Software Configuration Guide, Cisco IOS Release 15.2(2)E (Catalyst 2960, 2960-S, 2960-SF and 2960-Plus Switches)
Configuring Cisco IP SLAs
Downloads: This chapterpdf (PDF - 1.39 MB) The complete bookPDF (PDF - 16.3 MB) | Feedback

Configuring Cisco IP SLAs

Configuring Cisco IP SLAs

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http:/​/​​go/​cfn. An account on is not required.

Restrictions on SLAs

This section lists the restrictions on SLAs.

The following are restrictions on IP SLAs network performance measurement:

  • The switch does not support VoIP service levels using the gatekeeper registration delay operations measurements.

  • Only a Cisco IOS device can be a source for a destination IP SLAs responder.

  • You cannot configure the IP SLAs responder on non-Cisco devices and Cisco IOS IP SLAs can send operational packets only to services native to those devices.

Information About SLAs

Cisco IOS IP Service Level Agreements (SLAs)

Cisco IP SLAs is a part of Cisco IOS software that allows Cisco customers to analyze IP service levels for IP applications and services by using active traffic monitoring—the generation of traffic in a continuous, reliable, and predictable manner—for measuring network performance. With Cisco IOS IP SLAs, service provider customers can measure and provide service level agreements, and enterprise customers can verify service levels, verify outsourced service level agreements, and understand network performance. Cisco IOS IP SLAs can perform network assessments, verify quality of service (QoS), ease the deployment of new services, and assist with network troubleshooting.

Cisco IOS IP SLAs send data across the network to measure performance between multiple network locations or across multiple network paths. They simulate network data and IP services and collect network performance information in real time. Cisco IOS IP SLAs generate and analyze traffic either between Cisco IOS devices or from a Cisco IOS device to a remote IP device such as a network application server. Measurements provided by the various Cisco IOS IP SLA operations can be used for troubleshooting, for problem analysis, and for designing network topologies.

Depending on the specific Cisco IOS IP SLA operations, various network performance statistics are monitored within the Cisco device and stored in both command-line interface (CLI) and Simple Network Management Protocol (SNMP) MIBs. IP SLA packets have configurable IP and application layer options such as source and destination IP address, User Datagram Protocol (UDP)/TCP port numbers, a type of service (ToS) byte (including Differentiated Services Code Point [DSCP] and IP Prefix bits), Virtual Private Network (VPN) routing/forwarding instance (VRF), and URL web address.

Because Cisco IP SLAs are Layer 2 transport independent, you can configure end-to-end operations over disparate networks to best reflect the metrics that an end user is likely to experience. IP SLAs collect and analyze the following performance metrics:

  • Delay (both round-trip and one-way)

  • Jitter (directional)

  • Packet loss (directional)

  • Packet sequencing (packet ordering)

  • Path (per hop)

  • Connectivity (directional)

  • Server or website download time

Because Cisco IOS IP SLAs is SNMP-accessible, it can also be used by performance-monitoring applications like Cisco Prime Internetwork Performance Monitor (IPM) and other third-party Cisco partner performance management products.

Using IP SLAs can provide the following benefits:

  • Service-level agreement monitoring, measurement, and verification.

  • Network performance monitoring

    • Measurement of jitter, latency, or packet loss in the network.

    • Continuous, reliable, and predictable measurements.

  • IP service network health assessment to verify that the existing QoS is sufficient for new IP services.

  • Edge-to-edge network availability monitoring for proactive verification and connectivity testing of network resources (for example, shows the network availability of an NFS server used to store business critical data from a remote site).

  • Network operation troubleshooting by providing consistent, reliable measurement that immediately identifies problems and saves troubleshooting time.

  • Multiprotocol Label Switching (MPLS) performance monitoring and network verification (if the switch supports MPLS).

Network Performance Measurement with Cisco IOS IP SLAs

You can use IP SLAs to monitor the performance between any area in the network—core, distribution, and edge—without deploying a physical probe. It uses generated traffic to measure network performance between two networking devices.

Figure 1. Cisco IOS IP SLAs Operation. The following figure shows how IP SLAs begin when the source device sends a generated packet to the destination device. After the destination device receives the packet, depending on the type of IP SLAs operation, it responds with time-stamp information for the source to make the calculation on performance metrics. An IP SLAs operation performs a network measurement from the source device to a destination in the network using a specific protocol such as UDP.

Related References

IP SLA Responder and IP SLA Control Protocol

The IP SLA responder is a component embedded in the destination Cisco device that allows the system to anticipate and respond to IP SLA request packets. The responder provides accurate measurements without the need for dedicated probes. The responder uses the Cisco IOS IP SLA Control Protocol to provide a mechanism through which it can be notified on which port it should listen and respond.


The IP SLA responder can be a Cisco IOS Layer 2, responder-configurable switch. The responder does not need to support full IP SLA functionality.

