CISCO SD-WAN Track Static Routes for Service VPNs User Guide

: June 15, 2024
: Cisco

Table of Contents

CISCO SD-WAN Track Static Routes for Service VPNs
Product Information
Product Usage Instructions
Information About Static Route Tracking
Workflow to Configure IPv4 Static Route Tracking
Configure Static Routes Using CLI
Configuration Examples for Static Route Tracking Using the CLI
Verify Static Route Tracking Configuration Using CLI
References
Read User Manual Online (PDF format)
Download This Manual (PDF format)

CISCO SD-WAN Track Static Routes for Service VPNs

CISCO-SD-WAN-Track-Static-Routes-for-Service-VPNs-PRO

Product Information

The product is a feature called “Track Static Routes for Service VPNs” that is available in Cisco IOS XE Catalyst SD-WAN Release 17.3.1a and Cisco vManage Release 20.3.1. It allows users to configure IPv4 static route endpoint tracking for service VPNs. Endpoint tracking determines the reachability of the configured endpoint before adding the route to the device’s route table. Additionally, there is a feature called “TCP/UDP Endpoint Tracker and Cisco IOS XE Catalyst SD-WAN Dual Endpoint Static Route Tracker” available in Release 17.7.1a for Cisco IOS XE Catalyst SD-WAN devices and Cisco vManage Release 20.7.1. This feature enables users to configure TCP/UDP static route endpoint trackers and configure IPv4, TCP/UDP dual endpoint static-route tracker groups for service VPNs to enhance probe reliability.

Supported Platforms
The Track Static Routes for Service VPNs feature is supported on specific platforms.

Restrictions for IPv4 Static Route Tracking

Delete any existing static route that is already configured without a tracker. Plan for connectivity downtime during this step.
Configure a new static route with a tracker using the same prefix and next-hop as the deleted static route.

Product Usage Instructions

Workflow to Configure IPv4 Static Route Tracking

Configure an endpoint tracker using the System template.
Configure a static route using the VPN template.
Apply the tracker to the next-hop address.

Create a Static Route Tracker
To create a tracker for static routes, follow these steps:

From the Cisco SD-WAN Manager menu, choose Configuration > Templates.
Click Feature Templates. (In Cisco vManage Release 20.7.x and earlier releases, it is titled Feature.)
Navigate to the Cisco System template for the device.
Click Tracker, and then click New Endpoint Tracker to configure the tracker parameters.

Tracker Parameters

Field Name	Description
Name	The name of the tracker. It can be up to 128 alphanumeric

characters.
Threshold| The threshold value for the tracker.
Interval Multiplier| The interval multiplier value for the tracker.
Tracker Type| The type of tracker.
Endpoint Type| The type of endpoint for the tracker.

FAQ

Q: What is the purpose of the Track Static Routes for Service VPNs feature?
A: The purpose of this feature is to enable users to configure IPv4 static route endpoint tracking for service VPNs. It helps determine the reachability of configured endpoints before adding routes to the device’s route table.
Q: What is the difference between the Track Static Routes for Service VPNs feature and the TCP/UDP Endpoint Tracker and Cisco IOS XE Catalyst SD-WAN Dual Endpoint Static Route Tracker feature?
A: The Track Static Routes for Service VPNs feature focuses on configuring IPv4 static route endpoint tracking, while the TCP/UDP Endpoint Tracker and Cisco IOS XE Catalyst SD-WAN Dual Endpoint Static Route Tracker feature allows users to configure TCP/UDP static route endpoint trackers and dual endpoint static-route tracker groups to enhance probe reliability.

Note To achieve simplification and consistency, the Cisco SD-WAN solution has been rebranded as Cisco Catalyst SD-WAN. In addition, from Cisco IOS XE SD-WAN Release 17.12.1a and Cisco Catalyst SD-WAN Release 20.12.1, the following component changes are applicable: Cisco vManage to Cisco Catalyst SD-WAN Manager, Cisco vAnalytics to Cisco Catalyst SD-WANAnalytics, Cisco vBond to Cisco Catalyst SD-WAN Validator, and Cisco vSmart to Cisco Catalyst SD-WAN Controller. See the latest Release Notes for a comprehensive list of all the component brand name changes. While we transition to the new names, some inconsistencies might be present in the documentation set because of a phased approach to the user interface updates of the software product.

