What is IP SLA
IP SLA is an active method of monitoring and reliably reporting on network performance. By "active," I refer to the fact that IP SLA will generate and actively monitor traffic continuously across the network. An IP SLA Router is capable of generating traffic and reporting on it in real time. IP SLA can be configured in such a way that it can report on statistics such as:
- Jitter
- Response time
- Packet loss
- Voice Quality Scoring (MOS)
- Connectivity
- Server or website responses and downtime
- Delay
Although you do not need a Cisco Router at the other end of what you are monitoring, you are able to obtain a more detailed output if you do. This Cisco router is referred to as an IP SLA Responder.
From the above list, you can see the benefits of utilizing Cisco IP SLA to perform network monitoring and reporting functions. IP SLA provides the ability to monitor a traffic path to a destination while also confirming that a particular web server is accepting connections. While this information is useful and can be seen through show commands on the IP SLA device, to make IP SLA reporting more human-readable, you can use an SNMP agent to poll the IP SLA router. There are a number of SNMP agents available that are capable of retrieving this information, including SolarWinds, Cacti, or PRTG to name a few.
There are also other use cases for IP SLA, such as policy-based routing (PBR); however, the focus of this blog post is on the monitoring of the network.
How IP SLA works?
IP SLA can be configured in two parts. There is the IP SLA router, which generates the traffic, and the IP SLA Responder (which can be any device, not just a Cisco router). One point I should mention is that the IP SLA Responder is not required for IP SLA to function, but it does allow for more detailed information gathering and reporting. In order to understand a little how the IP SLA function works, let’s take a look at how IP SLA is configured for UDP jitter to monitor the link between two Cisco routers, with one configured as an IP SLA Responder.
The IP SLA ICMP jitter operation is configured to send an ICMP Timestamp Request (Type 13) to the configured destination host and is expecting an ICMP Timestamp Reply (Type 14) response from the destination. This ICMP packet contains three timestamp fields. One is the Originating timestamp, which is the timestamp from the source IP SLA router of the time that the packet was sent. The next two timestamp fields are the Receive timestamp, and the Transmit timestamp. As the field names suggest, the IP SLA Responder will insert the timestamp of when that packet was received, then also the timestamp of when it is transmitted. This can be seen in the below packet capture of the IP SLA ICMP jitter response showing the ICMP Timestamp Reply message.
The IP SLA ICMP jitter operation is configured to send an ICMP Timestamp Request (Type 13) to the configured destination host and is expecting an ICMP Timestamp Reply (Type 14) response from the destination. This ICMP packet contains three timestamp fields. One is the Originating timestamp, which is the timestamp from the source IP SLA router of the time that the packet was sent. The next two timestamp fields are the Receive timestamp, and the Transmit timestamp. As the field names suggest, the IP SLA Responder will insert the timestamp of when that packet was received, then also the timestamp of when it is transmitted. This can be seen in the below packet capture of the IP SLA ICMP jitter response showing the ICMP Timestamp Reply message.
IP Service Level Agreement - Important Points
- IP SLA is a feature that enables a Cisco router or a switch to simulate specific types of traffic useful for analysis. Cisco IOS IP SLAs performs active monitoring by generating and analyzing traffic to measure performance either between Cisco IOS devices or from a Cisco IOS device to a remote IP device such as a network application server.
- IP SLA probes can simulate various types of traffic, such as HTTP, FTP, DHCP, UDP jitter, UDP echo, HTTP, TCP connect, ICMP echo, ICMP path echo, ICMP path jitter, and DNS.
- IP SLA can report statistics such as path jitter.
- IP SLA has highly granular application configuration options such as TCP/UDP port numbers, TOS byte, and IP prefix bits. This is useful for measuring application performance end-to-end across your network.
- IP SLA can also be used to track reachability and then decrement HSRP/VRRP priority values or bring up secondary links.
- IP SLA can also be used as a measure of reliability and continuous availability.
- Using IP SLA, SNMP traps can be generated from events such as connection loss, timeout, roundtrip time threshold, average jitter threshold, one-way packet loss, one-way jitter, and one-way latency.
