Cisco IP SLA Support

Supported Technology

Network Operations teams need to continuously ensure that the network is capable of supporting key business applications that serve the business. This includes being able to verify service guarantees, increase network reliability by validating network performance, and proactively identify network issues. Cisco IP SLA uses active monitoring to generate traffic in a continuous, reliable, and predictable manner, enabling the measurement of network performance and health. Leveraging this technology within a network performance management system allows the operations team to utilize the network to verify performance when access to end-user response data is not available.

IP SLA Technology

IP SLA (IP Service Level Agreement) is a feature of the Cisco IOS allowing for measuring end-to-end characteristics of network performance between Cisco equipment and devices in remote sites. Network management systems can leverage this functionality to measure response “across” a network, from sites where no network management system components exist.

IP SLA is the most recent incarnation of a set of “remote ping” technologies progressively introduced over the last 20 years by Cisco – the initial version RTTMON (Round-trip Time Monitor), introduced in 1995 allowed network administrators to configure routers to ping other network devices and report on their response time. Cisco refined and renamed the feature SAA (Service Assurance Agent) in the early 2000s, adding the ability to measure jitter and packet loss in MPLS/CoS-enabled environments. In 2005, additional application layer monitoring (voice, video) was added and the combined feature set (including MIBs for access the resulting statistics) was renamed to IP SLA.

IP SLA Today

IP SLA probes, as defined in recent IOS revisions, can be used to measure the following characteristics:

  • ICMP availability, delay (latency, round-trip time)
  • Time required to get an IP address via DHCP
  • Time to initiate a TCP connection
  • UDP jitter, packet-loss
  • Duration of a DNS lookup
  • HTTP transaction time for loading a web page
  • Many more characteristics relating to specific application protocols

From a business perspective, the real value of this technology is the ability to:

  • Provide response-time monitoring of the IP network: the quality of access to external resources experienced by subscribers, the accessibility of critical nodes and routes, and time delays along the path
  • Support analysis and elimination of network problems: problem isolation and assessment of its scale
  • Test network readiness for new services before their deployment including VoIP, video, business applications
  • Monitor user experience in MPLS/IP VPN networks

IP SLA and SevOne

Without a network performance management system such as SevOne, evaluation of results and monitoring based on the Cisco IP SLA tests is not convenient and not informative because the results are only visible once users have logged into router command-line-interfaces (CLIs) directly. The chief challenges associated with using IP SLA without the assistance of a good network performance management system include:

  • Probes must be configured one at a time via the Cisco IOS command line interface. This is a nontrivial process and can be performed only by personnel with access to equipment and the required knowledge of IOS commands. Typically, this means that Operations users are not able to create probes when needed, which would be very useful during troubleshooting situations.
  • The display of measurement results can only be accessed by a network engineering specialist. Though it is possible to ask Cisco routers to generate SNMP Trap notifications when IP SLA tests exceed instantaneous (static) thresholds, routers cannot build up an understanding of ‘normal’ behavior (‘dynamic’ or ‘baseline’) and so such thresholds tend to be of limited value.
  • The output displays only the most recent measurement and the total number of successful and unsuccessful measurements - routers are not able to retain detailed historical performance information, nor build ‘baselines’ to understand what behavior should be considered normal over the period of the business week or month.

Probe Configuration

Probe configuration can be performed using a graphical interface in a standard web browser. Any desired probes can be created in a couple of minutes by any staff member with access to SevOne who has been granted the required access rights.

Test Results Monitoring

Probe test results can be monitored continuously, along with all of the main equipment and interface parameters from the SevOne user interface.

Measurement results can be displayed as graphs, tables or diagrams – they can also be easily extracted as CSV or PDF for use in other contexts. The information is convenient for assessment and analysis – which can be done over large time spans.

Threshold-based Alerting

SevOne provides the ability to set flexible threshold policies for the creation of alerts. Static (e.g. ‘greater than 300ms latency’), dynamic (e.g. ‘greater than 150% above baseline’) and compound thresholds (Boolean combinations of multiple indicators) are all possible.


Utilizing SevOne with its flexible, baseline-aware monitoring capabilities in conjunction with the IP SLA technology provides an effective approach to solving network problems by enabling network operations to isolate the problems, determine the area of responsibility, assess the scope of the problem and finally help pinpoint the cause. This enables an objective evaluation of the quality of services provided to subscribers and the performance of individual components and systems in the network, making is possible to quickly respond to changes in network performance.