Configuring IP SLAs TCP Connect Operations

This chapter describes how to configure an IP Service Level Agreements (SLAs) TCP Connect operation
to measure the response time taken to perform a TCP Connect operation between a Cisco switch and devices
using IPv4. TCP Connect accuracy is enhanced by using the IP SLAs Responder at the destination Cisco
switch. This chapter also describes how the results of the TCP Connect operation can be displayed and
analyzed to determine how the connection times to servers and hosts within your network can affect IP
service levels. The TCP Connect operation is useful for measuring response times for a server used for a
particular application or connectivity testing for server availability.
This chapter includes these sections.

• Information About the TCP Connect Operation, page 1

• Guidelines and Limitations for Configuring IP SLAs TCP Connect Operations, page 2
• Configuring the IP SLAs Responder on the Destination Device, page 3
• Configuring and Scheduling a TCP Connect Operation on the Source Device, page 4
• Configuration Example for a TCP Connect Operation, page 10
• Feature History for TCP Connect, page 11

Information About the TCP Connect Operation

The IP SLAs TCP Connect operation measures the response time taken to perform a TCP Connect operation
between a Cisco switch and devices using IP. TCP is a transport layer (Layer 4) Internet protocol that provides
reliable full-duplex data transmission. The destination device can be any device using IP or an IP SLAs
Responder.
In the following figure, Switch B is configured as the source IP SLAs device and a TCP Connect operation
is configured with the destination device as IP Host 1.

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
OL-27603-02 1
 Configuring IP SLAs TCP Connect Operations
Guidelines and Limitations for Configuring IP SLAs TCP Connect Operations

The connection response time is computed by measuring the time taken between sending a TCP request
message from Switch B to IP Host 1 and receiving a reply from IP Host 1.
TCP Connect accuracy is enhanced by using the IP SLAs Responder at the destination Cisco device. If the
destination switch is a Cisco switch, the IP SLAs Responder makes a TCP connection to any port number
that you specified. If the destination is not a Cisco IP host, then you must specify a known destination port
number such as 21 for FTP, 23 for Telnet, or 80 for an HTTP server.
Using the IP SLAs Responder is optional for a TCP Connect operation when using Cisco devices. The IP
SLAs Responder cannot be configured on non-Cisco devices.
TCP Connect is used to test virtual circuit availability or application availability. Server and application
connection performance can be tested by simulating Telnet, SQL, and other types of connections to help you
verify your IP service levels.

Guidelines and Limitations for Configuring IP SLAs TCP Connect

Operations

Configuring CoPP for IP SLA Packets

When using IP SLA operations on a large scale, a specific CoPP configuration to allow the IP SLA packets
to pass through might be needed. Since IP SLA uses user defined UDP ports, there is no way to allow all IP
SLA packets to the control plane. However, you can specify each destination/source port that IP SLA can
use.
For more information about the verified scalability of the number of IP SLA probes, see the Cisco Nexus 7000
Series NX-OS Verified Scalability Guide.
The following shows an example of a CoPP configuration that allows IP SLA packets to pass through. It
assumes destination ports and source ports in the range of 6500-7000.
ip access-list copp-system-sla-allow
10 remark ### ALLOW SLA control packets from 1.1.1.0/24
20 permit udp 1.1.1.0/24 any eq 1967
30 remark ### ALLOW SLA data packets from 1.1.1.0/24 using ports 6500-7000

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
2 OL-27603-02
 Configuring IP SLAs TCP Connect Operations
Configuring the IP SLAs Responder on the Destination Device

40 permit udp 1.1.1.0/24 any range 6500 7000

statistics per-entry
ip access-list copp-system-sla-deny
10 remark ### this is a catch-all to match any other traffic
20 permit ip any any
statistics per-entry
class-map type control-plane match-any copp-system-class-management-allow
match access-group name copp-system-sla-allow
class-map type control-plane match-any copp-system-class-management-deny
match access-group name copp-system-sla-deny
policy-map type control-plane copp-system-policy
class copp-system-class-management-allow
set cos 7
police cir 4500 kbps bc 250 ms conform transmit violate drop
class copp-system-class-management-deny
police cir 4500 kbps bc 250 ms conform drop violate drop
control-plane
service-policy input copp-system-policy

Configuring the IP SLAs Responder on the Destination Device

This section describes how to configure the IP SLAs Responder on the destination device.

Before You Begin

If you are using the IP SLAs Responder, ensure that the networking device to be used as the responder is a
Cisco device and that you have connectivity to that device through the network.

