IP SLA: Configuration and Verification Guide for CCNP ENCOR

IP SLA: Configuration and Verification Guide for CCNP ENCOR

Why IP SLA is Important

IP Service Level Agreement (IP SLA) is a critical network management tool in modern enterprises. Here's why it matters:

• Proactive Monitoring: IP SLA enables proactive monitoring of network performance rather than reactive troubleshooting after issues occur
• Application Performance: It measures metrics directly relevant to application performance and user experience
• End-to-End Visibility: Provides visibility across the entire network path, not just individual links
• SLA Validation: Helps validate that service providers are meeting contractual Service Level Agreements
• Network Optimization: Data from IP SLA can inform network design and optimization decisions
• Quick Failover: Triggers rapid failover mechanisms when network degradation is detected
• Bandwidth Optimization: Identifies opportunities to better utilize available bandwidth

What is IP SLA?

IP SLA is a Cisco technology that measures network performance by generating synthetic traffic between network devices and measuring response times, packet loss, jitter, and other key performance indicators (KPIs).

Key Characteristics:

• Uses active monitoring (generates test traffic)
• Measures round-trip time (RTT)
• Calculates jitter and packet loss
• Runs scheduled tests at configurable intervals
• Provides statistics and history tracking
• Can trigger actions based on threshold violations
• Supports various protocols: ICMP, UDP, TCP, HTTP, DNS, DHCP, and more

How IP SLA Works

Core Architecture:

IP SLA operates using a client-responder model where:

• Source Device (Responder): The router running the IP SLA operation sends probe packets
• Destination Device (Target): Receives the probes and may send responses back
• IP SLA Agent: Runs on the source device and generates test traffic according to configured schedules
• IP SLA Responder: A lightweight process on the destination that responds to probe packets (optional for some operation types)

Operation Flow:

1. Configure an IP SLA operation with specific parameters (operation type, destination, frequency)
2. Schedule the operation to run at specified intervals
3. The IP SLA agent generates synthetic test packets at the scheduled time
4. Test packets travel through the network to the destination
5. Destination responds (if responder mode is enabled) or packet is simply processed
6. Source device measures response time, packet loss, and other metrics
7. Statistics are collected, averaged, and stored
8. If thresholds are exceeded, actions can be triggered (notifications, route changes)
9. Results can be viewed and analyzed for network performance assessment

Key Metrics Measured:

• RTT (Round Trip Time): Time from sending probe to receiving response, measured in milliseconds
• Jitter: Variance in packet delay, indicates network stability
• Packet Loss: Percentage of probes that don't receive responses
• MOS (Mean Opinion Score): For voice operations, predicts voice quality (0-5 scale)
• ICPIF (Implicit Code Excitation Linear Prediction Impairment Factor): Used to calculate MOS for voice

Common IP SLA Operation Types

Different operation types measure different aspects of network performance:

• ICMP Echo: Simplest type, uses ICMP ping to measure RTT and packet loss. Doesn't require responder.
• ICMP Path Echo: Traces path to destination and measures RTT to each hop
• ICMP Path Jitter: Measures jitter along the entire path to destination
• UDP Echo: Measures RTT using UDP probes, provides more control than ICMP
• UDP Jitter: Specifically designed to measure jitter and packet loss for VoIP applications
• TCP Connect: Measures TCP connection establishment time
• HTTP: Measures response time for HTTP requests
• DNS: Measures DNS query response time
• DHCP: Measures DHCP server response time
• DLSw (Data Link Switching): For monitoring legacy protocols

IP SLA Configuration

Basic Configuration Steps:

Step 1: Create the IP SLA Operation

Enter IP SLA configuration mode and specify operation number and type:

Router(config)# ip sla
Router(config-ip-sla)#

Step 2: Configure Operation-Specific Parameters

Parameters vary by operation type. Common ones:

• destination-ip-address: Target IP for the probe
• destination-port: Target port (for UDP/TCP operations)
• source-address: Source IP for probes
• frequency: How often to run the operation (seconds)
• timeout: How long to wait for response (milliseconds)
• threshold: Alert threshold for RTT

Step 3: Configure Scheduling

Router(config)# ip sla schedule start-time life

Step 4: Enable IP SLA Responder (if needed)

Router(config)# ip sla responder

Configuration Example:

Router(config)# ip sla 1
Router(config-ip-sla)# icmp-echo 192.168.1.1
Router(config-ip-sla)# frequency 60
Router(config-ip-sla)# timeout 5000
Router(config-ip-sla)# threshold 150
Router(config-ip-sla)# exit
Router(config)# ip sla schedule 1 start-time now life forever

IP SLA Verification

Key Verification Commands:

• show ip sla configuration: Displays all configured IP SLA operations
• show ip sla statistics: Shows current statistics and results
• show ip sla statistics : Detailed stats for specific operation
• show ip sla responder: Confirms responder is active and listening
• show ip sla summary: Quick overview of all operations and their status
• show ip sla operation: Shows detailed operation configuration
• debug ip sla error: Troubleshooting IP SLA issues

Interpreting Output:

When viewing show ip sla statistics output, look for:

• Latest RTT: Most recent round-trip time
• Minimum/Average/Maximum RTT: Performance statistics
• Latest Jitter: Most recent jitter measurement
• Packet Loss: Percentage of lost probes
• Status: Whether operation is active (Active, Not Running, etc.)
• Timeout Occurrences: Number of times probes timed out

Advanced IP SLA Features

Tracking with IP SLA:

IP SLA can trigger actions when thresholds are violated by integrating with object tracking:

• Create a track object based on IP SLA operation
• Use tracked object in static routes or ACLs
• Automatically failover when SLA thresholds are exceeded
• Dynamic routing decisions based on real-time network performance

Router(config)# track 1 ip sla 1 reachability
Router(config)# ip route 10.0.0.0 255.255.255.0 192.168.1.2 track 1

Multi-operation Monitoring:

Run multiple IP SLA operations simultaneously to measure different paths and services, providing comprehensive network visibility.

