Object Tracking Router Configuration with IP SLA and HSRP
- Object tracking IP SLA with HSRP ‹
- Object tracking two IP SLA monitors with HSRP - boolean operator ‹
- Threshold with different weight for two IP SLA monitors ‹
- On demand backup tunnel with "NOT" operator ‹
- Design considerations ‹
- Download section ‹
Object tracking IP SLA with HSRP
In the following example scenario, a basic use case of object tracking with HSRP is shown. Site 1 has dual WAN connections with gateway routers R1 and R2 using HSRP as the redundancy protocol. R1 is the primary (active) HSRP router, and has an ICMP-echo IP SLA configured to monitor the liveliness of the primary WAN connection. R3 is part of the WAN service provider's infrastructure.
Object tracking on R1 monitors the state of the IP SLA, and in turn, HSRP relies on the state of object tracking to influence its own active/standby election process. In other words, if the IP SLA is down, then object tracking goes down. If object tracking is down, HSRP priority is set to 80 on R1. If HSRP priority is decremented on R1 to 80, then R2 takes over as the active router (because R2 has an HSRP priority of 90).
Configuration:
R1
R1#show run int Gi0/0 | sec int interface GigabitEthernet0/0 description ** to SW ** ip address 192.168.1.1 255.255.255.0 standby 10 ip 192.168.1.10 standby 10 preempt standby 10 authentication P4SSW0RD standby 10 track 1 decrement 20 duplex auto speed auto media-type rj45 R1#show run int Gi0/1 | sec int interface GigabitEthernet0/1 description ** to R3 ** ip address 10.1.0.1 255.255.255.252 duplex auto speed auto media-type rj45 R1#show run | sec ^ip route ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 10.1.0.2 R1#show run | sec ^ip sla ip sla 10 icmp-echo 10.0.0.1 threshold 1000 timeout 1000 frequency 1 ip sla schedule 10 life forever start-time now R1#show run | sec ^track track 1 ip sla 10
R2
R2#show run int Gi0/0 | sec int interface GigabitEthernet0/0 description ** to SW ** ip address 192.168.1.2 255.255.255.0 standby 10 ip 192.168.1.10 standby 10 priority 90 standby 10 preempt standby 10 authentication P4SSW0RD duplex auto speed auto media-type rj45 R2#show run int Gi0/1 | sec int interface GigabitEthernet0/1 description ** to R3 ** ip address 10.2.0.1 255.255.255.252 duplex auto speed auto media-type rj45 R2#show run | sec ^ip route ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 10.2.0.2
R3
R3#show run int Gi0/0 | sec int interface GigabitEthernet0/0 description ** to R1 ** ip address 10.1.0.2 255.255.255.252 duplex auto speed auto media-type rj45 R3#show run int Gi0/1 | sec int interface GigabitEthernet0/1 description ** to R2 ** ip address 10.2.0.2 255.255.255.252 duplex auto speed auto media-type rj45 R3#show run int Lo10 | sec int interface Loopback10 ip address 10.0.0.1 255.255.255.255
R1#show standby brief P indicates configured to preempt. | Interface Grp Pri P State Active Standby Virtual IP Gi0/0 10 100 P Active local 192.168.1.2 192.168.1.10 « Default HSRP priority is 100, if IP SLA down, priority decreses to 80 R1#show ip sla statistics IPSLAs Latest Operation Statistics IPSLA operation id: 10 Latest RTT: 1 milliseconds Latest operation start time: 18:38:12 UTC Sun Jul 6 2025 Latest operation return code: OK « IP SLA is "Up", WAN connection is up Number of successes: 1821 Number of failures: 35 Operation time to live: Forever R1#show track brief Track Type Instance Parameter State Last Change 1 ip sla 10 state Up 00:29:15 « Since IP SLA is "Up", object tracking also Up R1#show track Track 1 IP SLA 10 state State is Up 3 changes, last change 00:29:18 Latest operation return code: OK Latest RTT (millisecs) 1 Tracked by: HSRP GigabitEthernet0/0 10 « HSRP tracks this object, which tracks the IP SLA
In case the primary WAN connection fails, the IP SLA can no longer reach R3, and as a result object tracking on R1 goes down. If object tracking goes down, R1's HSRP priority is decremented by 20 (and will become 80), and at this point R2 becomes the HSRP active router, and the backup WAN link will be used. The following outputs will be visible on R1 during traffic failover to the backup path.