Procedure

Command or Action Purpose

Step 1 enable Enables privileged EXEC mode.
Enter your password if prompted.
Example:
switch> enable

Step 2 configure terminal Enters global configuration mode.

Example:
switch# configure terminal

Step 3 Do one of the following: -

• ip sla responder • (Optional) Temporarily enables IP SLAs
Example: Responder functionality on a Cisco device in
switch(config)# ip sla response to control messages from source.
responder
• (Optional) Required only if protocol control is
• ip sla responder tcp-connect disabled on the source. The command
ipaddress ip-address port port permanently enables the IP SLAs Responder
Example: functionality on a specified IP address and port.
switch(config)# ip sla
responder tcp-connect ipaddress
Control is enabled by default.
172.29.139.132 port 5000

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
OL-27603-02 3
 Configuring IP SLAs TCP Connect Operations
Configuring and Scheduling a TCP Connect Operation on the Source Device

Command or Action Purpose

Step 4 exit (Optional) Exits global configuration mode and
returns to privileged EXEC mode.
Example:
switch(config)# exit

Configuring and Scheduling a TCP Connect Operation on the

Source Device
This section describes how to configure and schedule a TCP connect operation on the source device.
Perform only one of the following tasks to configure and schedule a TCP connect operation on the source
device:
• Configuring and scheduling a basic TCP connect operation on the source device
• Configuring and scheduling a TCP connect operation with optional parameters on the source device

Configuring and Scheduling a Basic TCP Connect Operation on the Source

Device
This section describes how to configure and schedule a basic TCP connect operation on a source device.

Note If an IP SLAs Responder is permanently enabled on the destination IP address and port, use the control
disable keywords with the tcp-connect command to disable control messages.

Tip • If the IP SLAs operation is not running and generating statistics, add the verify-data command to
the configuration of the operation (while configuring in IP SLA configuration mode) to enable data
verification. When enabled, each operation response is checked for corruption. Use the verify-data
command with caution during normal operations because it generates unnecessary overhead.
• Use the debug ip sla sender trace and debug ip sla sender error commands to help troubleshoot
issues with an IP SLAs operation.

Procedure

Command or Action Purpose

Step 1 enable Enables privileged EXEC mode.

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
4 OL-27603-02
 Configuring IP SLAs TCP Connect Operations
Configuring and Scheduling a Basic TCP Connect Operation on the Source Device

Command or Action Purpose

Enter your password if prompted.
Example:
switch> enable

Step 2 configure terminal Enters global configuration mode.

Example:
switch# configure terminal

Step 3 ip sla operation-number Begins configuration for an IP SLAs operation

and enters IP SLA configuration mode.
Example:
switch(config)# ip sla 10

Step 4 tcp-connect {destination-ip-address | Defines a TCP Connect operation and enters IP

destination-hostname} destination-port SLA TCP configuration mode.
[source-ip {ip-address | hostname} Use the control disable keyword combination
source-portport-number] [control {enable | only if you disable the IP SLAs control protocol
disable}] on both the source and target switches.

Example:
switch(config-ip-sla)# tcp-connect
172.29.139.132 5000

Step 5 frequency seconds (Optional) Sets the rate at which a specified IP

SLAs operation repeats.
Example:
switch(config-ip-sla-tcp)# frequency 60

Step 6 exit Exits IP SLA TCP configuration mode and

returns to global configuration mode.
Example:
switch(config-ip-sla-tcp)# exit

Step 7 ip sla schedule operation-number [life Configures the scheduling parameters for an
{forever | seconds}] [start-time {hh:mm[:ss] individual IP SLAs operation.
[monthday | daymonth] | pending | now | after
hh:mm:ss] [ageout seconds] [recurring]

Example:
switch(config)# ip sla schedule 10
start-time now life forever

Step 8 exit (Optional) Exits the global configuration mode

and returns to privileged EXEC mode.
Example:
switch(config)# exit

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
OL-27603-02 5
 Configuring IP SLAs TCP Connect Operations
Configuring and Scheduling a TCP Connect Operation with Optional Parameters on the Source Device

This example shows how to configure an IP SLAs operation type of TCP Connect that will start immediately
and run indefinitely:

ip sla 9
tcp-connect 172.29.139.132 5000
frequency 10
!
ip sla schedule 9 life forever start-time now

What to Do Next
To add proactive threshold conditions and reactive triggering for generating traps or for starting another
operation, see the Configuring Proactive Threshold Monitoring section.
To display statistics of an IP SLA operation over the last one hour and interpret the results, use the show ip
sla statistics command. Checking the output for fields that correspond to criteria in your service level agreement
helps you to determine whether the service metrics are acceptable. To display the aggregated IP SLA history,
use the show ip sla statistics aggregated command.

