IP Service Level Agreements (SLA) , Embedded Event Manager (EEM) and Policy-Based Routing (PBR) in Cisco IOS

Objective: The PBR policy will be removed facing Uplink-Router once it detected that the server is unreachable.
Policy-based routing (PBR) is a method used to make routing decisions based on policies.
Scenario: Server1 providing web caching to customers for faster web page loading. Since there is route-map in place to route their http/https traffic to the next hop which is Server1, what if this server suddenly goes down?, the expected behaviour is  the customer won’t be able to access websites.
1. Configure ACL for http/https
ip access-list extended  ACL-WEB
 permit tcp any any eq www
 permit tcp any any eq 443
2. Configure the route-map to match the ACL for http/https and set next-hop to the Server1 that provides the web caching services
route-map ROUTE-MAP-PBR permit 10
 match ip address ACL-WEB
 set ip next-hop
3. Configure the IP and apply the PBR in this interface as it is facing the customers. (Assumption: L3 routing is configured between Router1 and Uplink-Router e.g. IGP or BGP)
interface fa0/0
 description Connection to Uplink-Router
 ip address
 ip policy route-map ROUTE-MAP-PBR
 load-interval 30
4. Configure the SVI to become the Server’s Gateway IP
vlan 100
 name Server Farm Vlan
interface Vlan100
 description Server Gateway
 ip address
 ip verify unicast source reachable-via any
 load-interval 30
5. Configure L2 for interface facing Server-Switch
interface fa1/0
 description Server-Switch
 switchport access vlan 100
 switchport mode access
 load-interval 30
 spanning-tree portfast
Solution: Setup IP SLA to track the Server1 network reachability. If server is down, event manager will kicks in as it tracks the IP SLA (track 1)
A. Configure IP SLA:
ip sla schedule 1 life forever start-time now
track 1 ip sla 1 reachability
ip sla 1
 icmp-echo source-ip
 threshold 500
 timeout 500
 frequency 5
 For IP SLAs operations, the following configuration guideline is recommended:
(frequency seconds ) > (timeout milliseconds ) > (threshold milliseconds )
B. Configure Event manager:
 event manager session cli username “admin”
 event manager applet PBR-REMOVE
 event track 1 state down
 trigger occurs 1
 action 1.0 cli command “enable”
 action 1.1 cli command “configure terminal”
 action 1.2 cli command “interface fa0/0”
 action 1.3 cli command “no ip policy route-map ROUTE-MAP-PBR”
 action 1.4 cli command “exit”
 action 1.5 syslog msg “Server Unreachable. PBR removed”
What does this do?
It is like a script:
login as username “admin” (local account) that is authorized to run all of the CLI commands. EEM does not require authentication, so need to add password. Execute the following:
configure terminal
interface fa0/0
no ip policy route-map ROUTE-MAP-PBR
After this is done, it will send a log saying “Server Unreachable. PBR removed”
Any keyword will do, then can use to trigger NMS server to alerts once received that log

Be First to Comment

Leave a Reply