The following figure shows where the Cisco IOS IP SLA responder fits in the IP network. The responder listens on a specific port for control protocol messages sent by an IP SLA operation. Upon receipt of the control message, it enables the specified UDP or TCP port for the specified duration. During this time, the responder accepts the requests and responds to them. It disables the port after it responds to the IP SLA packet, or when the specified time expires. MD5 authentication for control messages is available for added security.
Figure 2. Cisco IOS IP SLAs Operation

You do not need to enable the responder on the destination device for all IP SLA operations. For example, a responder is not required for services that are already provided by the destination router (such as Telnet or HTTP). You cannot configure the IP SLAs responder on non-Cisco devices and Cisco IOS IP SLAs can send operational packets only to services native to those devices.

Response Time Computation for IP SLAs

Switches, controllers, and routers can take tens of milliseconds to process incoming packets due to other high priority processes. This delay affects the response times because the test-packet reply might be in a queue while waiting to be processed. In this situation, the response times would not accurately represent true network delays. IP SLAs minimize these processing delays on the source device as well as on the target device (if the responder is being used) to determine true round-trip times. IP SLA test packets use time stamping to minimize the processing delays.

When the IP SLA responder is enabled, it allows the target device to take time stamps when the packet arrives on the interface at interrupt level and again just as it is leaving, eliminating the processing time. This time stamping is made with a granularity of sub-milliseconds (ms).

Figure 3. Cisco IOS IP SLA Responder Time Stamping. The following figure demonstrates how the responder works. Four time stamps are taken to make the calculation for round-trip time. At the target router, with the responder functionality enabled, time stamp 2 (TS2) is subtracted from time stamp 3 (TS3) to produce the time spent processing the test packet as represented by delta. This delta value is then subtracted from the overall round-trip time. Notice that the same principle is applied by IP SLAs on the source router where the incoming time stamp 4 (TS4) is also taken at the interrupt level to allow for greater accuracy.

An additional benefit of the two time stamps at the target device is the ability to track one-way delay, jitter, and directional packet loss. Because much network behavior is asynchronous, it is critical to have these statistics. However, to capture one-way delay measurements, you must configure both the source router and target router with Network Time Protocol (NTP) so that the source and target are synchronized to the same clock source. One-way jitter measurements do not require clock synchronization.

How to Configure IP SLAs Operations

This section does not include configuration information for all available operations as the configuration information details are included in the Cisco IOS IP SLAs Configuration Guide. It does include several operations as examples, including configuring the responder, configuring a UDP jitter operation, which requires a responder, and configuring an ICMP echo operation, which does not require a responder. For details about configuring other operations, see the Cisco IOS IP SLAs Configuration Guide.

Default Configuration

No IP SLAs operations are configured.

Related Concepts

Configuration Guidelines

For information on the IP SLA commands, see the Cisco IOS IP SLAs Command Reference, Release 12.4T command reference.

For detailed descriptions and configuration procedures, see the Cisco IOS IP SLAs Configuration Guide, Release 12.4TL.

Related References

Configuring the IP SLA Responder

The IP SLA responder is available only on Cisco IOS software-based devices, including some Layer 2 switches that do not support full IP SLA functionality.

Follow these steps to configure the IP SLA responder on the target device (the operational target):


    1.    enable

    2.    configure terminal

    3.    ip sla responder {tcp-connect | udp-echo} ipaddress ip-address port port-number

    4.    end

    5.    show running-config

    6.    copy running-config startup-config

     Command or ActionPurpose
    Step 1 enable

    Switch> enable

    Enables privileged EXEC mode. Enter your password if prompted.


    Step 2configure terminal

    Switch# configure terminal

    Enters the global configuration mode.

    Step 3ip sla responder {tcp-connect | udp-echo} ipaddress ip-address port port-number

    Switch(config)# ip sla responder udp-echo 5000

    Configures the switch as an IP SLA responder.

    The keywords have these meanings:

    • tcp-connect—Enables the responder for TCP connect operations.

    • udp-echo—Enables the responder for User Datagram Protocol (UDP) echo or jitter operations.

    • ipaddress ip-address—Enter the destination IP address.

    • port port-number—Enter the destination port number.


      The IP address and port number must match those configured on the source device for the IP SLA operation.

    Step 4end

    Switch(config)# end

    Returns to privileged EXEC mode.

    Step 5show running-config

    Switch# show running-config 

    Verifies your entries.

    Step 6copy running-config startup-config

    Switch# copy running-config startup-config 

    (Optional) Saves your entries in the configuration file.


    Monitoring IP SLA Operations

    The following table describes the commands used to display IP SLA operation configurations and results:

    Table 1 Monitoring IP SLA Operations

    show ip sla authentication

    Displays IP SLA authentication information.

    show ip sla responder

    Displays information about the IP SLA responder.

    Additional References

    Error Message Decoder

    Description Link

    To help you research and resolve system error messages in this release, use the Error Message Decoder tool.


    Standards and RFCs

    Standard/RFC Title




    MIB MIBs Link

    All supported MIBs for this release.

    To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:


    Technical Assistance

    Description Link

    The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

    To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

    Access to most tools on the Cisco Support website requires a user ID and password.


    Feature History and Information for Service Level Agreements



    This feature was introduced.