Reliable PBR with IP SLA

suneethabdullah · December 27, 2015, 2:11pm

Dear Rene,

This is not working for me, please help…

my debug ip policy output is as follows:

&#42;Dec 27 16:07:49.774: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254, len 28, policy match
&#42;Dec 27 16:07:49.774: IP: route map RM-192, item 10, permit
&#42;Dec 27 16:07:49.778: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254 (Serial1/0), len 28, policy routed
&#42;Dec 27 16:07:49.782: IP: FastEthernet0/0 to Serial1/0 192.168.24.4
&#42;Dec 27 16:07:49.794: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254, len 28, policy match
&#42;Dec 27 16:07:49.794: IP: route map RM-192, item 10, permit
&#42;Dec 27 16:07:49.794: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254 (Serial1/0), len 28, policy routed
&#42;Dec 27 16:07:49.794: IP: FastEthernet0/0 to Serial1/0 192.168.24.4
&#42;Dec 27 16:07:49.818: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254, len 28, policy match
&#42;Dec 27 16:07:49.818: IP: route map RM-192, item 10, permit
&#42;Dec 27 16:07:49.818: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254 (Serial1/0), len 28, policy routed
&#42;Dec 27 16:07:49.818: IP: FastEthernet0/0 to Serial1/0 192.168.24.4
&#42;Dec 27 16:07:49.838: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254, len 28, FIB policy rejected(no match) - normal forwarding
&#42;Dec 27 16:07:49.870: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254, len 28, FIB policy rejected(no match) - normal forwarding
&#42;Dec 27 16:07:49.926: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254, len 28, FIB policy rejected(no match) - normal forwarding
&#42;Dec 27 16:07:49.966: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254, len 28, FIB policy rejected(no match) - normal forwarding
&#42;Dec 27 16:07:50.022: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254, len 28, FIB policy rejected(no match) - normal forwarding
&#42;Dec 27 16:07:50.074: IP: s=192.168.12.1 (FastEthernet0/0), d=192.168.34.254, len 28, FIB policy rejected(no match) - normal forwarding

My run config

R2#show run
Building configuration...

Current configuration : 1794 bytes
!
! Last configuration change at 16:06:59 UTC Sun Dec 27 2015
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
!
track 1 ip sla 1 reachability
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
ip policy route-map RM-192
speed auto
duplex auto
!
interface FastEthernet0/1
ip address 192.168.23.2 255.255.255.0
speed auto
duplex auto
!
interface Serial1/0
ip address 192.168.24.2 255.255.255.0
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
!
router eigrp 100
network 192.168.12.0
network 192.168.23.0
network 192.168.24.0
redistribute static metric 2048 2000 255 1 1500
passive-interface FastEthernet0/0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 1.1.1.0 255.255.255.0 FastEthernet0/0
!
ip access-list extended ACL-192
permit ip 192.168.12.0 0.0.0.255 host 192.168.34.254 log
!
ip sla 1
icmp-echo 192.168.34.254
threshold 500
timeout 500
frequency 1
ip sla schedule 1 life forever start-time now
!
route-map RM-192 permit 10
match ip address ACL-192
set ip next-hop verify-availability 192.168.24.4 1 track 1
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
!
end

&amp;nbsp;

My routing table.

&amp;nbsp;

R2#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
S 1.1.1.0 is directly connected, FastEthernet0/0
192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.12.0/24 is directly connected, FastEthernet0/0
L 192.168.12.2/32 is directly connected, FastEthernet0/0
192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.23.0/24 is directly connected, FastEthernet0/1
L 192.168.23.2/32 is directly connected, FastEthernet0/1
192.168.24.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.24.0/24 is directly connected, Serial1/0
L 192.168.24.2/32 is directly connected, Serial1/0
D 192.168.34.0/24 [90/30720] via 192.168.23.3, 00:23:37, FastEthernet0/1

My stats

R2#show ip sla statistics
IPSLAs Latest Operation Statistics

IPSLA operation id: 1
Latest RTT: 24 milliseconds
Latest operation start time: 16:10:18 UTC Sun Dec 27 2015
Latest operation return code: OK
Number of successes: 2030
Number of failures: 0
Operation time to live: Forever
R2#show tr
R2#show track 1
Track 1
IP SLA 1 reachability
Reachability is Up
1 change, last change 21:33:29
Latest operation return code: OK
Latest RTT (millisecs) 24
Tracked by:
ROUTE-MAP 0
R2#show access
R2#show access-li
R2#show access-lists
Extended IP access list ACL-192
10 permit ip 192.168.12.0 0.0.0.255 host 192.168.34.254 log (131 matches)