Table Of Contents
PBR Support for Multiple Tracking Options
Information About PBR Support for Multiple Tracking Options
PBR Support for Multiple Tracking Options Feature Design
How to Configure PBR Support for Multiple Tracking Options
Configuration Examples for PBR Support for Multiple Tracking Options
set ip next-hop verify-availability
Feature Information for PBR Support for Multiple Tracking Options
PBR Support for Multiple Tracking Options
First Published: November 3, 2003Last Updated: August 21, 2007The PBR Support for Multiple Tracking Options feature extends the capabilities of object tracking using Cisco Discovery Protocol (CDP) to allow the policy-based routing (PBR) process to verify object availability by using additional methods. The verification method can be an Internet Control Message Protocol (ICMP) ping, User Datagram Protocol (UDP) ping, or an HTTP GET request.
Finding Feature Information in This Module
Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for PBR Support for Multiple Tracking Options" section.
Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Contents
•
Information About PBR Support for Multiple Tracking Options
•
•
•
Information About PBR Support for Multiple Tracking Options
To configure the PBR Support for Multiple Tracking Options feature, you should understand the following concepts:
•
Object Tracking
Object tracking is an independent process that monitors objects such as the following:
•
•
•
Clients such as Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), Gateway Load Balancing Protocol (GLBP), and (with this feature) PBR can register their interest in specific, tracked objects and then take action when the state of the objects changes.
PBR Support for Multiple Tracking Options Feature Design
The PBR Support for Multiple Tracking Options feature gives PBR access to all the objects that are available through the tracking process. The tracking process provides the ability to track individual objects such as ICMP ping reachability, routing adjacency, an application running on a remote device, a route in the Routing Information Base (RIB), or to track the state of an interface line protocol.
Object tracking functions in the following manner. PBR will inform the tracking process that a certain object should be tracked. The tracking process will in turn notify PBR when the state of that object changes.
How to Configure PBR Support for Multiple Tracking Options
The tasks in this section are divided according to the Cisco IOS Release that you are running because Cisco IOS Release 12.3(14)T introduced new syntax for IP SLAs. This section contains the following tasks:
Configuring PBR Support for Multiple Tracking Options in Cisco IOS Release 12.3(11)T, 12.2(25)S, or Prior Releases
Perform this task to configure PBR support for multiple tracking options. In this task, a route map is created and configured to verify the reachability of the tracked object.
Prerequisite
This task requires the networking device to be running Cisco IOS Release 12.3(11)T, 12.2(25)S, or prior releases.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
DETAILED STEPS
Configuring PBR Support for Multiple Tracking Options in Cisco IOS Release 12.3(14)T, 12.2(33)SXH, and Later Releases
Perform this task to configure PBR support for multiple tracking options. In this task, a route map is created and configured to verify the reachability of the tracked object.
Prerequisite
This task requires the networking device to be running Cisco IOS Release 12.3(14)T, 12.2(33)SXH, or later releases.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
DETAILED STEPS
Step 1
enable
Example:Router> enable
Enables privileged EXEC mode.
•
Step 2
configure terminal
Example:Router# configure terminal
Enters global configuration mode.
Step 3
ip sla monitor operation-number
Example:Router(config)# ip sla monitor 1
Starts a Cisco IOS IP Service Level Agreements (SLAs) operation configuration and enters IP SLA monitor configuration mode.
Step 4
type echo protocol ipIcmpEcho {destination-ip-address | destination-hostname} [source-ipaddr {ip-address | hostname} | source-interface interface-name]
Example:Router(config-sla-monitor)# type echo protocol ipicmpecho 10.1.1.1
Configures an IP SLAs Internet Control Message Protocol (ICMP) echo probe operation.
Step 5
exit
Example:Router(config-sla-monitor)# exit
Exits IP SLA monitor configuration mode and returns the router to global configuration mode.
Step 6
ip sla monitor schedule operation-number [life {forever | seconds}] [start-time {hh:mm[:ss] [month day | day month] | pending | now | after hh:mm:ss}] [ageout seconds] [recurring]
Example:Router(config)# ip sla monitor schedule 1 life forever start-time now
Configures the scheduling parameters for a single Cisco IOS IP SLAs operation.
•
Step 7
track object-number rtr entry-number [reachability | state]
Example:Router(config)# track 123 rtr 1 reachability
Tracks the reachability of an Response Time Reporter (RTR) object and enters tracking configuration mode.
Step 8
delay {up seconds [down seconds] | [up seconds] down seconds}
Example:Router(config-track)# delay up 60 down 30
(Optional) Specifies a period of time, in seconds, to delay communicating state changes of a tracked object.
Step 9
exit
Example:Router(config-track)# exit
Exits tracking configuration mode, and returns the router to global configuration mode.
Step 10
interface type number
Example:Router(config)# interface serial 2/0
Specifies an interface type and number, and enters interface configuration mode.
Step 11
ip address ip-address mask [secondary]
Example:Router(config-if)# ip address 192.168.1.1 255.255.255.0
Specifies a primary or secondary IP address for an interface.
