HSRP Using SLA with Boolean Tracks

Recently, I was at a cutomer’s location that wanted to track an ISP based on multiple locations (e.g. 4.2.2.2 and 8.8.8.8). The customer wanted to make sure that IF 1 of the 2 DNS servers we were pinging, it would not fail-over, however if BOTH pings were lost, then initiate the fail-over.

Scenario:

Router 1
LAN Side: 1.1.68.1/24
Standby IP 1.1.68.254

Router 2
LAN Side: 1.1.68.2/24
Standby IP 1.1.68.254

First we will create the first SLA which will ping 4.2.2.2 from interface G0/0/0 and we will schedule it forever starting ‘now’

ip sla 2
icmp-echo 4.2.2.2 source-interface GigabitEthernet0/0/0
owner Manny Fernandez
frequency 30

ip sla schedule 2 life forever start-time now

Now we will do the same for the second SLA to 8.8.8.8 from the same interface and we will start that one now as well.

ip sla 3
icmp-echo 8.8.8.8 source-interface GigabitEthernet0/0/0
owner Manny Fernandez
frequency 30

ip sla schedule 3 life forever start-time now

Now we will create the ‘track’ objects:

track 2 ip sla 2 reachability
!
track 3 ip sla 3 reachability

Lastly, we will create the boolean configuration:

track 1 list boolean and
object 2
object 3

The above combines the two tracks and uses the ‘and’ not ‘or’ logical operator.

Now we will configure the HSRP side.

Router 1 will be the primary where the SLA will be run.

interface GigabitEthernet0/0/1
description !!! ISP 1 !!!
ip address 1.1.68.1 255.255.255.0
standby 0 track 1 decrement 20
standby 1 ip 1.1.68.254
standby 1 priority 110
standby 1 preempt
negotiation auto

If you look at the priority on router 1, it is set to 110. In HSRP, the highest priority becomes the ‘active’ router. Based on my config example, if track 1 is ‘down’ (meaning that BOTH 4.2.2.2 and 8.8.8.8 do not respond to ping), it will ‘decrement 20’ making it prioroty of 90.

interface GigabitEthernet0/0/1
description !!! ISP2 !!!
ip address 1.1.68.2 255.255.255.0
standby 1 ip 1.1.68.254
standby 1 priority 95
negotiation auto

Since Router 1 has ‘preempt’ enabled, it will continue to try to communicate with the two DNS servers. Once the track become ‘up’, it will fail back.

So what will happen here:
*Router 1 will be the active router in the HSRP configuration
*Router 2 will be standby.
*Router 1’s reachability will determine who remains as ‘active’.
*If BOTH Track 2 and Track 3 go down, the priority of router 1 will decrement by 20 making it less than router 2’s priority of 95.
*Once BOTH track 2 and track 3 change to ‘up’ (meaning R1 was able to ping BOTH 4.2.2.2 and 8.8.8.8), the priority will change back to 110 making R1 the active router.