R1#show log | beg Log Buffer Log Buffer (8192 bytes): %TRACK-6-STATE: 1 ip sla 10 state Up -> Down %HSRP-5-STATECHANGE: GigabitEthernet0/0 Grp 10 state Active -> Speak %HSRP-5-STATECHANGE: GigabitEthernet0/0 Grp 10 state Speak -> Standby « HSRP state change on R1, R2 becomes new active router, R1 is standby R1#show standby brief P indicates configured to preempt. | Interface Grp Pri P State Active Standby Virtual IP Gi0/0 10 80 P Standby 192.168.1.2 local 192.168.1.10 « HSRP priority is set to 80 on R1 R1#show ip sla statistics IPSLAs Latest Operation Statistics IPSLA operation id: 10 Latest RTT: NoConnection/Busy/Timeout Latest operation start time: 18:47:43 UTC Sun Jul 6 2025 Latest operation return code: Timeout « IP SLA is "Down", ICMP-echo cannot reach destination IP address Number of successes: 2351 Number of failures: 56 Operation time to live: Forever R1#show track brief Track Type Instance Parameter State Last Change 1 ip sla 10 state Down 00:00:50 « Object tracking is also Down
Due to HSRP preemption, when the connection on the primary WAN link is restored, R1 will again become the active/primary router. At this point, traffic will be switched back to the primary link.
Object tracking two IP SLA monitors with HSRP - boolean operator
In the following scenario, R1 is the HSRP active (primary) router and monitors connectivity over the primary WAN link to two separate IP addresses, 10.0.0.1 and 10.0.0.2. These IP addresses may belong to DMVPN dual hub routers, or remote access VPN concentrators, or any other redundant resource that is used by devices in Site 1.
The HSRP active/standby state change between R1 and R2 will only be triggered, if both of the monitored IP addresses are unreachable over the primary WAN connection. This is achieved with a boolean expression on R1. The command track 100 list boolean or requires that both of the IP SLA probes be down, in order for object tracking to be down (which will trigger HSRP failover to the backup router R2).
Configuration:
R1
R1#show run int Gi0/0 | sec int interface GigabitEthernet0/0 description ** to SW ** ip address 192.168.1.1 255.255.255.0 standby 10 ip 192.168.1.10 standby 10 preempt standby 10 authentication P4SSW0RD standby 10 track 100 decrement 20 duplex auto speed auto media-type rj45 R1#show run int Gi0/1 | sec int interface GigabitEthernet0/1 description ** to WAN ** ip address 10.1.0.1 255.255.255.252 duplex auto speed auto media-type rj45 R1#show run | sec ^ip route ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 10.1.0.2 R1#show run | sec ^ip sla ip sla 10 icmp-echo 10.0.0.1 threshold 1000 timeout 1000 frequency 1 ip sla schedule 10 life forever start-time now ip sla 20 icmp-echo 10.0.0.2 threshold 1000 timeout 1000 frequency 1 ip sla schedule 20 life forever start-time now R1#show run | sec ^track track 1 ip sla 10 track 2 ip sla 20 track 100 list boolean or object 1 object 2
R2
R2#show run int Gi0/0 | sec int interface GigabitEthernet0/0 description ** to SW ** ip address 192.168.1.2 255.255.255.0 standby 10 ip 192.168.1.10 standby 10 priority 90 standby 10 preempt standby 10 authentication P4SSW0RD duplex auto speed auto media-type rj45 R2#show run int Gi0/1 | sec int interface GigabitEthernet0/1 description ** to WAN ** ip address 10.2.0.1 255.255.255.252 duplex auto speed auto media-type rj45 R2#show run | sec ^ip route ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 10.2.0.2