Configuring and Scheduling a TCP Connect Operation with Optional Parameters

on the Source Device
This section describes how to configure and schedule a TCP connect operation with optional parameters on
a source device.

Note If an IP SLAs Responder is permanently enabled on the destination IP address and port, use the control
disable keywords with the tcp-connect command to disable control messages.

Tip • If the IP SLAs operation is not running and generating statistics, add the verify-data command to
the configuration of the operation (while configuring in IP SLA configuration mode) to enable data
verification. When enabled, each operation response is checked for corruption. Use the verify-data
command with caution during normal operations because it generates unnecessary overhead.
• Use the debug ip sla trace and debug ip sla error commands to help troubleshoot issues with an
IP SLAs operation.

Procedure

Command or Action Purpose

Step 1 enable Enables privileged EXEC mode.
Enter your password if prompted.
Example:
switch> enable

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
6 OL-27603-02
 Configuring IP SLAs TCP Connect Operations
Configuring and Scheduling a TCP Connect Operation with Optional Parameters on the Source Device

Command or Action Purpose

Step 2 configure terminal Enters global configuration mode.

Example:
switch# configure terminal

Step 3 ip sla operation-number Begins configuration for an IP SLAs operation

and enters IP SLA configuration mode.
Example:
switch(config)# ip sla 10

Step 4 tcp-connect {destination-ip-address | Defines a TCP Connect operation and enters IP

destination-hostname} destination-port SLA TCP configuration mode.
[source-ip {ip-address | hostname} Use the control disable keyword combination
source-port port-number] [control {enable | only if you disable the IP SLAs control protocol
disable}] on both the source and target switches.

Example:
switch(config-ip-sla)# tcp-connect
172.29.139.132 5000

Step 5 history buckets-kept size (Optional) Sets the number of history buckets
that are kept during the lifetime of an IP SLAs
Example: operation.

switch(config-ip-sla-tcp)# history
buckets-kept 25

Step 6 history distributions-of-statistics-kept size (Optional) Sets the number of statistics

distributions kept per hop during an IP SLAs
Example: operation.

switch(config-ip-sla-tcp)# history
distributions-of-statistics-kept 5

Step 7 history enhanced [interval seconds] [buckets (Optional) Enables enhanced history gathering
number-of-buckets] for an IP SLAs operation.

Example:
switch(config-ip-sla-tcp)# history
enhanced interval 900 buckets 100

Step 8 history filter {none | all | overThreshold | (Optional) Defines the type of information kept
failures} in the history table for an IP SLAs operation.

Example:
switch(config-ip-sla-tcp)# history
filter failures

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
OL-27603-02 7
 Configuring IP SLAs TCP Connect Operations
Configuring and Scheduling a TCP Connect Operation with Optional Parameters on the Source Device

Command or Action Purpose

Step 9 frequency seconds (Optional) Sets the rate at which a specified IP
SLAs operation repeats.
Example:
switch(config-ip-sla-tcp)# frequency 60

Step 10 history hours-of-statistics-kept hours (Optional) Sets the number of hours for which
statistics are maintained for an IP SLAs
Example: operation.

switch(config-ip-sla-tcp)# history
hours-of-statistics-kept 4

Step 11 history lives-kept lives (Optional) Sets the number of lives maintained
in the history table for an IP SLAs operation.
Example:
switch(config-ip-sla-tcp)# history
lives-kept 5

Step 12 owner owner-id (Optional) Configures the Simple Network

Management Protocol (SNMP) owner of an IP
Example: SLAs operation.

switch(config-ip-sla-tcp)# owner admin

Step 13 history statistics-distribution-interval (Optional) Sets the time interval for each
milliseconds statistics distribution kept for an IP SLAs
operation.
Example:
switch(config-ip-sla-tcp)# history
statistics-distribution-interval 10

Step 14 tag text (Optional) Creates a user-specified identifier for

an IP SLAs operation.
Example:
switch(config-ip-sla-tcp)# tag
TelnetPollServer1

Step 15 threshold milliseconds (Optional) Sets the upper threshold value for
calculating network monitoring statistics created
Example: by an IP SLAs operation.

switch(config-ip-sla-tcp)# threshold
10000

Step 16 timeout milliseconds (Optional) Sets the amount of time an IP SLAs

operation waits for a response from its request
Example: packet.

switch(config-ip-sla-tcp)# timeout 10000

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
8 OL-27603-02
 Configuring IP SLAs TCP Connect Operations
Configuring and Scheduling a TCP Connect Operation with Optional Parameters on the Source Device

