Operations are not being created:
When ENA Cisco IOS IP SLA fails to create operations:
- Check that you have set the SNMP write community string for the device. If an operation has failed on the source device, ENA would raise IP SLA Creation Failure events and incidents:
- There might be access restrictions on the device.
- You might not have set the correct SNMP write community string.
- You might have an invalid configuration.
- You might not have waited long enough for ENA to discover the operation definition. Because the length of the ENA discovery cycle is dependent upon the network under management - you may have to wait for 24 hours.
Operations failing to create after configuring the source port:
When you specify a particular port, you must ensure that it is the only operation on that device that is using that port. For example, to emulate VoIP traffic, you may use the source port 16834 - do not assign a second UDP Jitter operation to that device using the same source port, otherwise the operation may fail.
Same-source port failure can occur across all operation types, but it is more likely when the conflict involves an operation that takes a greater time to complete, e.g. UDP Jitter.
Entuity recommends that the port (on the source device that is used by an operation) should not be shared with other operations. When the source port is set to 0 (the default for most operation types), the operation automatically selects any available port, and avoids any potential conflict.
IP SLA and firewalls:
When using IP SLA with firewalls, consider which ports and commands must be allowed through the firewall.
ENA to device firewalls:
When you have configured firewalls to perform deep packet inspection, you will usually need permission through snmpGet for ENA to poll devices. The ENA Cisco IOS IP SLA module requires that snmpSet commands also be permitted - if these are not permitted, the commands will then fail.
Device to device firewalls:
When source and target devices are separated by a firewall, the firewall must be open to ports used by ENA Cisco IOS IP SLA. You should consider that:
- when using Control Packets, the control protocol uses port 1967. The IP SLA source can specify to which port the responder should listen for a particular operation.
- target port should always be open.
- source port should be defined to allow responses through firewalls.
Enabling the IP SLA responder on operation targets:
The IP SLA responder is a feature which allows the use of UDP and TCP operations. The IP SLA Agent Responder code must exist on target devices to support operations that use non-native services (such as the UDP echo and the TCP connection operation types).
Consult the Cisco IP SLA documentation for details on enabling IP SLA responders.