IP SLA - Tracking

NotSam · June 2, 2015, 8:25am

Morning

Couldn’t find this on search so apologies if this has already been asked.

I come from Cisco world where I make use of IP SLA’s and tracking rules to manage routes. Is there a way to achieve the same result within VyOS?

Example for those who haven’t used IP SLA and track

[code]ip sla 1
icmp-echo 8.8.8.8 source-interface Fa0/1.430
timeout 1000
threshold 2
frequenet 5

ip sla schedule 1 life forever start-time now
[/code]

You could then create a track rule

then on a route you would just add track 1 to the end

If the IP SLA starts to return failure codes the route would be removed from the table, you could also add it to HSRP to decide which router should be live.

If there is a working solution on VyOS that would be great, I need the ability to remove routes based on reachability as I can’t run OSPF/BGP to every device.

Please let me know your thoughts.

carl.byington · June 2, 2015, 11:35pm

Try the HA_6.5R1_v01.pdf documentation for wan load balancing. I think that is the closest matching feature.

microlinux · June 3, 2015, 1:31am

You could probably do something with a script.

NotSam · June 3, 2015, 8:33am

I believe WAN load balancing will only work on a default route and will not allow for anything more specific but I have not fully tested it as of yet.

Take this for example

We have a customer coming into our datacentre over an interconnect, we also have a backup VPN (terminates on a desperate device). I would want the ability to monitor both routes for reachability so that I could remove route 1 (the interconnect) from the table if it goes down so traffic routes via the backup vpn.

carl.byington · June 3, 2015, 11:44pm

I use a script for that:

echo "*/5 * * * * root  cd / && run-parts --report /etc/cron.5minute" >>/etc/crontab
mkdir /etc/cron.5minute

And /etc/cron.5minute/monitor

#!/bin/bash

[ ! -f /tmp/enable.cron ] && exit

(
    # ping target via eth1
    dev=eth1
    cnt=15
    gw=$monitoraddress
    flag=/tmp/target.up
    recv=$(/bin/ping -c $cnt -I $dev -q -i 7 $gw | grep received | cut -d, -f2 | awk '{print $1}')
    if [ "$recv" -eq 0 ]; then
        if [ -f $flag ]; then
            echo "$d target seems down now $(date)"
            rm -f $flag
            cmd="configure
                 delete protocols static route 0.0.0.0/1
                 delete protocols static route 128.0.0.0/1
                 commit
                 save
                 exit
                 exit
            "
            echo "$cmd"
            echo "$cmd" | ssh -t -t vyatta@localhost 2>/dev/null >&1
            /usr/sbin/conntrack -F
            /usr/sbin/conntrack -F expect
        fi
    else
        if [ ! -f $flag ]; then
            echo "$d target seems up now $(date)"
            touch $flag
            cmd="configure
                 set protocols static route 0.0.0.0/1   next-hop $viaaddress
                 set protocols static route 128.0.0.0/1 next-hop $viaaddress
                 commit
                 save
                 exit
                 exit
            "
            echo "$cmd"
            echo "$cmd" | ssh -t -t vyatta@localhost 2>/dev/null >&1
            /usr/sbin/conntrack -F
            /usr/sbin/conntrack -F expect
        fi
    fi
) >>/tmp/yyy