Any Cisco gurus in the house?
15 December 2009, 08:31 PM
#1
Moderator
Thread Starter
Join Date: Dec 1998
Location: Staffs
Posts: 23,573
Likes: 0
Received 0 Likes
on
0 Posts
Any Cisco gurus in the house?
I've spent half my day trying to get some IP SLA (VoIP UDP jitter) monitors working in IOS with no joy. 
I've got icmp-echo working but want the additional stat's the jitter tests can provide.
Anyone got these working on routers before?
I've got icmp-echo working but want the additional stat's the jitter tests can provide.Anyone got these working on routers before?
15 December 2009, 10:14 PM
#2
Scooby Regular
Join Date: Nov 2001
Posts: 2,576
Likes: 0
Received 0 Likes
on
0 Posts
Sorry Chris, I have never looked into that. We use a package called Prognosis that seems to do all that for us.
Saw something funny today that I haven't seen before. Fired up a Cat 4500 and saw this:
ROM: 12.2(44r)SG3
Darkside Revision 4, Jawa Revision 20, Tatooine Revision 140, Forerunner Revision 1.74
Saw something funny today that I haven't seen before. Fired up a Cat 4500 and saw this:
ROM: 12.2(44r)SG3
Darkside Revision 4, Jawa Revision 20, Tatooine Revision 140, Forerunner Revision 1.74
16 December 2009, 05:05 PM
#3
Scooby Regular
Join Date: Dec 2001
Location: Arborfield, Berkshire
Posts: 12,387
Likes: 0
Received 0 Likes
on
0 Posts
I only use the icmp-echo for HSRP tracking of ethernet WAN reachability so have not used it for Jitter. Do you have an issue with the configuration itself or the showing of the jitter stats?
I guess you already checked Cisco.com but in case you havent I found this page which mentions that you need to enable a responder on the target device before you can configure a jitter operation on the monitoring device:
http://www.cisco.com/en/US/prod/coll...cd804fb392.pdf
Cheers
Simon
I guess you already checked Cisco.com but in case you havent I found this page which mentions that you need to enable a responder on the target device before you can configure a jitter operation on the monitoring device:
http://www.cisco.com/en/US/prod/coll...cd804fb392.pdf
Cheers
Simon
16 December 2009, 05:17 PM
#4
Scooby Regular
not something basic like making sure debugging/monitoring is enabled and writing to the correct terminal
Last edited by hodgy0_2; 16 December 2009 at 05:27 PM.
17 December 2009, 09:20 AM
#5
Moderator
Thread Starter
Join Date: Dec 1998
Location: Staffs
Posts: 23,573
Likes: 0
Received 0 Likes
on
0 Posts
Thanks guys.
I've got a beefy Cisco document - 270 pages for a little bedtime reading.
The setup I'm trying to get it working on is a triangle of routers, with a VPN tunnel between each. I've tried adding "ip sla responder" but that didn't work, so I've also tried "ip sla responder udp-echo <ipaddress> port <port>". The Cisco doc's doesn't make it clear if the <ipaddress> should be ip address of the router sending the probe or the router which is the responder. I've tried both and it didn't work - one probe reports a timeout, the no-connection.
I'm not sure all is happy lower down the config though. I can ping from one router to the other, but I if traceroute from one router to a device behind another router (over the VPN), the first hop times-out and the 2nd hop is the device replying.
I've got a beefy Cisco document - 270 pages for a little bedtime reading.
The setup I'm trying to get it working on is a triangle of routers, with a VPN tunnel between each. I've tried adding "ip sla responder" but that didn't work, so I've also tried "ip sla responder udp-echo <ipaddress> port <port>". The Cisco doc's doesn't make it clear if the <ipaddress> should be ip address of the router sending the probe or the router which is the responder. I've tried both and it didn't work - one probe reports a timeout, the no-connection.
I'm not sure all is happy lower down the config though. I can ping from one router to the other, but I if traceroute from one router to a device behind another router (over the VPN), the first hop times-out and the 2nd hop is the device replying.