R1#show standby brief P indicates configured to preempt. | Interface Grp Pri P State Active Standby Virtual IP Gi0/0 10 100 P Active local 192.168.1.2 192.168.1.10 « HSRP tracks object 100 (in turn object 100 tracks object 1 and 2) R1#show ip sla statistics IPSLAs Latest Operation Statistics IPSLA operation id: 10 Latest RTT: 1 milliseconds Latest operation start time: 20:24:33 UTC Sun Jul 6 2025 Latest operation return code: OK « IP SLA 10 is "Up" Number of successes: 19 Number of failures: 1053 Operation time to live: Forever IPSLA operation id: 20 Latest RTT: 1 milliseconds Latest operation start time: 20:24:32 UTC Sun Jul 6 2025 Latest operation return code: OK « IP SLA 20 is also "Up" Number of successes: 1876 Number of failures: 57 Operation time to live: Forever R1#show track brief Track Type Instance Parameter State Last Change 1 ip sla 10 state Up 00:00:32 2 ip sla 20 state Up 00:31:27 100 list boolean Up 00:31:27 « Boolean operator used by track object 100 R1#show track Track 1 IP SLA 10 state State is Up 7 changes, last change 00:00:40 Latest operation return code: OK Latest RTT (millisecs) 1 Tracked by: Track List 100 « Track object 1 (IP SLA 10) is monitored by track object 100 Track 2 IP SLA 20 state State is Up 2 changes, last change 00:31:35 Latest operation return code: OK Latest RTT (millisecs) 1 Tracked by: Track List 100 « Track object 2 (IP SLA 20) is monitored by track object 100 Track 100 List boolean or Boolean OR is Up 2 changes, last change 00:31:34 object 1 Up object 2 Up Tracked by: HSRP GigabitEthernet0/0 10 « Track object 100 (List boolean or) is monitored by HSRP
The following outputs show what happens if only the IP SLA 10 monitor is unreachable. As visible, even though the probe is down, HSRP failover does not happen, because track object 100 remains up.
R1#show standby brief P indicates configured to preempt. | Interface Grp Pri P State Active Standby Virtual IP Gi0/0 10 100 P Active local 192.168.1.2 192.168.1.10 « R1 remains active HSRP router R1#show ip sla summary IPSLAs Latest Operation Summary Codes: * active, ^ inactive, ~ pending ID Type Destination Stats Return Last (ms) Code Run ----------------------------------------------------------------------- *10 icmp-echo 10.0.0.1 - Timeout 0 seconds ago « IP SLA 10 probe is unreachable *20 icmp-echo 10.0.0.2 RTT=1 OK 0 seconds ago R1#show track brief Track Type Instance Parameter State Last Change 1 ip sla 10 state Down 00:00:35 « Track 1 (IP SLA 10) is Down 2 ip sla 20 state Up 00:38:05 100 list boolean Up 00:38:05 « However, track 100 (boolean or) remains Up R1#show track 100 Track 100 List boolean or Boolean OR is Up 2 changes, last change 00:38:14 object 1 Down object 2 Up Tracked by: HSRP GigabitEthernet0/0 10
Threshold with different weight for two IP SLA monitors
Building on the previous scenario, R1 has two IP SLA probes configured to monitor the IP addresses 10.0.0.1 and 10.0.0.2. However now, different weights are assigned to the objects that track the IP SLA probes. A tracked list bundles these objects, and changes its state based on a configured threshold value.
R1(config)# R1(config)#track 1 ip sla 10 R1(config-track)#exit R1(config)# R1(config)#track 2 ip sla 20 R1(config-track)#exit R1(config)# R1(config)#track 100 list threshold weight R1(config-track)#object 1 weight 70 R1(config-track)#object 2 weight 30 R1(config-track)#threshold weight down 50 up 51 R1(config-track)#exit R1(config)#
Object 1 monitors IP SLA 10 and has a weight of 70. Object 2 monitors IP SLA 20 and has a weight of 30. The tracked list 100 goes down only if the combined weight of both "Up" objects is 50 or lower, and remains up if the combined weight is 51 or more. HSRP on R1 tracks object 100. As a result, if IP SLA 10 is down (weight 70), then HSRP failover happens. But, if IP SLA 20 is down (weight 30), HSRP failover does not happen.
