http raw http://198.133.219.25

Defines an HTTP operation.

Step 5

http-raw-request

Example:


Device(config-ip-sla)# http-raw-request

Enters HTTP RAW configuration mode.

Step 6

Enter the required HTTP 1.0 command syntax.

Example:


Device(config-ip-sla-http)# GET /en/US/hmpgs/index.html HTTP/1.0\r\n\r\n

Specifies all the required HTTP 1.0 commands.

Step 7

end

Example:


Device(config-ip-sla-http)# end

Exits to privileged EXEC mode.

Scheduling IP SLAs Operations

Before you begin

  • All IP Service Level Agreements (SLAs) operations to be scheduled must be already configured.
  • The frequency of all operations scheduled in a multioperation group must be the same.
  • The list of one or more operation ID numbers to be added to a multioperation group must be limited to a maximum of 125 characters in length, including commas (,).

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. Enter one of the following commands:
    • ip sla schedule operation-number [life {forever | seconds }] [start-time {[hh:mm:ss ] [month day | day month ] | pending | now | after hh:mm:ss }] [ageout seconds ] [recurring ]
    • ip sla group schedule group-operation-number operation-id-numbers {schedule-period schedule-period-range | schedule-together } [ageout seconds ] frequency group-operation-frequency [life {forever | seconds }] [start-time {hh:mm [:ss ] [month day | day month ] | pending | now | after hh:mm [:ss] }]
  4. end
  5. show ip sla group schedule
  6. show ip sla configuration

DETAILED STEPS

  Command or Action Purpose

Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

Enter one of the following commands:

  • ip sla schedule operation-number [life {forever | seconds }] [start-time {[hh:mm:ss ] [month day | day month ] | pending | now | after hh:mm:ss }] [ageout seconds ] [recurring ]
  • ip sla group schedule group-operation-number operation-id-numbers {schedule-period schedule-period-range | schedule-together } [ageout seconds ] frequency group-operation-frequency [life {forever | seconds }] [start-time {hh:mm [:ss ] [month day | day month ] | pending | now | after hh:mm [:ss] }]

Example:


Device(config)# ip sla schedule 10 life forever start-time now

Device(config)# ip sla group schedule 10 schedule-period frequency

Device(config)# ip sla group schedule 1 3,4,6-9 life forever start-time now 

Device(config)# ip sla schedule 1 3,4,6-9 schedule-period 50 frequency range 80-100

  • Configures the scheduling parameters for an individual IP SLAs operation.

  • Specifies an IP SLAs operation group number and the range of operation numbers for a multioperation scheduler.

Step 4

end

Example:


Device(config)# end

Exits global configuration mode and returns to privileged EXEC mode.

Step 5

show ip sla group schedule

Example:


Device# show ip sla group schedule

(Optional) Displays IP SLAs group schedule details.

Step 6

show ip sla configuration

Example:


Device# show ip sla configuration

(Optional) Displays IP SLAs configuration details.

Troubleshooting Tips

  • If the IP Service Level Agreements (SLAs) operation is not running and not generating statistics, add the verify-data command to the configuration (while configuring in IP SLA configuration mode) to enable data verification. When data verification is enabled, each operation response is checked for corruption. Use the verify-data command with caution during normal operations because it generates unnecessary overhead.

  • Use the debug ip sla trace and debug ip sla error commands to help troubleshoot issues with an IP SLAs operation.

What to Do Next

To add proactive threshold conditions and reactive triggering for generating traps (or for starting another operation) to an IP Service Level Agreements (SLAs) operation, see the “Configuring Proactive Threshold Monitoring” section.

Configuration Examples for IP SLAs HTTPS Operations

Example Configuring an HTTPS GET Operation

ip sla 1
http secure get https://www.cisco.com name-server 8.8.8.8 version 1.1
ip sla schedule 1 life forever start-time now

Example Configuring an HTTPS HEAD Operation

ip sla 1
http secure head  https://www.cisco.com name-server 8.8.8.8 version 1.1
ip sla schedule 1 life forever start-time now

Example Configuring an HTTP RAW Operation Through a Proxy Server

The following example shows how to configure an HTTP RAW operation through a proxy server. The proxy server is www.proxy.cisco.com and the HTTP server is www.yahoo.com. 


ip sla 8
 http raw url http://www.proxy.cisco.com
 http-raw-request
 GET http://www.yahoo.com HTTP/1.0\r\n
 \r\n
 end
ip sla schedule 8 life forever start-time now

Example Configuring an HTTP RAW Operation with Authentication

The following example shows how to configure an HTTP RAW operation with authentication. 


ip sla 8
 http raw url http://site-test.cisco.com
 http-raw-request
 GET /lab/index.html HTTP/1.0\r\n
 Authorization: Basic btNpdGT4biNvoZe=\r\n
 \r\n
 end
ip sla schedule 8 life forever start-time now

Additional References

Related Documents

Related Topic

Document Title

Cisco IOS commands

Cisco IOS Master Commands List, All Releases

Cisco IOS IP SLAs commands

Cisco IOS IP SLAs Command Reference

Standards and RFCs

Standard/RFC

Title

No new or modified standards or RFCs are supported by this feature, and support for existing standards has not been modified by this feature.

--

MIBs

MIBs

MIBs Link

CISCO-RTTMON-MIB

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for IP SLAs HTTP Operations

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1. Feature Information for IP SLAs HTTP Operations

Feature Name

Releases

Feature Information

IP SLAs HTTP Operation

The Cisco IOS IP SLAs Hypertext Transfer Protocol (HTTP) operation allows you to measure the network response time between a Cisco device and an HTTP server to retrieve a web page.

IPSLA 4.0 - IP v6 phase2

Support was added for operability in IPv6 networks. The following commands are introduced or modified: http (IP SLA), show ip sla configuration, show ip sla summary .

IP SLAs VRF Aware 2.0

Support was added for IP SLAs VRF-aware capabilities for TCP connect, FTP, HTTP and DNS client operation types.