Table 1: Feature History

Feature Name	Release Information	Description
Static Route Tracker for Service VPNs	Cisco IOS XE Catalyst SD-WAN Release
17.3.1a Cisco vManage Release 20.3.1	This feature enables you to configure

IPv4 static route endpoint tracking for service VPNs.

For static routes, endpoint tracking determines whether the configured endpoint is reachable before adding that route to the route table of the device.

TCP/UDP Endpoint Tracker and Dual Endpoint Static Route Tracker for Cisco IOS XE Catalyst SD-WAN devices| Cisco IOS XE Catalyst SD-WAN Release 17.7.1a Cisco vManage Release 20.7.1| This feature enables you to configure the TCP/UDP static route endpoint trackers. Using this feature you can also configure IPv4, TCP/UDP dual endpoint static-route tracker groups for service VPNs to enhance the reliability of probes.

Information About Static Route Tracking

Static-route tracking for service VPNs enables you to track the availability of the configured endpoint address to determine if the static route can be included in the routing table of a device. This is applicable when a site uses a static route in a service VPN to advertise its route over Overlay Management Protocol (OMP). The static route tracker periodically sends ICMP ping probes to the configured endpoint. If the tracker does not receive a response, the static route is not included in the routing table and is not advertised to OMP. You can configure an alternative next-hop address or a static route with a higher administrative distance to provide a backup path. This path is advertised over OMP.

Note From Cisco IOS XE Catalyst SD-WAN Release 17.7.1a, you can configure TCP/UDP individual endpoint trackers and configure a tracker group with dual endpoints (using two trackers), and associate the trackers and tracker group to a static route. Dual endpoints help in avoiding false negatives that might be introduced because of the unavailability of the routes.

Supported Platforms

Cisco ASR 1000 Series Aggregated Services Routers
Cisco ISR 1000 Series-Integrated Services Routers
Cisco ISR 4000 Series Integrated Services Routers
Cisco CSR 1000 Series Cloud Service Routers

Restrictions for IPv4 Static Route Tracking

Only one endpoint tracker is supported per static route per next-hop address.
IPv6 static routes are not supported.
To configure a static route with tracker:
1. Delete any existing static route, if it is already configured without a tracker. Plan for any connectivity downtime that might occur during this step for static route advertisement.
2. Configure a new static route with tracker using the same prefix and next-hop as the deleted static route.
To add a new tracker after you reach maximum tracker limit per router:
1. Delete an old tracker and attach the template to the device.
2. Add a new tracker and attach the device to the template again.
UDP tracker endpoint enabled with IP SLA UDP packet responder is supported only on Cisco IOS XE Catalyst SD-WAN devices.
You cannot link the same endpoint-tracker to static routes in different VPNs. The endpoint-tracker is identified by a name and can be used for multiple static routes in a single VPN.

Workflow to Configure IPv4 Static Route Tracking

Configure an endpoint tracker using the System template.
Configure a static route using the VPN template.
Apply the tracker to the next-hop address.

Create a Static Route Tracker
Use the System Template to create a tracker for static routes.

Note Delete existing static routes, if any, before you create a static route tracker. Configure a new static route tracker using the same prefix and next hop as the deleted static route.

From Cisco SD-WAN Manager menu, choose Configuration > Templates.
Click Feature Templates.
Note In Cisco vManage Release 20.7.x and earlier releases, Feature Templates is titled Feature.
Navigate to the Cisco System template for the device.
Note For information about creating a System template, see Create System Template.
Click Tracker. Click New Endpoint Tracker to configure the tracker parameters.
Table 2: Tracker Parameters Field| Description
---|---
Name| Name of the tracker. The name can be up to 128 alphanumeric characters.
Field| Description
---|---
Threshold| Wait time for the probe to return a response before declaring that the configured endpoint is down. Range is from 100 to 1000 milliseconds. Default is 300 milliseconds.
Interval| Time interval between probes to determine the status of the configured endpoint. Default is 60 seconds (1 minute). Range is from 20 to 600 seconds.
Multiplier| Number of times probes are sent before declaring that the endpoint is down. Range is from 1 to 10. Default is 3.
Tracker Type| From the drop-down, choose Global. From the Tracker Type field drop-down, choose Static Route. From Cisco IOS XE Catalyst SD-WAN Release 17.7.1a, you can configure a tracker group with dual endpoints on Cisco IOS XE Catalyst SD-WAN devices and associate this tracker group to a static route.
Endpoint Type| Choose endpoint type IP Address.
End-Point Type: IP Address| IP address of the static route endpoint. This is the destination on the internet to which the router sends probes to determine the status of the route.
Click Add.
Click Save.
To create a tracker group, click Tracker Groups > New Endpoint Tracker Groups and configure the tracker parameters.
Note Ensure that you have created two trackers to form a tracker group.
Table 3: Tracker Group Parameters Fields| Description
---|---
Name| Name of the tracker group.
Tracker Type| From the drop-down, choose Global. From the Tracker Type field drop-down, choose Static Route.

