Original post # https://rekrowten.wordpress.com/2012/10/19/ip-sla-with-object-tracking-and-automatic-preempting-in-mpls-te-part-5/

IP SLA was described in this post. Some of the examples were provided here. This post showed an option, where IP SLA was used to monitor static routes and preempting them. Today’s post will be similar to that one. Today I am monitoring MPLS TE tunnels and dynamically preempting to backup path, when certain threshold in IP SLA probe is met. Good example on how to monitor network and dynamically and automatically reroute traffic to backup path without any administrator intervention.

Here is diagram.

Dummy router is incapable of routing. It is pure host.

Between R1 and R2 routers, I run LDP (MPLS), IS-IS as routing protocol, RSVP and MPLS TE is enabled on interfaces between R1 and R2. Two TE tunnels are configured on R1. One is taking primary path via 192.168.12.2 and secondary tunnel is taking path via 172.16.12.2. Tunnel with primary path has metric lowered by 2 and secondary tunnel has metric lowered by 1. This assures that tunnel 0 has best metric and is used. In case of failure, tunnel 1 is used. In case of both tunnels are down, traditional routing is used (IS-IS chooses best path).

IP SLA probe is monitoring IP 200.0.0.1 by ICMP echo type. Frequency is every 10 seconds and threshold is only 20 ms. Timeout is set to default 5000 ms. That means that probe should be received within 5000 ms, but everything above 20 ms is considered as failed and preemption on tracked object is initiated. If tracked object is failed and positive result from IP SLA probe is received, preemption is delayed for 30 seconds. In other words, 3 probes must be successful in a row to make preemption back. As you can see, I can reach 200.0.0.1 via static routing. Tunnel 0 has best administrative distance and is monitored by object tracking, which is driven by IP SLA probe. In case of failure, tunnel 1 (backup path) is used. If physical interface fails, IS-IS detects failure and tunnel 0 fails. IP SLA probes will continue anyway, but result doesn’t matter as tunnel 1 is used anyway.

TE tunnels use autoroute option, metric change, and explicit path. Please, read corresponding MPLS TE posts or the whole series on this topic.

Configuration

Here are configs:

Dummy:

hostname Dummy
!
no ip routing
!
interface FastEthernet0/0
 ip address 192.168.0.2 255.255.255.0

R1:

hostname R1
!
ip sla monitor 2
 type echo protocol ipIcmpEcho 200.0.0.1
 threshold 20
 frequency 10
ip sla monitor schedule 2 life forever start-time now
!
mpls traffic-eng tunnels
!
track 1 rtr 2
 delay up 30
!
interface Loopback0
 ip address 192.168.1.1 255.255.255.255
 ip router isis 
!
interface Tunnel0
 ip unnumbered Loopback0
 tunnel destination 200.0.0.1
 tunnel mode mpls traffic-eng
 tunnel mpls traffic-eng autoroute announce
 tunnel mpls traffic-eng autoroute metric relative -2
 tunnel mpls traffic-eng path-option 10 explicit name PRIMARY
 no routing dynamic
!
interface Tunnel1
 ip unnumbered Loopback0
 tunnel destination 200.0.0.1
 tunnel mode mpls traffic-eng
 tunnel mpls traffic-eng autoroute announce
 tunnel mpls traffic-eng autoroute metric relative -1
 tunnel mpls traffic-eng path-option 10 explicit name SECONDARY
 no routing dynamic
!
interface FastEthernet0/0
 ip address 192.168.0.1 255.255.255.0
 ip router isis 
!
interface FastEthernet0/1
 ip address 192.168.12.1 255.255.255.0
 ip router isis 
 mpls ip
 mpls traffic-eng tunnels
 ip rsvp bandwidth
!         
interface FastEthernet1/0
 ip address 172.16.12.1 255.255.255.0
 ip router isis 
 mpls ip
 mpls traffic-eng tunnels
 ip rsvp bandwidth
!
router isis 
 net 49.0000.0000.0000.0001.00
 metric-style wide
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng level-1
!
ip route 200.0.0.1 255.255.255.255 Tunnel0 5 track 1
ip route 200.0.0.1 255.255.255.255 Tunnel1 6
!
ip explicit-path name PRIMARY enable
 next-address 192.168.12.2 
!
ip explicit-path name SECONDARY enable
 next-address 172.16.12.2

R2:

hostname R2
!
ip sla monitor responder
!
mpls traffic-eng tunnels
!
interface Loopback0
 ip address 200.0.0.1 255.255.255.255
 ip router isis 
!
interface FastEthernet0/0
 ip address 192.168.12.2 255.255.255.0
 ip router isis 
 mpls ip
 mpls traffic-eng tunnels
 ip rsvp bandwidth
!
interface FastEthernet0/1
 ip address 172.16.12.2 255.255.255.0
 ip router isis 
 mpls ip
 mpls traffic-eng tunnels
 ip rsvp bandwidth
!
router isis 
 net 49.0000.0000.0000.0002.00
 metric-style wide
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng level-1
!
ip route 192.168.0.0 255.255.255.0 FastEthernet0/1

This is how it looks, when everything is working fine.