Trending Topics
17 December 2009, 02:53 PM
#8
Scooby Regular
do you have physical access to these devices
if you don't -- i.e. some are remote devices you might want to use the "reload in" command
especially if you are playing about with ACL's -- as you can loose connection -- but if you have set the "reload in" command to say 20 mins -- the router will reboot with it's original configuration and you will be able to re-connect
after a successful ACL change just undo the reload command
also what I would say is that VPN is a point to point technology, so you will not be able to ping any intermediate devices using the VPN tunnel
if you don't -- i.e. some are remote devices you might want to use the "reload in" command
especially if you are playing about with ACL's -- as you can loose connection -- but if you have set the "reload in" command to say 20 mins -- the router will reboot with it's original configuration and you will be able to re-connect
after a successful ACL change just undo the reload command
also what I would say is that VPN is a point to point technology, so you will not be able to ping any intermediate devices using the VPN tunnel
17 December 2009, 03:08 PM
#9
Scooby Regular
Join Date: Dec 2001
Location: Arborfield, Berkshire
Posts: 12,387
Likes: 0
Received 0 Likes
on
0 Posts
permit ip will be fine as encompasses all IP protocols including ICMP.
Can you ping that device behind your 2nd router as you mention you can ping between the routers but then change to tracing to the device behind.
Going back to the IP sla responder - if you check the link I posted it says you just configure using the command "rtr responder". Just tried this myself and looks like its a hidden command as not listed nor can you tab it out:
uuk205607-gw#conf t
Enter configuration commands, one per line. End with CNTL/Z.
uuk205607-gw(config)#rtr responder
uuk205607-gw(config)#^Z
It then adds this line to the running config:
ip sla monitor responder
Cheers
Simon
Can you ping that device behind your 2nd router as you mention you can ping between the routers but then change to tracing to the device behind.
Going back to the IP sla responder - if you check the link I posted it says you just configure using the command "rtr responder". Just tried this myself and looks like its a hidden command as not listed nor can you tab it out:
uuk205607-gw#conf t
Enter configuration commands, one per line. End with CNTL/Z.
uuk205607-gw(config)#rtr responder
uuk205607-gw(config)#^Z
It then adds this line to the running config:
ip sla monitor responder
Cheers
Simon
17 December 2009, 04:00 PM
#10
Moderator
Thread Starter
Join Date: Dec 1998
Location: Staffs
Posts: 23,573
Likes: 0
Received 0 Likes
on
0 Posts
Thanks for the tips Hodgy.
I've just picked up a 2651XM and a 2611XM (both 12.4 Advanced IOS) on eBay so I can test on my desk rather than on remote ADSL routers.
Simon, this is my SSH session on the router 192.168.10.1:
Going to leave the IP SLA till my little test setup arrives but I'm intrigued as to why the traceroute dies on the first hop.
I've just picked up a 2651XM and a 2611XM (both 12.4 Advanced IOS) on eBay so I can test on my desk rather than on remote ADSL routers.
Simon, this is my SSH session on the router 192.168.10.1:
Code:
newcastle#ping 192.168.30.11 source 192.168.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.30.11, timeout is 2 seconds: Packet sent with a source address of 192.168.10.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 72/72/76 ms newcastle#ping 192.168.30.1 source 192.168.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.30.1, timeout is 2 seconds: Packet sent with a source address of 192.168.10.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 72/75/80 ms newcastle#traceroute 192.168.30.11 source 192.168.10.1 Type escape sequence to abort. Tracing the route to 192.168.30.11 1 * * * 2 192.168.30.11 64 msec 68 msec 68 msec
Last edited by ChrisB; 17 December 2009 at 04:03 PM.
17 December 2009, 05:08 PM
#11
Scooby Regular
18 December 2009, 05:05 PM
#12
Scooby Regular
Join Date: Dec 2001
Location: Arborfield, Berkshire
Posts: 12,387
Likes: 0
Received 0 Likes
on
0 Posts
Or set the reload in xxxx, make your change without losing connection then get distracted with a phonecall etc only to realise you forgot to cancel the reload and the device reboots 
Ive managed that at least a couple of times lol
Simon
Ive managed that at least a couple of times lol
Simon
Thread
Thread Starter
Forum
Replies
Last Post