Command or Action Purpose

Step 17 tos number (Optional) In an IPv4 network only, defines the
ToS byte in the IPv4 header of an IP SLAs
Example: operation.

switch(config-ip-sla-jitter)# tos 160

Example:
Step 18 exit Exits TCP configuration submode and returns
to global configuration mode.
Example:
switch(config-ip-sla-tcp)# exit

Step 19 ip sla schedule operation-number [life Configures the scheduling parameters for an
{forever| seconds}] [start-time {hh:mm[:ss] individual IP SLAs operation.
[monthday | daymonth] | pending | now | after
hh:mm:ss] [ageout seconds] [recurring]

Example:
switch(config)# ip sla schedule 10
start-time now life forever

Step 20 exit (Optional) Exits global configuration mode and

returns to privileged EXEC mode.
Example:
switch(config)# exit

Step 21 show ip sla configuration [operation-number] (Optional) Displays configuration values

including all defaults for all IP SLAs operations
Example: or a specified operation.

switch# show ip sla configuration 10

This example shows how to configure all the IP SLAs parameters (including defaults) for the TCP Connect
operation number 10:
switch# show ip sla configuration 10
IP SLAs Infrastructure Engine-III
Entry number: 10
Owner: admin
Tag: TelnetPollServer1
Operation timeout (milliseconds): 10000
Type of operation to perform: tcp-connect
Target address/Source address: 101.101.101.1/0.0.0.0
Target port/Source port: 5000/0
Type Of Service parameter: 0xa0
Vrf Name: default
Control Packets: enabled
Schedule:
Operation frequency (seconds): 60 (not considered if randomly scheduled)
Next Scheduled Start Time: Start Time already passed
Group Scheduled : FALSE
Randomly Scheduled : FALSE
Life (seconds): Forever

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
OL-27603-02 9
 Configuring IP SLAs TCP Connect Operations
Configuration Example for a TCP Connect Operation

Entry Ageout (seconds): never

Recurring (Starting Everyday): FALSE
Status of entry (SNMP RowStatus): Active
Threshold (milliseconds): 10000
Distribution Statistics:
Number of statistic hours kept: 4
Number of statistic distribution buckets kept: 5
Statistic distribution interval (milliseconds): 10
Enhanced History:
Aggregation Interval:900 Buckets: 100
History Statistics:
Number of history Lives kept: 0
Number of history Buckets kept: 25
History Filter Type: Failures

What to Do Next
To add proactive threshold conditions and reactive triggering for generating traps or for starting another
operation, see the Configuring Proactive Threshold Monitoring section.
To display statistics of an IP SLA operation over the last one hour and interpret the results, use the show ip
sla statistics command. Checking the output for fields that correspond to criteria in your service level agreement
helps you to determine whether the service metrics are acceptable. To display the aggregated IP SLA history,
use the show ip sla statistics aggregated command.

Configuration Example for a TCP Connect Operation

This example shows how to configure a TCP Connect operation from Switch B to the Telnet port (TCP port
23) of IP Host 1 (IP address 10.0.0.1), as shown in the "TCP Connect Operation" figure in the "Information
About the IP SLAs TCP Connect Operation" section. The operation is scheduled to start immediately. In this
example, the control protocol is disabled on the source (Switch B). IP SLAs use the control protocol to notify
the IP SLAs Responder to enable the target port temporarily. This action allows the Responder to reply to the
TCP Connect operation. In this example, because the target is not a switch and a well-known TCP port is
used, there is no need to send the control message.

Switch A Configuration

configure terminal
ip sla responder tcp-connect ipaddress 10.0.0.1 port 23

Switch B Configuration

ip sla 9
tcp-connect 10.0.0.1 23 control disable
frequency 30
tos 128
timeout 1000
tag FLL-RO
ip sla schedule 9 start-time now

This example shows how to configure a TCP Connect operation with a specific port, port 21, and without an
IP SLAs Responder. The operation is scheduled to start immediately and run indefinitely.

ip sla 9
tcp-connect 173.29.139.132 21 control disable
frequency 30
ip sla schedule 9 life forever start-time now

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
10 OL-27603-02
 Configuring IP SLAs TCP Connect Operations
Feature History for TCP Connect

Feature History for TCP Connect

This table includes only the updates for those releases that have resulted in additions or changes to the feature.

Table 1: Feature History for TCP Connect

Feature Name Release Feature Information

TCP Connect 6.1(1) This feature was introduced.

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
OL-27603-02 11
 Configuring IP SLAs TCP Connect Operations
Feature History for TCP Connect

Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide, Release 6.x
12 OL-27603-02