From Cisco IOS XE Catalyst SD-WAN Release 17.7.1a, you can configure a tracker group with dual endpoints on Cisco IOS XE Catalyst SD-WAN devices and associate this tracker group to a static route.

Fields	Description
Tracker Elements	This field is displayed only if you chose Tracker-group

as the tracker type. Add the existing interface tracker names (separated by a space). When you add this tracker to the template, the tracker group is associated with these individual trackers, and you can then associate the tracker group to a static route.
Tracker Boolean| From the drop-down list, choose Global. This field is displayed only if you chose tracker-group as the Tracker Type. By default, the OR option is selected. Choose AND or OR.

OR ensures that the static route status is reported as active if either one of the associated trackers of the tracker group report that the route is active.

If you select AND , the static route status is reported as active if both the associated trackers of the tracker group report that the route is active.

Click Add.
Click Save.

Configure a Next Hop Static Route with Tracker
Use the VPN template to associate a tracker to a static route next hop.
Note You can apply only one tracker per static route next hop.

From the Cisco SD-WAN Manager menu, choose Configuration > Templates.
Click Feature Templates.
Note In Cisco vManage Release 20.7.x and earlier releases, Feature Templates is titled Feature.
Navigate to the Cisco VPN Template for the device.
Note For information about creating a VPN template, see Create VPN Template.
Enter Template Name and Description as required.
In Basic Configuration, by default, VPN is set to 0. Set a VPN value within (1–511, 513–65530) range for service VPNs, for service-side data traffic on Cisco IOS XE Catalyst SD-WAN devices.
Note You can configure static route tracker only on service VPNs.
Click IPv4 Route.
Click New IPv4 Route.
In the IPv4 Prefix field, enter a value.
Click Next Hop.
Click Add Next Hop with Tracker and enter values for the fields listed in the table.
Parameter Name| Description
---|---
Address| Specify the next-hop IPv4 address.
Distance| Specify the administrative distance for the route.
Tracker| Enter the name of the gateway tracker to determine whether the next hop is reachable before adding that route to the route table of the device.
Add Next Hop with Tracker| Enter the name of the gateway tracker with the next hop address to determine whether the next hop is reachable before adding that route to the route table of the device.
Click Add to create the static route with the next-hop tracker.
Click Save.
Note You need to fill all the mandatory fields in the form to save the VPN template.

Monitor Static Route Tracker Configuration

View Static Route Tracker
To view information about a static tracker on a transport interface:

1. From the Cisco SD-WAN Manager menu, choose Monitor > Devices.

Cisco vManage Release 20.6.x and earlier: From the Cisco SD-WAN Manager menu, choose Monitor > Network.

2. Choose a device from the list of devices.
3. Click Real Time.
4. From the Device Options drop-down list, choose Endpoint Tracker Info.

Configure Static Routes Using CLI

The following sections provide information about how to configure static routes using the CLI.

Configure a Static Route Tracker
Note You can configure static route tracking using the Cisco SD-WAN Manager CLI Add-on feature templates and CLI device templates. For more information on configuring using CLI templates, see CLI Templates.