- SLAs operations can be used for troubleshooting, for problem analysis, and for designing network topologies.
Configuring IP SLA
- The responder can be a computer, or it can be another Cisco device. Configure the Receiver/Responder with global config command 'ip sla responder'. The Cisco IOS IP SLAs Responder is a component embedded in the destination Cisco routing device that allows the system to anticipate and respond to Cisco IOS IP SLAs request packets. The Cisco IOS IP SLAs Responder provides an enormous advantage with accurate measurements without the need for dedicated probes and additional statistics not available via standard ICMP-based measurements.
- One benefit of using a Cisco device as the responder is that it can add timestamps to help measure latency and jitter. These timestamps take into account the device processing time so that the measurement reflects only network latency.
- The configuration of the IP SLA source is more complex. You must create a monitor session, list the traffic type, responder IP address, and any other desired variables such as DSCP value. Then you schedule the probes. Optionally configure tracking using the IP SLA session. The following commands set up an IP SLA session that measures UDP jitter for a voice port. Traffic is sent every 120 seconds, starting when the last command is given and continues until it is manually stopped.
Tracking a Static route using IP SLA
In this example, R1 connects to a Server 2.2.2.2/32 connected behind R2 through directly connected primary link 10.10.12.0/24.An IP SLA is configured to track the status of the primary link. In case the primary link fails, R1 should reach the Server using a backup path R1-R3-R2 path.
Two static routes are configured as below:
R1(config)#ip route 2.2.2.2 255.255.255.255 10.10.12.2 track 10 >>>>> Primary
R1(config)#ip route 2.2.2.2 255.255.255.255 10.10.13.3 20 >>>>> Secondary
The primary Static route is tracked by an IP SLA and should be used if the primary link (10.10.12.0/24) is up.
In the below config, IP SLA 1 tracks the primary link using icmp-echo packets send at a frequency of 5 seconds.
R1(config)#ip sla 1
R1(config-ip-sla)#icmp-echo 10.10.12.2 source-ip 10.10.12.1
R1(config-ip-sla-echo)#frequency 5
R1(config-ip-sla-echo)#timeout 1000
R1(config)#ip sla schedule 1 life forever start-time now
R1(config)track 10 ip sla 1 reachability
R1#sh track 10
Track 10
IP SLA 1 reachability
Reachability is Up
4 changes, last change 00:00:27
Latest operation return code: OK
Latest RTT (millisecs) 24
Tracked by:
STATIC-IP-ROUTING 0
R1#sh ip route track-table
ip route 2.2.2.2 255.255.255.255 10.10.12.2 track 10 state is [up]
R1#sh ip sla statistics
Round Trip Time (RTT) for Index 1
Type of operation: icmp-echo
Latest RTT: 33 ms
Latest operation start time: *21:49:39.059 UTC Wed Oct 25 2017
Latest operation return code: OK
Number of successes: 47
Number of failures: 33
Operation time to live: Forever
You can also configure Authentication b/w an IP SLA source and a Responder to impose some security. Link to understand IP SLA Authentication.
There are many other operations you can perform using an IP SLA as shown below:
R1(config)#ip sla 2
R1(config-ip-sla)#?
IP SLAs Entry configuration commands:
dhcp DHCP Operation
dns DNS Query Operation
ethernet Ethernet Operations
ftp FTP Operation
http HTTP Operation
icmp-echo ICMP Echo Operation
mpls MPLS Operation
path-echo Path Discovered ICMP Echo Operation
path-jitter Path Discovered ICMP Jitter Operation
tcp-connect TCP Connect Operation
udp-echo UDP Echo Operation
udp-jitter UDP Jitter Operation
TCP Connect Operation
You can use the TCP Connect Operation to compute response time by measuring the time taken by the source to perform a TCP connect operation to the destination device.
If the destination or target device is a Cisco router, you can configure it as a responder in the target router (ip sla responder). If the destination device is a non-Cisco, you have to specify a well-known port number. Below is an example of Telnet to remote server 2.2.2.2.