Exam Tips: Answering Questions on IP SLA Configuration and Verification

Tip 1: Understand Operation Types

Exam questions often ask which operation type to use for specific scenarios. Remember:

• ICMP Echo for simple connectivity checks (no responder needed)
• UDP Jitter for VoIP quality monitoring
• TCP Connect for application availability
• HTTP for web service monitoring
• Use responder-based operations (like UDP Echo) when you need active measurement of application-specific paths

Tip 2: Know Configuration Syntax

Be familiar with the command structure:

• Configuration always starts with ip sla [number]
• Operation type and destination are specified in sla config mode
• Scheduling is separate: ip sla schedule
• Responder is enabled globally: ip sla responder
• Common mistake: Forgetting to schedule the operation after configuring it

Tip 3: Differentiate Between SLA Agent and Responder

Exam often tests understanding of roles:

• Agent (Source): Initiates probes, measures metrics, generates statistics
• Responder (Destination): Passively listens and responds to incoming probes
• Some operations need responder active on destination, others don't
• ICMP Echo doesn't require responder; UDP operations typically do

Tip 4: Focus on Practical Scenarios

Exam questions often present real-world scenarios. Think about:

• Monitoring WAN link performance between branch and headquarters
• Detecting network degradation to trigger automatic failover
• Validating that a service provider meets contracted SLA
• Monitoring VoIP quality over the network
• Measuring jitter for real-time applications

Tip 5: Understand Thresholds and Actions

Questions may ask what happens when SLA thresholds are exceeded:

• Thresholds are configured per operation
• When exceeded, the operation status changes
• Tracking can be triggered based on SLA operation results
• SNMP traps can be sent for alerting
• This enables automated failover without human intervention

Tip 6: Key Metrics to Remember

Be ready to explain what these mean:

• RTT: End-to-end latency (lower is better)
• Jitter: Variation in latency (lower is better, critical for voice)
• Packet Loss: Percentage of failed probes (0% is ideal)
• MOS: Voice quality score (>4.0 is acceptable for voice)

Tip 7: Verification Command Recognition

Exam may show output and ask you to identify issues. Know what to look for:

• Check if operation is Active or Not Running
• Look for high RTT or jitter values
• Identify timeout occurrences indicating packet loss
• Verify responder status with show ip sla responder
• Understand that "Completion time exceeded" means operation timed out

Tip 8: Common Exam Scenarios

• Scenario 1: "You need to monitor VoIP quality. Which operation type?" Answer: UDP Jitter (measures jitter and MOS)
• Scenario 2: "Configure monitoring between two routers. Do you need responder on both?" Answer: No, only on destination
• Scenario 3: "You configured IP SLA but it never runs. What's missing?" Answer: The ip sla schedule command
• Scenario 4: "RTT is 200ms. Is this acceptable?" Answer: Depends on application. VoIP needs <100ms one-way
• Scenario 5: "How do you make IP SLA trigger failover?" Answer: Use object tracking to associate SLA with static routes

Tip 9: Frequency and Timeout Configuration

Understand the relationship:

• Frequency: How often to run the operation (typical: 60 seconds)
• Timeout: How long to wait for a response (must be less than frequency)
• If timeout is too aggressive, legitimate high-latency responses are marked as failures
• Set timeout to be 2-3 times expected RTT

Tip 10: Integration with Dynamic Routing

Advanced questions may ask about combining IP SLA with routing:

• Create track object from SLA operation
• Apply track to static route reliability metric
• Route preference changes based on SLA results
• Enables dynamic failover to backup path when primary degrades

Tip 11: Watch for Configuration Errors in Questions

Exam may present incorrect configurations and ask you to spot the error:

• Missing schedule command (operation configured but not scheduled)
• Responder required but not enabled on destination
• Frequency and timeout misconfiguration
• Wrong operation type for the requirement
• Source address configured but shouldn't be (for simple operations)

Tip 12: Scheduling Strategies

Know different scheduling options:

• start-time now: Begins immediately
• start-time pending: Waits for manual start
• life forever: Runs indefinitely
• life [seconds]: Runs for specified duration
• Questions may ask about scheduling best practices

Tip 13: Multi-Hop Path Monitoring

Remember path-based operations:

• ICMP Path Echo measures to each hop
• ICMP Path Jitter shows jitter per hop
• Useful for identifying problematic segments in network
• Different from basic operations that measure end-to-end only

Test-Taking Strategy:

1. Read the requirement carefully: Is the question about configuration, verification, or troubleshooting?
2. Identify the scenario type: Link monitoring, application monitoring, VoIP quality, or failover capability?
3. Match to IP SLA feature: Does IP SLA directly address the requirement?
4. Consider responder implications: If two Cisco devices, responder needed; if measuring to non-Cisco, may use simpler operation
5. Think about verification: What show command would confirm the configuration is working?
6. Evaluate completeness: Scheduling + configuration = complete setup
7. Review for common mistakes: Missing scheduler, wrong operation type, improper threshold values

Final Exam Reminders:

• IP SLA measures active synthetic traffic, not passive monitoring
• Always schedule operations explicitly
• RTT, jitter, and packet loss are the main metrics
• VoIP and real-time applications demand low jitter and low packet loss
• Responder is passive; agent is active
• Integration with tracking enables intelligent failover
• Different operation types serve different purposes
• Configuration without scheduling = non-functional setup