R1#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.12.0/24 is directly connected, FastEthernet0/1
     200.0.0.0/32 is subnetted, 1 subnets
S       200.0.0.1 is directly connected, Tunnel0
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.12.0 is directly connected, FastEthernet1/0
C    192.168.0.0/24 is directly connected, FastEthernet0/0
     192.168.1.0/32 is subnetted, 1 subnets
C       192.168.1.1 is directly connected, Loopback0
R1#

R1#sh ip sla monitor st
Round trip time (RTT)   Index 2
        Latest RTT: 9 ms
Latest operation start time: *00:12:22.631 UTC Fri Mar 1 2002
Latest operation return code: OK
Number of successes: 55
Number of failures: 7
Operation time to live: Foreve

Now I will increase load, so I make worse RTT for a moment.

R1#sh ip sla monitor st
Round trip time (RTT)   Index 2
        Latest RTT: 187 ms
Latest operation start time: *00:12:32.631 UTC Fri Mar 1 2002
Latest operation return code: Over threshold
Number of successes: 56
Number of failures: 7
Operation time to live: Forever

R1#
*Mar  1 00:12:33.675: %TRACKING-5-STATE: 1 rtr 2 state Up->Down

RTT is over threshold (20 ms). Tracked object failed. Let’s confirm.

R1#sh track
Track 1
  Response Time Reporter 2 state
  State is Down
    4 changes, last change 00:00:10
  Delay up 30 secs
  Latest operation return code: Over threshold
  Latest RTT (millisecs) 27
  Tracked by:
    STATIC-IP-ROUTING 0

Change in routing is expected. Now, we should route via tunnel 1.

R1#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.12.0/24 is directly connected, FastEthernet0/1
     200.0.0.0/32 is subnetted, 1 subnets
S       200.0.0.1 is directly connected, Tunnel1
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.12.0 is directly connected, FastEthernet1/0
C    192.168.0.0/24 is directly connected, FastEthernet0/0
     192.168.1.0/32 is subnetted, 1 subnets
C       192.168.1.1 is directly connected, Loopback0

There are few over threshold IP SLA probe responses.

R1#sh ip sla monitor st
Round trip time (RTT)   Index 2
        Latest RTT: 27 ms
Latest operation start time: *00:12:42.631 UTC Fri Mar 1 2002
Latest operation return code: Over threshold
Number of successes: 57
Number of failures: 7
Operation time to live: Forever

R1#sh ip sla monitor st
Round trip time (RTT)   Index 2
        Latest RTT: 21 ms
Latest operation start time: *00:12:52.631 UTC Fri Mar 1 2002
Latest operation return code: Over threshold
Number of successes: 58
Number of failures: 7
Operation time to live: Forever

Finally, RTT is back in threshold. Tracked object remains down for 30 seconds. If RTT increases above threshold, delay on tracked object is reset and no preemption occurs. RTT must be under threshold for at least 30 seconds to make preemption back to tunnel 0. Routing via tunnel 1 remains until preemption.

R1#sh ip sla monitor st
Round trip time (RTT)   Index 2
        Latest RTT: 12 ms
Latest operation start time: *00:13:02.631 UTC Fri Mar 1 2002
Latest operation return code: OK
Number of successes: 59
Number of failures: 7
Operation time to live: Forever

R1#sh track
Track 1
  Response Time Reporter 2 state
  State is Down, delayed Up (21 secs remaining)
    4 changes, last change 00:00:38
  Delay up 30 secs
  Latest operation return code: Over threshold
  Latest RTT (millisecs) 21
  Tracked by:
    STATIC-IP-ROUTING 0

R1#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.12.0/24 is directly connected, FastEthernet0/1
     200.0.0.0/32 is subnetted, 1 subnets
S       200.0.0.1 is directly connected, Tunnel1
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.12.0 is directly connected, FastEthernet1/0
C    192.168.0.0/24 is directly connected, FastEthernet0/0
     192.168.1.0/32 is subnetted, 1 subnets
C       192.168.1.1 is directly connected, Loopback0

RTT is below threshold for 30 seconds, preemption occurs back to tunnel 0. Here is confirmation.

R1#sh ip sla monitor st
Round trip time (RTT)   Index 2
        Latest RTT: 3 ms
Latest operation start time: *00:15:32.631 UTC Fri Mar 1 2002
Latest operation return code: OK
Number of successes: 74
Number of failures: 7
Operation time to live: Forever

R1#
*Mar  1 00:15:33.679: %TRACKING-5-STATE: 1 rtr 2 state Down->Up                    
R1#sh track
Track 1
  Response Time Reporter 2 state
  State is Up
    5 changes, last change 00:00:04
  Delay up 30 secs
  Latest operation return code: OK
  Latest RTT (millisecs) 3
  Tracked by:
    STATIC-IP-ROUTING 0

R1#sh ip ro
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.12.0/24 is directly connected, FastEthernet0/1
     200.0.0.0/32 is subnetted, 1 subnets
S       200.0.0.1 is directly connected, Tunnel0
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.12.0 is directly connected, FastEthernet1/0
C    192.168.0.0/24 is directly connected, FastEthernet0/0
     192.168.1.0/32 is subnetted, 1 subnets
C       192.168.1.1 is directly connected, Loopback0

Routing has changed back to tunnel 0. This was just an example. More complex and reasonable MPLS TE tunnels can be created