•
•
Step 12
ip policy route-map map-tag
Example:Router(config-if)# ip policy route-map alpha
Enables policy routing and identifies a route map to be used for policy routing.
Step 13
exit
Example:Router(config-if)# exit
Exits interface configuration mode and returns the router to global configuration mode.
Step 14
route-map map-tag [permit | deny] [sequence-number]
Example:Router(config)# route-map alpha
Specifies a route map and enters route-map configuration mode.
Step 15
set ip next-hop verify-availability [next-hop-address sequence track object]
Example:Router(config-route-map)# set ip next-hop verify-availability 10.1.1.1 10 track 123
Configures the route map to verify the reachability of the tracked object.
•
Step 16
end
Example:Router(config-route-map)# end
Exits route-map configuration mode and returns the router to global configuration mode.
Step 17
show track object-number
Example:Router# show track 123
(Optional) Displays tracking information.
•
Step 18
show route-map [map-name | all | dynamic]
Example:Router# show ip route alpha
(Optional) Displays route map information.
•
Examples
The following output from the show track command shows that the tracked object 123 is reachable.
Router# show track 123Track 123Response Time Reporter 1 reachabilityReachability is Up2 changes, last change 00:00:33Delay up 60 secs, down 30 secsLatest operation return code: OKLatest RTT (millisecs) 20Tracked by:ROUTE-MAP 0The following output from the show route-map command shows information about the route map named alpha that was configured in the task.
Router# show route-map alpharoute-map alpha, permit, sequence 10Match clauses:Set clauses:ip next-hop verify-availability 10.1.1.1 10 track 123 [up]Policy routing matches: 0 packets, 0 bytesConfiguration Examples for PBR Support for Multiple Tracking Options
This section provides the following configuration examples:
Configuring PBR Support for Multiple Tracking Options in Cisco IOS Release 12.3(11)T, 12.2(25)S, or Prior Releases: Example
In the following example, object tracking is configured for PBR on routers running Cisco IOS Release 12.3(11)T, 12.2(25)S, or prior releases.
The configured policy is that packets received on Ethernet 0, should be forwarded to 10.1.1.1 only if that device is reachable (responding to pings). If 10.1.1.1 is not up, then the packets should be forwarded to 10.2.2.2. If 10.2.2.2 is also not reachable, then the policy routing fails and the packets are routed according to the routing table.
Two Response Time Reporters (RTRs) are configured to ping the remote devices. The RTRs are then tracked. Policy routing will monitor the state of the tracked RTRs and make forwarding decisions based on their state.
! define and start the rtrsrtr 1type echo protocol ipicmpecho 10.1.1.1rtr schedule 1 start-time now life forever!rtr 2type echo protocol ipicmpecho 10.2.2.2rtr schedule 2 start-time now life forever!!track the rtrstrack 123 rtr 1 reachabilitytrack 124 rtr 2 reachability!! enable policy routing on the incoming interfaceinterface ethernet 0ip address 10.4.4.4 255.255.255.0ip policy route-map beta!! 10.1.1.1 is via this interfaceinterface ethernet 1ip address 10.1.1.254 255.255.255.0!! 10.2.2.2 is via this interfaceinterface ethernet 2ip address 10.2.2.254 255.255.255.0!! define a route-map to set the next-hop depending on the state of the tracked rtrsroute-map betaset ip next-hop verify-availability 10.1.1.1 10 track 123set ip next-hop verify-availability 10.2.2.2 20 track 124Configuring PBR Support for Multiple Tracking Options in Cisco IOS Release 12.3(14)T, 12.2(33)SXH, or Later Releases: Example
In the following example, object tracking is configured for PBR on routers running Cisco IOS Release 12.3(14)T, 12.2(33)SXH, or later releases.
The configured policy is that packets received on Ethernet 0, should be forwarded to 10.1.1.1 only if that device is reachable (responding to pings). If 10.1.1.1 is not up, then the packets should be forwarded to 10.2.2.2. If 10.2.2.2 is also not reachable, then the policy routing fails and the packets are routed according to the routing table.
Two RTRs are configured to ping the remote devices. The RTRs are then tracked. Policy routing will monitor the state of the tracked RTRs and make forwarding decisions based on their state.
! define and start the rtrsip sla monitor 1type echo protocol ipicmpecho 10.1.1.1ip sla monitor schedule 1 start-time now life forever!ip sla monitor 2type echo protocol ipicmpecho 10.2.2.2ip sla monitor schedule 2 start-time now life forever!!track the rtrstrack 123 rtr 1 reachabilitytrack 124 rtr 2 reachability!! enable policy routing on the incoming interfaceinterface ethernet 0ip address 10.4.4.4 255.255.255.0ip policy route-map beta!! 10.1.1.1 is via this interfaceinterface ethernet 1ip address 10.1.1.254 255.255.255.0!! 10.2.2.2 is via this interfaceinterface ethernet 2ip address 10.2.2.254 255.255.255.0!! define a route-map to set the next-hop depending on the state of the tracked rtrsroute-map betaset ip next-hop verify-availability 10.1.1.1 10 track 123set ip next-hop verify-availability 10.2.2.2 20 track 124Additional References
The following sections provide references related to the PBR Support for Multiple Tracking Options feature.