Configuration:
R1
R1#show run int Gi0/0 | sec int interface GigabitEthernet0/0 description ** to SW ** ip address 192.168.1.1 255.255.255.0 standby 10 ip 192.168.1.10 standby 10 preempt standby 10 authentication P4SSW0RD standby 10 track 100 decrement 20 duplex auto speed auto media-type rj45 R1#show run int Gi0/1 | sec int interface GigabitEthernet0/1 description ** to WAN ** ip address 10.1.0.1 255.255.255.252 duplex auto speed auto media-type rj45 R1#show run | sec ^ip route ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 10.1.0.2 R1#show run | sec ^ip sla ip sla 10 icmp-echo 10.0.0.1 threshold 1000 timeout 1000 frequency 1 ip sla schedule 10 life forever start-time now ip sla 20 icmp-echo 10.0.0.2 threshold 1000 timeout 1000 frequency 1 ip sla schedule 20 life forever start-time now R1#show run | sec ^track track 1 ip sla 10 track 2 ip sla 20 track 100 list threshold weight object 1 weight 70 object 2 weight 30 threshold weight down 50 up 51
R2
R2#show run int Gi0/0 | sec int interface GigabitEthernet0/0 description ** to SW ** ip address 192.168.1.2 255.255.255.0 standby 10 ip 192.168.1.10 standby 10 priority 90 standby 10 preempt standby 10 authentication P4SSW0RD duplex auto speed auto media-type rj45 R2#show run int Gi0/1 | sec int interface GigabitEthernet0/1 description ** to WAN ** ip address 10.2.0.1 255.255.255.252 duplex auto speed auto media-type rj45 R2#show run | sec ^ip route ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 10.2.0.2
R1#show track 100 Track 100 List threshold weight Threshold Weight is Up (100/100) 4 changes, last change 00:32:47 object 1 weight 70 Up (70/100) object 2 weight 30 Up (30/100) Threshold weight down 50 up 51 Tracked by: HSRP GigabitEthernet0/0 10 R1#show track 100 Track 100 List threshold weight Threshold Weight is Up (70/100) 4 changes, last change 00:33:15 object 1 weight 70 Up (70/100) object 2 weight 30 Down (0/100) Threshold weight down 50 up 51 Tracked by: HSRP GigabitEthernet0/0 10 R1#show track 100 Track 100 List threshold weight Threshold Weight is Down (30/100) 5 changes, last change 00:00:02 object 1 weight 70 Down (0/100) object 2 weight 30 Up (30/100) Threshold weight down 50 up 51 Tracked by: HSRP GigabitEthernet0/0 10 R1#show track brief Track Type Instance Parameter State Last Change 1 ip sla 10 state Down 00:01:17 2 ip sla 20 state Up 00:01:22 100 list threshold Down 00:01:16
On demand backup tunnel with "NOT" operator
The following example shows Site 1 connected with dual CE routers to an MPLS WAN service. R1 is the primary router connected to PE R3 over a dedicated layer-2 access connection. R2 is the secondary router connected to PE R4 over a backup internet link. This backup link uses an on-demand tunnel between CE R2 and PE R4. The main focus of this example is the object tracking "NOT" operator which is used on R2.
R2(config)# R2(config)#track 1 ip sla 10 R2(config-track)#exit R2(config)# R2(config)# R2(config)#track 100 list boolean and R2(config-track)#object 1 not R2(config-track)#exit R2(config)# R2(config)# R2(config)#ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 10.2.0.2 track 100 R2(config)#
R2 has an IP SLA configured which travels across the direct link between R1 - R2, and then verifies whether PE R3 is reachable. So in essence, the IP SLA on R2 verifies whether the primary path is reachable. If the primary path is reachable, R2 does not install a default route towards the backup internet ISP. However, if the primary path is unreachable, R2 installs a default route towards the internet ISP, and this enables the Tunnel line protocol between R2 and PE R4.
