Track group of objects

Let’s say we want to configure a group of objects to track and if some or all objects are down then we will trigger a failover.

IP SLA and track object are both used frequently for FHRP monitoring; with IP SLA we can measure responsiveness of nodes in the network and if we can’t access them then we can trigger HSRP/VRRP failover to second member. 

So first let’s configure the IP SLA objects:

! ip sla 101  icmp-echo 208.67.222.222 source-interface gigabitEthernet 0/0  owner OPENDNS_SERVER  frequency 5  threshold 2000  timeout 4000  history buckets-kept 15 exit ! ip sla 102  icmp-echo 8.8.8.8 source-interface gigabitEthernet 0/0  owner GOOGLE_DNS_SERVER  frequency 5  threshold 2000  timeout 4000  history buckets-kept 15 exit ! ip sla 103  icmp-echo 8.8.4.4 source-interface gigabitEthernet 0/0  owner GOOGLE_DNS_SERVER  frequency 5  threshold 2000  timeout 4000  history buckets-kept 15 exit ! ip sla 104  icmp-echo 4.2.2.1 source-interface gigabitEthernet 0/0  owner LEVEL3_ANYCAST  frequency 5  threshold 2000  timeout 4000  history buckets-kept 15 exit ! ip sla schedule 101 start-time now life forever ip sla schedule 102 start-time now life forever ip sla schedule 103 start-time now life forever ip sla schedule 104 start-time now life forever !

Here I used OpenDNS and Google DNS servers and Level3 anycast IP’s.

Then configure track objects:

track 101 ip sla 101 track 102 ip sla 102 track 103 ip sla 103 track 104 ip sla 104 !

Each track object is linked to IP SLA object.

Then configure track group:

track 10 list boolean and  object 101  object 102  object 103  object 104 exit !

Here I used Boolean syntax with AND operator but we can also use OR operator or even change it to weighted threshold where each object has certain weight on the trigger decision.

And last link the track group to the FHRP monitoring:

interface Gi0/1 standby 1 ip 192.168.10.1 standby 1 preempt standby 1 priority 150 standby 1 track 10 decrement 100 !

In order to view the tracking group type:

show track

Here is a list of best tracking IP’s:

#Google DNS servers 8.8.8.8 8.8.4.4 #OpenDNS servers 208.67.222.222 208.67.220.220 #Level3 anycast 4.2.2.1 4.2.2.2 4.2.2.3

How to convert TOS / AF / DSCP / IP Precedence

How to convert AF to DSCP

Explanation:

Take the first (AF) number and multiply it by 8, take the second (AF) number and multiply it by 2, add both results.

Formula: 

(8*x) + (2*y)

Example:

AF31 = (8*3) + (2*1) = 26 = DSCP 26

How to convert TOS to DSCP/IP Precedence

Explanation:

TOS stands for Type of Service and it’s an 8 bit filed in the IP header, IP Precedence uses only the 3 leftmost bits while DSCP uses the 6 leftmost bits.

 

 

(Taken from http://bogpeople.com/networking/dscp.shtml)

In order to convert TOS to DSCP/IP Precedence all we have to do is translate from binary to decimal.

Example:

TOS 160 = for having TOS 160 we need to put “1” (binary 0 or 1) on the 7^th and 5^th bits which will result in 128 (2^7) and 32 (2^5) = 160

Now because IP Precedence uses only the 3 leftmost bits (7, 6 and 5) and only the 1^st (5) and the 3^rd (7) bits are “1” the result will be 5.

The same manner for DSCP but this time with 6 bits calculation, where only the 6^th and the 4^th bits are “1” the result will be 40

Another example:

TOS 96 = the 6^th and 5^th bits are “1”

IP Precedence = because in TOS the 6^th and 5^th bits are “1” in IP Precedence its 1^st and 2^nd bits which result in (2^2) + (2^1) = 2 + 1 = 3

DSCP = because in TOS the 6^th and 5^th bits are “1” in DSCP its 4^th and 5^th bits which result in (2^5) + (2^4) = 16 + 8 = 24

GLBP

GLBP (Gateway Load-Balance Protocol) - 

Allow FHRP and load-balance traffic for the local segment.

For each segment there is 1 AVG (Active Virtual Gateway) which responsible for determine who will be the AVF (Active Virtual Forwarder) and up to 4 AVF’s.

Here is the following lab I setup in GNS:

R1, R2 and R3 are configured as GLBP group 1 for R4 and R6, R4 and R6 configured with default route to 10.1.0.254.

R1 Configuration:

interface FastEthernet1/0  ip address 10.1.0.1 255.255.255.0  glbp 1 ip 10.1.0.254  glbp 1 priority 110  glbp 1 preempt  glbp 1 authentication md5 key-string cisco  duplex full  speed 100 end

R2 Configuration:

interface FastEthernet1/0  ip address 10.1.0.2 255.255.255.0  glbp 1 ip 10.1.0.254  glbp 1 priority 120  glbp 1 preempt  glbp 1 authentication md5 key-string cisco  duplex full  speed 100 end

R3 Configuration:

interface FastEthernet1/0  ip address 10.1.0.3 255.255.255.0  glbp 1 ip 10.1.0.254  glbp 1 priority 130  glbp 1 preempt  glbp 1 authentication md5 key-string cisco  glbp 1 load-balancing host-dependent  duplex full  speed 100 end

A little explanation on the above configuration:

glbp 1 ip is very similar to HSRP or VRRP virtual IP, it’s he layer 3 IP which hosts refer to.

glbp 1 priority decide which router will be the AVG, higher priority wins.

glbp 1 preempt and authentication – again similar to HSRP/VRRP, no need to explain

glbp 1 load-balancing determine the way the AVG will load the traffic between the AVF’s, there are 3 modes for this option:

Host-depended – the source of the MAC address determine the AVF, which provides persistency. This method is recommended for segment with no more then 20 hosts.

Round-robin – the default option, in equal cyclic manner load-balance between the AVF’s

Weighted - Load balance in proportion to forwarder weighting. The default weight for each AVF is 100 and can be configured with glbp 1 weighting and can be monitored by track objects.