Reliable PBR with IP SLA

lagapidis · October 8, 2020, 10:02am

Hello Chris

Yes, that would make sense. In this way, you are also evaluating the state of the S1/0 interface on R4. If either interface on R4 goes down, the SLA will fail, and routing will be rerouted.

I hope this has been helpful!

Laz

samirkhair · December 13, 2020, 5:09pm

Hi,

What happens if you have another entry e.g.:

route-map PBR permit 20
ip next-hop x.x.x.x

If the tracked next-hop in entry 10 is down, will it continue through the PBR and use the next-hop for entry 20, or go straight to the routing table?

Thanks,

Sam

I had a think, and would be right in assuming that it wouldn’t continue because the match commands were met? And it just doesn’t use the next-hop because it is down.

lagapidis · December 16, 2020, 5:57am

Hello Samir

Yes, you are right. Even if the tracked next-hop fails, the first match statement is fulfilled, so the route map stops searching because it has found a match. So even if you put in your statement 20, traffic to the HTTP server would never be matched by this. But other traffic would be matched, so your permit 20 statement would apply to all traffic except the IP address of the HTTP server. Remember that if you don’t have a match statement, then the statement matches everything.

You can find out more details about route maps in general at the following lesson:

I hope this has been helpful!

Laz

samirkhair · December 17, 2020, 9:22pm

Thanks, yes it was very helpful. Am I also right in saying that for route-maps used in PBR, any non-routing set commands - e.g. set ip precedence - are still carried out even if the tracked next hop is down?

lagapidis · December 19, 2020, 11:36am

Hello Samir

Only the set commands found within a route map that reference a particular tracked object will be affected by the status of that tracked object. So yes, any additional set commands that don’t reference the (failed) tracked object will be applied normally.

I hope this has been helpful!

Laz

samirkhair · December 19, 2020, 3:50pm

Yes, thanks for clearing that up.

ernesttelecom · October 13, 2022, 4:03pm

Hello Rene and Lazaros,

Would tracking an IP other than the nexthop be valid? For example 8.8.8.8 on the Internet?

Thanks!

lagapidis · October 16, 2022, 5:25am

Hello Ernesto

Yes, that would be valid. In each case, you have to examine the conditions under which the SLA could fail. This is not readily percievable, and has some subtleties that you should keep in mind.

If you track only the next hop, then any downstream failure will not be examined at all in your choice of next hop. Only if the directly connected neighbor fails will the SLA fail, and thus an alternate route is chosen. However, if you track 8.8.8.8, and a downstream router fails, the SLA will fail, and a reroute will take place.

If the purpose of the next hop router is only to reach the Internet, then yes, tracking 8.8.8.8 is fine. But if that router is used to reach other parts of your internal network, then it is best to track the next hop only. Otherwise, if your ISP fails, it will trigger the SLA, and you’ll be rerouting internal traffic for no reason. Does that make sense?

I hope this has been helpful!

Laz