Configuration:
R1
R1#show run int Gi0/0 | sec int interface GigabitEthernet0/0 description ** to SW ** ip address 192.168.1.1 255.255.255.0 duplex auto speed auto media-type rj45 R1#show run int Gi0/1 | sec int interface GigabitEthernet0/1 description ** to WAN ** ip address 10.1.0.1 255.255.255.252 duplex auto speed auto media-type rj45 bfd interval 100 min_rx 100 multiplier 3 R1#show run int Gi0/2 | sec int interface GigabitEthernet0/2 description ** direct link to R2 ** ip address 192.168.100.1 255.255.255.252 duplex auto speed auto media-type rj45 R1#show run | sec ^router router bgp 65001 bgp router-id 1.1.1.1 bgp log-neighbor-changes neighbor 10.1.0.2 remote-as 65002 neighbor 10.1.0.2 fall-over bfd ! address-family ipv4 network 192.168.100.0 mask 255.255.255.252 neighbor 10.1.0.2 activate exit-address-family
R2
R2#show run int Gi0/0 | sec int interface GigabitEthernet0/0 description ** to SW ** ip address 192.168.1.2 255.255.255.0 duplex auto speed auto media-type rj45 R2#show run int Gi0/1 | sec int interface GigabitEthernet0/1 description ** to backup internet ** ip address 10.2.0.1 255.255.255.252 duplex auto speed auto media-type rj45 R2#show run int Gi0/2 | sec int interface GigabitEthernet0/2 description ** direct link to R1 ** ip address 192.168.100.2 255.255.255.252 duplex auto speed auto media-type rj45 R2#show run int Tu10 | sec int interface Tunnel10 description ** on-demand tunnel over internet ** ip address 172.16.0.1 255.255.255.252 tunnel source 10.2.0.1 tunnel destination 10.3.0.2 R2#show run | sec ^ip sla ip sla 10 icmp-echo 3.3.3.3 source-interface GigabitEthernet0/2 threshold 1000 timeout 1000 frequency 1 ip sla schedule 10 life forever start-time now R2#show run | sec ^track track 1 ip sla 10 track 100 list boolean and object 1 not R2#show run | sec ^ip route ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 10.2.0.2 track 100 ip route 3.3.3.3 255.255.255.255 GigabitEthernet0/2 192.168.100.1
R3
R3#show run int Gi0/0 | sec int interface GigabitEthernet0/0 description ** to R1 ** ip address 10.1.0.2 255.255.255.252 duplex auto speed auto media-type rj45 bfd interval 100 min_rx 100 multiplier 3 R3#show run int Lo10 | sec int interface Loopback10 ip address 3.3.3.3 255.255.255.255 R3#show run | sec ^router router bgp 65002 bgp router-id 3.3.3.3 bgp log-neighbor-changes neighbor 10.1.0.1 remote-as 65001 neighbor 10.1.0.1 fall-over bfd ! address-family ipv4 network 3.3.3.3 mask 255.255.255.255 neighbor 10.1.0.1 activate exit-address-family
R4
R4#show run int Gi0/0 | sec int interface GigabitEthernet0/0 description ** to R2 over the internet ** ip address 10.3.0.2 255.255.255.252 duplex auto speed auto media-type rj45 R4#show run int Tu10 | sec int interface Tunnel10 description ** on-demand tunnel over internet ** ip address 172.16.0.2 255.255.255.252 tunnel source 10.3.0.2 tunnel destination 10.2.0.1 R4#show run | sec ^ip route ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 10.3.0.1
R2#show track Track 1 IP SLA 10 state State is Up « When primary link is available, IP SLA is Up 5 changes, last change 00:00:02 Latest operation return code: OK Latest RTT (millisecs) 2 Tracked by: Track List 100 Track 100 List boolean and Boolean AND is Down « When IP SLA is Up, object 100 is Down 5 changes, last change 00:00:02 object 1 not Up Tracked by: Static IP Routing 0 R2#show track br Track Type Instance Parameter State Last Change 1 ip sla 10 state Up 00:00:12 100 list boolean Down 00:00:12 R2#show ip route track-table ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 10.2.0.2 track 100 state is [down] « Default route not installed on R2 R2#show ip int br Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 192.168.1.2 YES NVRAM up up GigabitEthernet0/1 10.2.0.1 YES NVRAM up up GigabitEthernet0/2 192.168.100.2 YES manual up up GigabitEthernet0/3 unassigned YES NVRAM administratively down down Tunnel10 172.16.0.1 YES manual up down « Tunnel line protocol is down
The following outputs are visible when the primary link between R1 and R3 is down. At this point, the on-demand backup tunnel between R2 - R4 is established.
