From: Dan Shechter (danshtr@gmail.com)
Date: Mon Aug 20 2007 - 16:07:28 ART
I think its possible but its a bit over complicated.
We want f0/0 to be down when there is SLA failure:
The idea is to use backup interfaces in a way that when one interface
is up, the other will be up, and once the interface is down the other
will be also down. To do this we will use 3 interface. Tunnel
interface Loopback interface and the f0/0 interface. The backup of
the tunnel will be the loopback, and the backup of the loopback will
be the tunnel. so when the tunnel is down the loopback is up, but
when the loopback ip up, f0/0 is down because its the backup
interface of the loopback.
Lets configure this:
interface Tunnel99
no ip address
tunnel source Loopback98
tunnel destination 1.1.1.1
backup interface lo 99
!
interface Loopback98
no ip address
!
interface Loopback99
no ip address
backup interface FastEthernet0/0
Where does the SLA? The idea here is to bring the tunnel interface
down when the sla is down. Tunnel interface will be down when the
tunnel destination is unreachable. Tunnel destination is unreachable
when there is no route to the destination. We can use a static route
to the tunnel destination. That static route will be tracking SLA.
SLA configuration:
ip sla monitor 1
type echo protocol ipIcmpEcho 1.2.3.4
frequency 10
ip sla monitor schedule 1 life forever start-time now
track 1 rtr 1 reachability
route configuration:
ip route 1.1.1.1 255.255.255.255 Loopback98 track 1
To test this i'll configure lo 98 interface with ip address of
1.2.3.4, which is the tracking address:
interface Loopback98
ip address 1.2.3.4 255.255.255.255
Now the SLA should be able to ping.. :
R2#sh ip int br
Interface IP-Address OK? Method
Status Protocol
FastEthernet0/0 1.1.56.2 YES NVRAM
up up
Loopback98 1.2.3.4 YES manual
up up
Loopback99 unassigned YES unset standby
mode down
Tunnel99 2.2.2.2 YES manual
up up
Now lets change the ip address from lo98, which will result in sla
failure:
R2(config)#int lo 98
R2(config-if)#ip addr 2.2.2.2 255.255.255.255
% 2.2.2.2 overlaps with Tunnel99
R2(config-if)#ip addr 9.2.2.2 255.255.255.255
R2(config-if)#do sh track
Track 1
Response Time Reporter 1 reachability
Reachability is Down
5 changes, last change 00:00:06
Latest operation return code: Timeout
Tracked by:
STATIC-IP-ROUTING 0
R2(config-if)#d
*Mar 6 10:51:29.679: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Tunnel99, changed state to downo
*Mar 6 10:51:35.687: %LINK-3-UPDOWN: Interface Loopback99, changed
state to up
*Mar 6 10:51:36.687: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Loopback99, changed state to up
*Mar 6 10:51:38.703: %LINK-5-CHANGED: Interface FastEthernet0/0,
changed state to standby mode
*Mar 6 10:51:39.703: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/0, changed state to down
On Aug 4, 2007, at 8:41 , Bit Gossip wrote:
> Is it possible to have SLA to bring down an interface in case of
> failure instead of changing HSRP status.
> And if it is, how?
> Thanks,
> Luca.
>
> ----- Original Message ----- From: "Djerk Geurts" <djerk@djerk.nl>
> To: "'Ben'" <bmunyao@gmail.com>; "'Cisco certification'"
> <ccielab@groupstudy.com>
> Sent: Tuesday, July 31, 2007 1:30 PM
> Subject: RE: HSRP and tracking FR interface
>
>
>> There are two other options:
>>
>> - Using PPP as PPPoFR, PPP maintains end-to-end connectivity so a
>> broken pvc
>> would brind own the interface.
>> - Using rtr tracking, while making sure that the IP address you're
>> pinging
>> is only reachable via the FR link. An ideal address to ping would
>> be the
>> remote end of the pvc as if the FR interface doesn't go down then
>> the router
>> will try to reach this IP through the FR interface despite the pvc
>> being
>> broken:
>>
>> ip sla monitor 1
>> type echo protocol ipIcmpEcho 1.1.1.1
>> !
>> track 1 rtr 1 reachability
>>
>> Djerk
>>
>>
>>> -----Original Message-----
>>> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
>>> Behalf Of Ben
>>> Sent: dinsdag 31 juli 2007 12:33
>>> To: Cisco certification
>>> Subject: Re: HSRP and tracking FR interface
>>>
>>> Hi
>>>
>>> Is the following the only way to do this?
>>>
>>> R3 (FR Spoke site)
>>> int tu35
>>> ip add 124.1.35.3 255.255.255.0
>>> tunnel sour lo0
>>> tunnel dest 150.1.5.5
>>> keepalive 3 5
>>> track 1 int tu35 line-protocol
>>> int f0/0
>>> ip add 10.10.1.3 255.255.255.0
>>> stand 1 priority 105
>>> stand 1 preempt
>>> stand 1 track 1
>>> stand 1 ip 10.10.1.254
>>>
>>> R5 (FR Hub site)
>>> int tu35
>>> ip add 124.1.35.5 255.255.255.0
>>> tunnel sour lo0
>>> tunnel dest 150.1.3.3
>>> keepalive 3 5
>>>
>>> TIA
>>> Ben
>>>
>>>
>>> On 7/31/07, Ben <bmunyao@gmail.com> wrote:
>>> >
>>> > Hi
>>> >
>>> > When a question requires HSRP on LAN with R3 and R4 as
>>> active/backup, and
>>> > R4 taking over when R3 looses FR connection, how can you
>>> track the FR
>>> > interface?
>>> >
>>> > Here is an example:
>>> >
>>> > .3
>>> > |-------------------------------R3 \
>>> > | \
>>> > |10.10.1.0/24 FR cloud
>>> > | /
>>> > |-------------------------------R4 /
>>> >
>>> > Assume FR is configured on physical interface. Would the
>>> following qualify
>>> > as a solution?
>>> >
>>> > R3
>>> > int f0/0
>>> > ip add 10.10.1.3 255.255.255.0
>>> > stand 1 priority 105
>>> > stand 1 preempt
>>> > stand 1 track s0/0
>>> > stand 1 ip 10.10.1.254
>>> >
>>> > R4
>>> > int f0/0
>>> > ip add 10.10.1.4 255.255.255.0
>>> > stand 1 preempt
>>> > stand 1 ip 10.10.1.254
>>> >
>>> > I presume this use of the track keyword only tracks the
>>> line-protocol on
>>> > s0/0, and will therefore not detect when R3 looses IP
>>> connectivity to the
>>> > other end of its DLCI. A variation of the stand 1 track
>>> s0/0 on R3 would be
>>> >
>>> > track 1 interface s0/0 line-protocol
>>> > int f0/0
>>> > stand 1 track 1
>>> >
>>> >
>>> > Another recent discussion on EEK indicated that EEK will
>>> not bring down
>>> > the interface when the other end is not reachable. How can
>>> we then meet the
>>> > requirements of the question? Do we have do use a GRE
>>> tunnel with keepalive
>>> > over the FR link, and track that? Is there any other alternative?
>>> >
>>> > TIA
>>> > Ben
>>>
>>> ______________________________________________________________
>>> _________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>
>> _____________________________________________________________________
>> __
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
> ______________________________________________________________________
> _
> Subscription information may be found at: http://www.groupstudy.com/
> list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Sep 01 2007 - 11:32:12 ART