Related Documents
Object tracking within Cisco IOS software
Enhanced Object Tracking feature document, Cisco IOS Release 12.2(15)T
Configuring IP addresses
•
•
Standards
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
—
MIBs
RFCs
No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.
—
Technical Assistance
Command Reference
This section documents only commands that are new or modified.
•
set ip next-hop verify-availability
To configure policy routing to verify the reachability of the next hop of a route map before the router performs policy routing to that next hop, use the set ip next-hop verify-availability command in route-map configuration mode. To disable this function, use the no form of this command.
set ip next-hop verify-availability [next-hop-address sequence track object]
no set ip next-hop verify-availability [next-hop-address sequence track object]
Syntax Description
Command Default
The reachability of the next hop of a route map before a router performs policy routing, is not verified.
Command Modes
Route-map configuration (config-route-map)
Command History
Usage Guidelines
The set ip next-hop verify-availability command can be used in the following two ways:
•
•
Using CDP Verification
This command is used to verify that the next hop is reachable before the router tries to policy route to it. This command has the following characteristics:
•
•
•
•
If the router is policy routing packets to the next hop and the next hop is down, the router will try unsuccessfully to use Address Resolution Protocol (ARP) for the next hop (which is down). This behavior will continue indefinitely. To prevent this situation from occurring, use the set ip next-hop verify-availability command to configure the router to verify that the next hop of the route map is a CDP neighbor before routing to that next hop.
This command is optional because some media or encapsulations do not support CDP, or it may not be a Cisco device that is sending traffic to the router.
If this command is set and the next hop is not a CDP neighbor, then the router looks to the subsequent next hop, if there is one. If there is no next hop, the packets are not policy routed.
If this command is not set, the packets are either successfully policy routed or remain forever unrouted.
If you want to selectively verify availability of only some next hops, you can configure different route map entries (under the same route map name) with different criteria (using access list matching or packet size matching), and then use the set ip next-hop verify-availability command selectively.
Using Object Tracking
With optional arguments to support object tracking, this command allows PBR to make decisions based on the following criteria:
•
•
•
•
Object tracking functions in the following manner. PBR will inform the tracking process that it is interested in tracking a certain object. The tracking process will in turn notify PBR when the state of the object changes. This notification is done via registries and is event driven.
The tracking subsystem is responsible for tracking the state of an object. The object can be an IP address that is periodically being pinged by the tracking process. The state of the object (up or down) is stored in a track report data structure. The tracking process will create the tracking object report. Then the exec process that is configuring the route map can query the tracking process to determine if a given object exists. If the object exists, the tracking subsystem can start tracking it and read the initial state of the object. If the object changes state, the tracking process will notify all the clients that are tracking this process that the state of the object has changed. So, the route map structure that PBR is using can be updated to reflect the current state of the object in the track report. This interprocess communication is done by means of registries and the shared track report.
Note
Examples
The following configuration sample demonstrates the use of the set ip next-hop verify-availability command to configure the router to verify that the next hop of the route map is a CDP neighbor before routing to that next hop. In this example, the next hop 10.0.0.8 in the route map named "Example1" will be verified as a CDP neighbor before the router tries to policy-route to it.
ip cefinterface ethernet0/0/1ip policy route-map Example1route-map Example1 permit 10match ip address 1set ip precedence priorityset ip next-hop 10.0.0.8set ip next-hop verify-availabilityroute-map Example1 permit 20match ip address 101set interface Ethernet0/0/3set ip tos max-throughputUsing Object Tracking
The following configuration sample shows a configuration used to track an object:
! Configure the objects to be tracked.! Object 123 will be up if the router can ping 10.1.1.1.! Object 124 will be up if the router can ping 10.2.2.2.ip sla monitor 1type echo protocol ipicmpecho 10.1.1.1ip sla monitor schedule 1 start-time now life forever!ip sla monitor 2type echo protocol ipicmpecho 10.2.2.2ip sla monitor schedule 2 start-time now life forever!track 123 rtr 1 reachabilitytrack 124 rtr 2 reachability!! Enable policy routing using route-map alpha on Ethernet 0.interface ethernet 0ip address 10.4.4.254 255.255.255.0ip policy route-map alpha!! 10.1.1.1 is via this interfaceinterface ethernet 1ip address 10.1.1.254 255.255.255.0! 10.2.2.2 is via this interfaceinterface ethernet 2ip address 10.2.2.254 255.255.255.0!! Configure a route-map to set the next-hop to 10.1.1.1 if object 123 is up. If object 123! is down, the next hop will be set to 10.2.2.2 if object 124 is up. If object 124 is also! down, then policy routing fails and unicast routing will route the packet.route-map alphaset ip next-hop verify-availability 10.1.1.1 10 track 123set ip next-hop verify-availability 10.2.2.2 20 track 124Related Commands
Feature Information for PBR Support for Multiple Tracking Options
Table 1 lists the release history for this feature.
Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2003-2007 Cisco Systems, Inc. All rights reserved.
Guest