R2#show track Track 1 IP SLA 10 state State is Down « Primary link is down, IP SLA is also down 8 changes, last change 00:00:03 Latest operation return code: Timeout Tracked by: Track List 100 Track 100 List boolean and Boolean AND is Up « Object 100 is Up 8 changes, last change 00:00:03 object 1 not Down Tracked by: Static IP Routing 0 R2#show track brief Track Type Instance Parameter State Last Change 1 ip sla 10 state Down 00:00:15 100 list boolean Up 00:00:15 R2#show ip route | beg Ga Gateway of last resort is 10.2.0.2 to network 0.0.0.0 S* 0.0.0.0/0 [1/0] via 10.2.0.2, GigabitEthernet0/1 « Default route is installed on R2 3.0.0.0/32 is subnetted, 1 subnets S 3.3.3.3 [1/0] via 192.168.100.1, GigabitEthernet0/2 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.2.0.0/30 is directly connected, GigabitEthernet0/1 L 10.2.0.1/32 is directly connected, GigabitEthernet0/1 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks C 172.16.0.0/30 is directly connected, Tunnel10 L 172.16.0.1/32 is directly connected, Tunnel10 192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.1.0/24 is directly connected, GigabitEthernet0/0 L 192.168.1.2/32 is directly connected, GigabitEthernet0/0 192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.100.0/30 is directly connected, GigabitEthernet0/2 L 192.168.100.2/32 is directly connected, GigabitEthernet0/2 R2#show ip int br Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 192.168.1.2 YES NVRAM up up GigabitEthernet0/1 10.2.0.1 YES NVRAM up up GigabitEthernet0/2 192.168.100.2 YES manual up up GigabitEthernet0/3 unassigned YES NVRAM administratively down down Tunnel10 172.16.0.1 YES manual up up « Tunnel line protocol is up
The above example scenario shows only a brief and simplified version of a backup on-demand tunnel configuration. Notice, there are no VRFs configured, and no HSRP, and also the on-demand tunnel over the internet does not have IPSec configured.
Design considerations
When working with object tracking and primary/backup gateway (or MPLS CE) routers, several design questions may need to be considered. If the gateway routers advertise Site 1 prefixes over BGP to the provider, it is important to plan the reverse path of traffic, in order to avoid asymmetric or suboptimal routing (especially during a link failure scenario).
For example, based on the previous section's design (on-demand backup tunnel), if the direct link between R1 and R2 fails, then the IP SLA on R2 goes down, and the on-demand backup tunnel will be established. Thus, the on-demand backup tunnel is established even though the primary link is still active.
Another aspect to consider is the source and destination of the IP SLA used during object tracking. For example, the source of the IP SLA can be the LAN interface or the WAN interface. Both methods have their benefits (especially in MPLS managed services). Moreover, the IP SLA destination can be multiple hops away or it can be a directly connected link, in which case a fault multiple hops away will not trigger a response.
Finally, object tracking can use a delay timer to introduce a waiting period before a state change. This can be useful in case of a flapping link, or in case object tracking must wait for other services to converge (such as IP routing table or automated script).
R2# R2#enable R2#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R2(config)# R2(config)#track 1 ? application Application interface Select an interface to track ip IP protocol ipv6 IPv6 protocol list Group objects in a list stub-object Stub tracking object R2(config)#track 1 ip ? route IP route sla IP Service Level Agreement R2(config)#track 1 ip sla 10 R2(config-track)#delay ? down Delay down change notification up Delay up change notification R2(config-track)#delay down ? <0-180> Seconds to delay R2(config-track)#delay down 10 ? up Delay up change notificationR2(config-track)#delay down 10 up 10 R2(config-track)# R2(config-track)#end R2#