Device# config-transaction
Device(config)# endpoint-tracker
Device(config-endpoint-tracker)# tracker-type
Device(config-endpoint-tracker)# endpoint-ip
Device(config-endpoint-tracker)# threshold
Device(config-endpoint-tracker)# multiplier
Device(config-endpoint-tracker)# interval
Device(config-endpoint-tracker)# exit
Device(config)# track endpoint-tracker

Configure a Static Route Tracker with TCP Port as the Endpoint

Device# config-transaction
Device(config)# endpoint-tracker
Device(config-endpoint-tracker)# tracker-type
Device(config-endpoint-tracker)# endpoint-ip tcp
Device(config-endpoint-tracker)# threshold
Device(config-endpoint-tracker)# multiplier
Device(config-endpoint-tracker)# interval
Device(config-endpoint-tracker)# exit
Device(config)# track endpoint-tracker

Configure a Static Route Tracker with UDP Port as the Endpoint

Device# config-transaction
Device(config)# endpoint-tracker
Device(config-endpoint-tracker)# tracker-type
Device(config-endpoint-tracker)# endpoint-ip udp
Device(config-endpoint-tracker)# threshold
Device(config-endpoint-tracker)# multiplier
Device(config-endpoint-tracker)# interval
Device(config-endpoint-tracker)# exit
Device(config)# track endpoint-tracker

Configure Tracker Groups
Note You can create tracker groups to probe static routes from Cisco IOS XE Catalyst SD-WAN Release 17.7.1a and Cisco vManage Release 20.7.1.

Device# config-transaction
Device(config)# endpoint-tracker
Device(config-endpoint-tracker)# tracker-type
Device(config-endpoint-tracker)# endpoint-ip tcp
Device(config-endpoint-tracker)# threshold
Device(config-endpoint-tracker)# multiplier
Device(config-endpoint-tracker)# interval
Device(config-endpoint-tracker)# exit
Device(config)# track endpoint-tracker
Device# config-transaction
Device(config)# endpoint-tracker
Device(config-endpoint-tracker)# tracker-type
Device(config-endpoint-tracker)# endpoint-ip udp
Device(config-endpoint-tracker)# threshold
Device(config-endpoint-tracker)# multiplier
Device(config-endpoint-tracker)# interval
Device(config-endpoint-tracker)# exit
Device(config)# track endpoint-tracker
Device(config)# endpoint-tracker
Device(config-endpoint-tracker)# tracker-type tracker-group
Device(config-endpoint-tracker)# tracker-elements
Device(config-endpoint-tracker)# boolean {and | or}
Device(config-endpoint-tracker)# exit
Device(config)# track endpoint-tracker
Device(config)# ip route vrf track name

Note

Use the ip route command to bind a tracker or tracker group with a static route and to configure a backup route for administrative distance that is higher than the default value of 1.
You can apply only one tracker to an endpoint.
A tracker group can have a mix of endpoint trackers. For example, you can create a tracker group with an IP address tracker and UDP tracker.

Configuration Examples for Static Route Tracking Using the CLI

Configure Tracker
This example shows how to configure a single static route tracker: $CISCO-SD- WAN-Track-Static-Routes-for-Service-VPNs- $1$$ $CISCO-SD-WAN-Track-Static-Routes-for-Service-VPNs- $2$$

This example shows how to configure a tracker with UDP port as endpoint : $CISCO-SD-WAN-Track-Static-Routes-for-Service-VPNs- $3$$

This example shows how to configure a tracker with UDP port as endpoint : $CISCO-SD-WAN-Track-Static-Routes-for-Service-VPNs- $4$$

Configure Tracker Groups
This example shows how to configure a tracker group with two trackers (two endpoints). You can create tracker groups to probes static routes from Cisco IOS XE Catalyst SD-WAN Release 17.7.1a. $CISCO-SD-WAN-Track-Static-Routes- for-Service-VPNs- $6$$

Note

You must configure an administrative distance when you are configuring through CLI templates.
Use the ip route command to bind the tracker or tracker group with a static route and to configure a backup route for administrative distance when it is higher than the default value of 1.
You can apply only one tracker to an endpoint.

Verify Static Route Tracking Configuration Using CLI

Command Verification
Use the following command to verify if the configuration is committed. The following sample configuration shows tracker definition for a static route tracker and it’s application to an IPv4 static route:

Use the following command to verify the IPv4 route: $CISCO-SD-WAN-Track- Static-Routes-for-Service-VPNs- $8$$

The following is a sample output from the show endpoint-tracker static-route command displaying individual static route tracker status:

The following is a sample output from the show endpoint-tracker tracker-group command displaying tracker group status: $CISCO-SD-WAN-Track-Static-Routes- for-Service-VPNs- $10$$

The following is a sample output from the show endpoint-tracker records command displaying tracker/tracker group configuration: $CISCO-SD-WAN-Track- Static-Routes-for-Service-VPNs- $11$$