cancel
Showing results for 
Search instead for 
Did you mean: 

Configure IP SLA + PBR

Configure IP SLA + PBR

SOUILAH_Mohamed
New Contributor
Hello,

I have to migrate from CISCO routers 1941 to Extreme X670, the routing configuration is as follows:
We have two outputs, one is for the business flow and the other is for the internet, if one link falls the other will replace it, for this we have to configure a PBR + SLA.
Here is the CISCO configuration:

************* Config Tracking *******************

track 100 ip sla 100
track 101 ip sla 101
track 150 list boolean or
object 100
object 101
track 300 ip sla 300
track 301 ip sla 301
track 350 list boolean or
object 300
object 301

************** Config SLA *********************

ip sla 100
icmp-echo 10.x.x.x source-interface Loopback2
threshold 1500
timeout 1500
frequency 2
ip sla schedule 100 life forever start-time now
ip sla 101
icmp-echo 10.x.x.x source-interface Loopback2
threshold 1500
timeout 1500
frequency 2
ip sla schedule 101 life forever start-time now
ip sla 300
icmp-echo 10.x.x.x source-interface Loopback1
threshold 1500
timeout 1500
frequency 2
ip sla schedule 300 life forever start-time now
ip sla 301
icmp-echo 10.x.x.x source-interface Loopback1
threshold 1500
timeout 1500
frequency 2
ip sla schedule 301 life forever start-time now

******************* Config Route-Map ********************

route-map FluxMetier deny 5
match ip address flux-intra-UP
!
route-map FluxMetier permit 10
match ip address DSCP-IN-D1INP
set ip next-hop verify-availability 172.x.x.x 1 track 350
!
route-map FluxMetier permit 20
match ip address DSCP-IN-D2INP
set ip next-hop verify-availability 172.x.x.x 1 track 350
!
route-map FluxMetier permit 40
match ip address inter-UP
set ip next-hop verify-availability 172.x.x.x 1 track 350
!
route-map FluxMetier permit 50
match ip address meca-up-LUG
set ip next-hop verify-availability 172.x.x.x 1 track 350
!
route-map STATIC-TO-OSPF permit 40
match tag 201
!

****************** Config Routage statique ****************

ip route 0.0.0.0 0.0.0.0 172.x.x.x 10 name Cxxx track 150
ip route 0.0.0.0 0.0.0.0 172.x.x.x 20 name Oxx track 350
ip route 10.x.x.x 255.255.255.255 172.x.x.x name UP-PBR-Mxxxxxx
ip route 10.x.x.x 255.255.255.255 172.x.x.x name UP-PBR-Mxxxxxx
ip route 10.x.x.x 255.255.255.255 172.x.x.x name UP-PBR-Cxxxxxxxx
ip route 10.x.x.x 255.255.255.255 172.x.x.x name UP-PBR-Cxxxxxxxx
ip route 172.x.x.x 255.255.255.0 172.x.x.x tag 201 name Ixxxxxx-Pxxxxxxxxxxx
!

My questions :

I am a beginner on ExtremeNetworks, and on the internet, I learned that to do this I have to write scripts, can you help me to write this script knowing that I never Written Scripts before (except ACL)

Thank you sincerely for your help, my situation is really critical and urgent.

Best regards.
10 REPLIES 10

SOUILAH_Mohamed
New Contributor
thanks a lot for your help I'll try to understand your script and adapt it to my need. I will come back to you in case of need

Matthew_Helm1
Extreme Employee
I can work on a more thorough example that more closely resembles your use case later today.

Matthew_Helm1
Extreme Employee
Here is an example where the switch has two paths and if the target address is not reachable for anyone path, that path is removed (the port is disabled). The mechanics should be very similar to what you want to do with the exception that routes would be deleted.

While this does not do exactly with what you need, please take a look at this as an example of how scripting like this would work (including the UPM timer mechanism).

create upm profile pingchk1set var target 10.0.0.1
set var source 10.0.10.1
set var gw 10.0.10.2
set var gwp 3
disable clip
set var cli.out 0
ping count 2 $target from $source
set var s $TCL(split ${cli.out} "\n")
set var i $TCL(lsearch $s *0\ packets\ received,*)
if ($i < 0) then
disable port $gwp
set var msg $TCL(concat "\"" ""Route failed via gateway"" $gw ""! Disabled port "" $gwp \"" \"")
create log message $msg
unconfig upm timer pingchk1
endif
.
create upm profile pingchk2
set var target 10.0.0.1
set var source 10.0.20.1
set var gw 10.0.20.2
set var gwp 2
set var cli.out 0
ping count 2 $target from $source
set var s $TCL(split ${cli.out} ""\n"")
set var i $TCL(lsearch $s *0\ packets\ received,*)
if ($i < 0) then
disable port $gwp
set var msg $TCL(concat \"" \"" ""Route failed via gateway"" $gw ""! Disabled port "" $gwp \"" \"")
create log message $msg
unconfig upm timer pingchk2
endif
.
create upm timer pingchk1
configure upm timer pingchk1 profile pingchk1
configure upm timer pingchk1 after 1 every 3
create upm timer pingchk2
configure upm timer pingchk2 profile pingchk2
configure upm timer pingchk2 after 1 every 3

"

SOUILAH_Mohamed
New Contributor
Can any one help me please

SOUILAH_Mohamed
New Contributor
Hello,

Thank you for your reply.

After verification, I do not think the Ping-Protection feature can meet our needs, in addition to that, we use XOS 16.1.3.

For the Script, I will explain how it was configured on CISCO:

Two Loopback addresses were determined for each stream type (business stream and internet confore stream)

Both addresses are mentioned in the "IP SLA" commands (two addresses correspond to two routers in our Data Center).

Track 150 and 350 determine the conditions: if one of the two static routes falls, the connection is switched.

(This is the result of track 150 for example which brings together the 100 or the 101)

Afterwards, nothing obliged to follow the CISCO concept, we can propose an alternative solution that works well too.

Last remark: We have no precise conditions determining what the loss of a static route means, we can fix this in the script

Thank you again for your help.

GTM-P2G8KFN