IP SLA Tab

Configuration > Templates & Policies > TCAs > IP SLA

Monitoring > Performance > IP SLA Summary

Using a polling process, IP SLA (Internet Protocol Service Level Agreement) tracking provides the ability to generate specific network actions that are completely dependent on the state of an IP interface or tunnel. The goal is to prevent black-holed traffic. For example, associated IP subnets could be removed from the subnet table and also from subnet sharing if the LAN-side interfaces on an appliance go down.

This tab displays all IP SLA rules configured on the selected appliances. To add or modify rules, click the edit icon to the left of any row in the table. Click the Realtime and Historical Charts icon to view IP SLA trends over time for an interface or tunnel. You can view trends for both latency and loss.

NOTE: For 9.6.0 or later deployments, your IP SLA Rule Destination addresses must be compatible with IPv6 if you want to use IPv6 local breakout addressing. The following IP SLA internet endpoints are recommended:

192.151.28.254,2600:9000:a60f:6c50:ca04:acb1:b183:9524,2600:9000:a70d:506e:85a8:bd96:7482:16,sp-ipsla.silverpeak.cloud

Replace the contents of the Address field on the IP SLA Rule Destination dialog box with these endpoints as one continuous string. For details, see Business Intent Overlays.

IP SLA Monitor Use Cases

The following examples describe six basic use cases for IP SLA monitoring.

Example #1 – Ping via Interface

img

  • Two passthrough tunnels configured for Internet breakout and High Availability.

  • If the Primary passthrough tunnel goes down, traffic goes to the Backup tunnel.

  • The IP SLA Rule would look like this, with the same tunnel specified for the Down and Up Actions.

img

Example #2 – HTTP/HTTPS via Interface

img

  • Two passthrough tunnels configured for Internet breakout and High Availability.

  • If the Primary passthrough tunnel goes down, traffic goes to the Backup tunnel.

  • The IP SLA Rule would look like this, with the same tunnel specified for the Down and Up Actions.

    img

NOTE: Do not select a loopback interface for HTTP/HTTPS IP SLA monitoring. A loopback interface is invalid because packets cannot be sent to that interface. If the source interface selection is a tunnel, select a second source interface. This second source interface is used as the source IP address of the packet to be sent through the tunnel.

  • In the URL(s) field, the protocol identifier is required only when specifying HTTPS, as in https://www.google.com.

Example #3 – Monitor Interface

img

  • On EdgeConnect - A, we want subnet advertising conditional on LAN0 being up.

  • Its IP SLA Rule would look like this, with the Default Subnet Action being to resume advertising subnets.

img

Example #4 – Monitor Interface (WAN0) to Ensure High Availability

img

  • If WAN0 goes down on the VRRP Master, we want to decrease its Priority so traffic goes to the VRRP Backup.

  • Its IP SLA Rule would look like this, with the Default Subnet Action being to revert to the original Priority.

img

NOTE: In this instance, the WAN0 interface was given the label MPLS to match the service to which it connected.

Example #5 – Monitor VRRP

img

  • To monitor the VRRP router state, use VRRP Monitor and specify the interface on which the VRRP instance is configured.

    In this example, it is LAN0.

  • Here we are looking at an instance where the VRRP role changes, but priority does not, for whatever reason.

  • Its IP SLA Rule would look like this, with the Default Subnet Action being to revert to the original Priority.

    img

    NOTE: In this instance, the WAN0 interface was given the label MPLS to match the service to which it connected.

  • Another option would be to specify Down Action = Modify Subnet Metric. The Web UI automatically produces another field where you can add a positive value to the current subnet metric. Up Action = Default Subnet Action would return the subnet metric to its original value.

img

Example #6 - Revoke Static Route Using IP SLA

img

  • In example 6, the route label Internet is associated with an IP SLA rule to ping sp-ipsla.silverpeak.cloud. The route label is assigned to two static routes and each route is assigned a metric. When the static route with a metric of 50 goes down, traffic is routed to the backup route (with a metric of 60). See Route Labels for more information.

  • Its IP SLA Rule would look like this, with the Down Action set to Raise Alarm Only and Up Action set to Clear Alarm Only.

img

IP SLA Edit Row

Use this dialog box to set rules for your IP SLA.

  1. Select one of the options from the Monitor list.

    Option Description
    Interface Monitors the operational status of a specific local interface.
    Ping Monitors the reachability of a specific IPv4 address.
    HTTP/HTTPS Monitors the reachability of an HTTP/HTTPS endpoint.

    NOTE: Both HTTP and HTTPS require a response of 200. Redirects are not supported.

    NOTE: Using HTTPS as a monitor for IP SLA with multiple targets can cause potential problems. HTTPS does not provide any additional benefit about the path check.
    VRRP Monitor Monitors the VRRP router state (TRUE if Master; FALSE if Backup) for a VRRP instance(s) on an interface.

  2. The Web UI displays the appropriate fields and options based on the monitor you select. Complete any additional fields.

  3. Select an action from the Down Actions list.

    Down Action Description
    Remove Auto Subnets Remove from the subnet table an auto subnet for a port (including all VLAN and subinterface subnets).
    Increase VRRP Priority Increase the configured VRRP router priority by a delta amount.
    Decrease VRRP Priority Decrease the configured VRRP router priority by a delta amount.
    Enable Tunnel Enable a passthrough (internet breakout) tunnel Up for IP Tracking (SLA) purposes.
    Disable Tunnel Disable a passthrough (internet breakout) tunnel Up for IP Tracking (SLA) purposes. The tunnel can no longer be used for load balancing (when load balancing traffic between multiple passthrough tunnels), although it can still be used as a last resort for traffic forwarding.
    Disable Subnet Sharing Disable the sharing of subnets with other EdgeConnect peers on the appliance.
    Modify Subnet Metric Add a metric delta to the metric of all subnets shared with EdgeConnect peers.
    Advertise Subnets Advertise subnets to EdgeConnect peers.
    Raise Alarm Only Raise an alarm when the IP SLA rule goes down.

  4. Select an action from the Up Actions list.

    Up Action Description
    Default Subnet Action This reverts whatever the Down Action was back to the normal state. Examples:

    If Down Action = Disable Subnet Sharing, the Up Action re-enables Subnet Sharing.

    If Down Action = Remove Auto Subnets, the Up Action re-adds the auto subnet.

    If Down Action = Modify Subnet Metric, the Up Action restores subnet metrics to their original values.
    VRRP Default Reverts the VRRP priority back to the configured value.
    Enable Tunnel Enable a passthrough (internet breakout) tunnel Up for IP Tracking (SLA) purposes.
    Disable Tunnel Disable a passthrough (internet breakout) tunnel Up for IP Tracking (SLA) purposes. The tunnel can no longer be used for load balancing (when load balancing traffic between multiple passthrough tunnels), although it can still be used as a last resort for traffic forwarding.
    Decrease VRRP Priority Decrease the configured VRRP router priority by a delta amount.
    Increase VRRP Priority Increase the configured VRRP router priority by a delta amount.
    Clear Alarm Only Clears any alarms created as a result of an IP SLA rule going down.

    NOTE: If a default Up Action is used, it must match the Down Action.

  5. (Optional) Select a Route Label to assign to the action. Depending on the IP SLA Condition set for the route label, the route is marked DOWN if any of the IP SLA rules are DOWN or only when all IP SLA rules associated with the route label are DOWN.

    See Route Labels.

  6. Click Add.