R1(config)# ip sla 2
R1(config-ip-sla)#tcp-connect 2.2.2.2 23 source-ip 10.10.12.1
DNS operation
Using Cisco IP SLA, DNS response time can be computed by calculating the difference between the time taken to send a DNS request and the time a reply is received. The IP SLA DNS operation queries for an IP address if the user specifies the domain name, or queries for a domain name if the user specifies an IP address.
R1(config)# ip sla 3
R1(config-ip-sla)#dns www.google.com name-server DNS source-ip 10.10.12.1
IP SLA can also be used to configure the probes for network monitoring and analysis using UDP-Jitter.
R1(config)# ip sla 4
R1(config-ip-sla)# udp-jitter 10.10.12.2 5000 source-ip 10.10.12.1 num-packets 50 interval 10
R1(config-ip-sla-jitter) tos 104
R1(config-ip-sla-jitter) timeout 1000
R1(config-ip-sla-jitter) frequency 30
Some more commands:
sh ip sla authentication
sh ip sla application
sh ip sla statistics
sh ip sla responder
sh ip sla configuration
If you understood the concept and like this article, kindly share the same with your friends.
R1#sh track 10
Track 10
IP SLA 1 reachability
Reachability is Up
4 changes, last change 00:00:27
Latest operation return code: OK
Latest RTT (millisecs) 24
Tracked by:
STATIC-IP-ROUTING 0
R1#sh ip route track-table
ip route 2.2.2.2 255.255.255.255 10.10.12.2 track 10 state is [up]
R1#sh ip sla statistics
Round Trip Time (RTT) for Index 1
Type of operation: icmp-echo
Latest RTT: 33 ms
Latest operation start time: *21:49:39.059 UTC Wed Oct 25 2017
Latest operation return code: OK
Number of successes: 47
Number of failures: 33
Operation time to live: Forever
You can also configure Authentication b/w an IP SLA source and a Responder to impose some security. Link to understand IP SLA Authentication.
There are many other operations you can perform using an IP SLA as shown below:
R1(config)#ip sla 2
R1(config-ip-sla)#?
IP SLAs Entry configuration commands:
dhcp DHCP Operation
dns DNS Query Operation
ethernet Ethernet Operations
ftp FTP Operation
http HTTP Operation
icmp-echo ICMP Echo Operation
mpls MPLS Operation
path-echo Path Discovered ICMP Echo Operation
path-jitter Path Discovered ICMP Jitter Operation
tcp-connect TCP Connect Operation
udp-echo UDP Echo Operation
udp-jitter UDP Jitter Operation
TCP Connect Operation
You can use the TCP Connect Operation to compute response time by measuring the time taken by the source to perform a TCP connect operation to the destination device.
If the destination or target device is a Cisco router, you can configure it as a responder in the target router (ip sla responder). If the destination device is a non-Cisco, you have to specify a well-known port number. Below is an example of Telnet to remote server 2.2.2.2.
R1(config)# ip sla 2
R1(config-ip-sla)#tcp-connect 2.2.2.2 23 source-ip 10.10.12.1
DNS operation
Using Cisco IP SLA, DNS response time can be computed by calculating the difference between the time taken to send a DNS request and the time a reply is received. The IP SLA DNS operation queries for an IP address if the user specifies the domain name, or queries for a domain name if the user specifies an IP address.
R1(config)# ip sla 3
R1(config-ip-sla)#dns www.google.com name-server DNS source-ip 10.10.12.1
IP SLA can also be used to configure the probes for network monitoring and analysis using UDP-Jitter.
R1(config)# ip sla 4
R1(config-ip-sla)# udp-jitter 10.10.12.2 5000 source-ip 10.10.12.1 num-packets 50 interval 10
R1(config-ip-sla-jitter) tos 104
R1(config-ip-sla-jitter) timeout 1000
R1(config-ip-sla-jitter) frequency 30
Some more commands:
sh ip sla authentication
sh ip sla application
sh ip sla statistics
sh ip sla responder
sh ip sla configuration
If you understood the concept and like this article, kindly share the same with your friends.