📘CCNP Encore (350-401-ENCORE-v1.1)
1. What is IP SLA?
IP SLA (IP Service Level Agreement) is a Cisco IOS feature that allows network devices (routers and switches) to:
- Actively test network performance
- Measure quality of network paths
- Detect problems before users complain
IP SLA works by sending test traffic (called probes) from one device to another and measuring the results.
Key idea (exam important):
IP SLA performs active monitoring, not passive monitoring.
2. Why IP SLA Is Needed
In enterprise networks, links and services may appear “up” but still perform poorly.
IP SLA helps to:
- Measure delay, jitter, packet loss, and availability
- Verify that critical services (DNS, HTTP, VoIP, routing paths) are working
- Support intelligent routing decisions
- Trigger failover when performance degrades
3. IP SLA vs Traditional Monitoring
| Traditional Monitoring | IP SLA |
|---|---|
| Checks interface up/down | Measures real performance |
| Reactive (after failure) | Proactive (before failure) |
| Uses SNMP counters | Sends real test traffic |
| No service awareness | Service-aware testing |
4. How IP SLA Works (Step by Step)
- A source device runs an IP SLA operation
- It sends probe packets to a destination
- The destination may respond (depending on operation type)
- The source device measures results
- Results are stored and can be:
- Viewed with CLI
- Exported via SNMP
- Used by tracking or routing decisions
5. Common IP SLA Operations (Exam Focus)
IP SLA supports many operation types. You must know the main ones.
5.1 ICMP Echo (Most Common)
- Similar to a ping
- Measures:
- Reachability
- Round-trip time (RTT)
- Packet loss
Used for:
- Basic link monitoring
- Tracking next-hop reachability
Exam keyword: icmp-echo
5.2 UDP Jitter (VoIP Monitoring)
- Sends UDP packets and measures:
- Delay
- Jitter
- Packet loss
Used for:
- Voice and video quality monitoring
- Real-time application testing
Exam keyword: udp-jitter
5.3 TCP Connect
- Tries to establish a TCP session
- Verifies application-level availability
Used for:
- Checking if services like HTTP, HTTPS, FTP are reachable
Exam keyword: tcp-connect
5.4 HTTP / HTTPS Operations
- Sends HTTP/HTTPS requests
- Verifies web service availability and response time
Used for:
- Monitoring internal or external web servers
5.5 DNS Operation
- Sends DNS queries
- Measures response time and success
Used for:
- Checking DNS server health
6. Key Performance Metrics Measured by IP SLA
You must recognize these terms for the exam:
| Metric | Meaning |
|---|---|
| RTT (Round-Trip Time) | Time for packet to go and return |
| One-way delay | Time in one direction |
| Jitter | Variation in delay |
| Packet loss | Dropped packets |
| Availability | Reachable or not |
| Response time | Service reply speed |
7. IP SLA Components (Exam Critical)
7.1 IP SLA Operation
- A numbered test instance
- Each operation has:
- Type (ICMP, UDP, TCP, etc.)
- Destination
- Frequency
Example:
ip sla 1
7.2 Scheduling the Operation
IP SLA does nothing until scheduled.
You must schedule it using:
ip sla schedule
Options:
- Start immediately
- Start at a specific time
- Run forever or for a limited duration
7.3 Frequency
Defines how often probes are sent.
Example:
frequency 10
→ Probe sent every 10 seconds
8. Basic IP SLA Configuration (Step by Step)
Step 1: Create IP SLA Operation
ip sla 1
icmp-echo 192.168.1.1
frequency 5
Step 2: Schedule the Operation
ip sla schedule 1 life forever start-time now
Without this step → IP SLA will not run (exam favorite trap).
9. Verifying IP SLA (Very Important for Exam)
You must know verification commands.
9.1 Show IP SLA Summary
show ip sla summary
Shows:
- Operation ID
- Type
- Status (active/inactive)
9.2 Show IP SLA Statistics
show ip sla statistics
Shows:
- RTT
- Packet loss
- Success/failure count
9.3 Show Specific Operation
show ip sla statistics 1
10. IP SLA with Object Tracking (Very Important)
IP SLA is often used with Object Tracking.
Object Tracking:
- Converts IP SLA results into UP or DOWN status
- Other features can react to this status
Example:
track 1 ip sla 1 reachability
If IP SLA fails → track object goes DOWN.
11. IP SLA with Routing (Exam Scenario)
IP SLA is commonly used with:
- Static routes
- Policy-Based Routing
- HSRP
- Floating static routes
Example Concept:
- Primary link monitored by IP SLA
- If performance degrades:
- Track goes DOWN
- Route removed
- Backup path used
12. IP SLA with SNMP
IP SLA results can be:
- Polled using SNMP
- Sent to network monitoring systems
This allows:
- Graphing delay/jitter
- Alerting on thresholds
13. Thresholds and Reaction Configuration
IP SLA can define:
- Acceptable limits
- Trigger alerts when exceeded
Example metrics:
- Maximum delay
- Maximum packet loss
14. Source Interface and VRF (Advanced Exam Knowledge)
You can specify:
- Source interface
- Source IP
- VRF
Example:
icmp-echo 192.168.1.1 source-interface GigabitEthernet0/0
Useful in:
- Multi-VRF environments
- Multiple routing tables
15. Differences Between IP SLA and NetFlow (Exam Awareness)
| IP SLA | NetFlow |
|---|---|
| Active testing | Passive traffic analysis |
| Sends probes | Observes real traffic |
| Measures quality | Measures usage |
| Performance focused | Traffic flow focused |
16. Common Exam Mistakes to Avoid
- Forgetting to schedule IP SLA
- Confusing IP SLA with SNMP
- Thinking IP SLA is passive
- Not linking IP SLA with tracking
- Assuming ping = IP SLA (ping is manual, IP SLA is automated)
17. Key Exam Keywords to Remember
- Active monitoring
- Probe packets
- ICMP echo
- UDP jitter
- TCP connect
- Frequency
- Schedule
- Object tracking
- Performance measurement
- Proactive monitoring
18. Summary (For Quick Revision)
- IP SLA actively tests network performance
- Measures delay, jitter, packet loss, and availability
- Supports ICMP, UDP, TCP, HTTP, DNS
- Must be scheduled to run
- Can trigger routing and failover decisions
- Commonly used with tracking
- Verified using
show ip slacommands
