cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1768
Views
0
Helpful
16
Replies

EEM time-based applet suppression

lyranvolcrane
Level 1
Level 1

Our company is trying to implement a time-based WAN failover schedule. We want to use EEM for this purpose and have created some applets with syslog event detectors to fire off various shutdown commands on the router when site router detects it's BGP peer go down, and suppress the failover event if it is after 9pm local time to the router.

Now I was thinking about approaching this from various angles, but one of the most promising angles requires a few question.

First, is there any way to parse the system time for conditional statement for the execution of the failover, basically forcing an "action if goto" conditional to skip to the last action of the applet instead of going through with the various no shut commands necessary to bring up the backup WAN link.

Second, I was thinking about using the applets to define a variable i.e. variable = 1 (when the BGP peer is down), variable = 0 (when the BGP peer is up). But there are a couple of applets that would use this, so I was wondering if the variables defined in a given applet are considered local variables, and are cleared from memory once the applet actions are completed (after the event detector finishes executing the actions that caused the applet to start in the first place), or are they global variables that stay in RAM persistently, and can be referenced by other applets if needed. I am hoping that they are global and persistent, or if there is such a thing that can be modified by an EEM applet so I can use that feature. My purpose for having this global variable is to have another EEM applet run at 8AM every morning to check to see if the BGP peer is still down, and if so it will automatically fire off the failover commands manually, which should have been supressed when the other applet I mentioned would fire.

I cannot imagine this is a difficult script, I am trying to find, and define the various mechanisms within the framework of the EEM system.

I will be more than happy to explain in detail what our goals are if anything is unclear. Thanks for any responses in this regard.

1 Accepted Solution

Accepted Solutions

Here are some examples I think should do what you want. They require EEM 3.0.

event manager applet BGP-State-Down

event syslog pattern "%BGP-5-ADJCHANGE: neighbor x.x.x.x Down BGP Notification sent"

action 001 set bgp_down "1"

action 002 context save key BGPCTXT variable "bgp_down"

action 003 cli command "show clock"

action 004 string trim "$_cli_result"

action 005 regexp "^([0-9]+):" "$_string_result" ignore hours

action 006 if $hours ge 22

action 007 exit

action 008 end

action 009 if $hours le 8

action 010 exit

action 011 end

action 012 cli command "enable"

action 013 cli command "config t"

action 014 cli command "int fa3"

action 015 cli command "no shut"

action 016 cli command "int tun201"

action 017 cli command "no shut"

action 018 cli command "end"

event manager applet BGP-State-UP

event syslog pattern "%BGP-5-ADJCHANGE: neighbor x.x.x.x Up"

action 001 context retrieve key BGPCTXT

action 002 handle-error type ignore

action 003 cli command "enable"

action 004 cli command "config t"

action 005 cli command "int fa3"

action 006 cli command "shut"

action 007 cli command "int tun201"

action 008 cli command "shut"

action 009 cli command "end"

event manager applet BGP-State-Down-Opening

event timer cron name Opening cron-entry "0 8 * * *" maxrun 15

action 001 context retrieve key BGPCTXT variable "bgp_down"

action 002 handle-error type exit

action 003 if $bgp_error ne 1

action 004 exit

action 005 end

action 006 cli command "enable"

action 007 cli command "config t"

action 008 cli command "int fa3"

action 009 cli command "no shut"

action 010 cli command "int tun201"

action 011 cli command "no shut"

action 012 cli command "end"

View solution in original post

16 Replies 16

Joe Clarke
Cisco Employee
Cisco Employee

On what version of IOS will these policies be running? It sounds like you are going to need to use Tcl for what you want to do, but it may be possible with applets provided you have EEM 3.0 support.

The lab router that we are running it on (prior to our next IOS refresh) will be c870-advipservicesk9-mz.124-24.T1.bin

As I recall EEM 2.1 is available on this IOS for the 871 routers, but not 3.0.

In fact I just confirmed it on the feature navigator.

We also are using 1841's as well, and at 12.4(20) it appears that EMM 3.0 was made available. Sadly though the 871's are in the majority of the routing equipment we are going to be implementing this on.

No, this router will have EEM 3.0. I will post some applet examples which should accomplish what you want.

EEM 3.0 was introduced in 12.4(22)T, so the 871 will have it. If the 1841 is running 12.4(20)T, it will only have EEM 2.4.

We are running 12.4(22)T on all 1841's sorry, I was just mentioning what research I had done!

Joe Clarke
Cisco Employee
Cisco Employee

Exactly what commands do you need to have run when the conditions are met?

The conditions are as follows:

From 8AM-10PM fail over should be available.

Outside of that window of time all fail over automation should be suppressed until 8AM

The remote location (where the script will be based), will have a BGP peer across an MPLS network at our home facility. When there is a syslog notification (or similar routing change) that the BGP peer has gone down, an applet with a syslog condition looking for the "Peer is DOWN" notification will begin running through a set of actions

I imagine these actions will be something like:

event manager applet BGP-State-Down

event syslog pattern "%BGP-5-ADJCHANGE: neighbor x.x.x.x Down BGP Notification sent"

action 1.1 set BGPdown 1

action 1.2 enable

action 1.3 if (time condition >= 10PM and <= 8AM) goto final action or somehow exit applet

action 1.4 cli command "configure terminal"

action 1.5 cli command "interface fastEthernet3"

action 1.6 cli command "no shutdown"

action 1.7 cli command "interface Tunnel 201"

action 1.8 cli command "no shutdown"

Then there is another applet that will reverse these actions without the time constraint:

event manager applet BGP-State-UP

event syslog pattern "%BGP-5-ADJCHANGE: neighbor x.x.x.x Up"

action 1.0 set BGPdown 0

action 1.1 cli command "enable"

action 1.1 cli command "configure terminal"

action 1.4 cli command "interface fastEthernet3"

action 1.5 cli command "shutdown"

action 1.6 cli command "interface Tunnel 201"

action 1.7 cli command "shutdown"

Then there would be a third applet that would take care of bringing up the failover connection in case the WAN link went down during the suppressed time, and that it has not come back up by 8AM.

event manager applet BGP-State-Down-Opening

event timer cron name "Opening" cron-entry "0 8 * * *" maxrun 15

action 1.2 enable

action 1.3 if BGPdown == 1

action 1.4 cli command "configure terminal"

action 1.5 cli command "interface fastEthernet3"

action 1.6 cli command "no shutdown"

action 1.7 cli command "interface Tunnel 201"

action 1.8 cli command "no shutdown"

I am sure there are some concepts I might be missing, but this is based on a script we are already running to control automated failover, but it does not allow us to control the times that it is allowed to occur.

Here are some examples I think should do what you want. They require EEM 3.0.

event manager applet BGP-State-Down

event syslog pattern "%BGP-5-ADJCHANGE: neighbor x.x.x.x Down BGP Notification sent"

action 001 set bgp_down "1"

action 002 context save key BGPCTXT variable "bgp_down"

action 003 cli command "show clock"

action 004 string trim "$_cli_result"

action 005 regexp "^([0-9]+):" "$_string_result" ignore hours

action 006 if $hours ge 22

action 007 exit

action 008 end

action 009 if $hours le 8

action 010 exit

action 011 end

action 012 cli command "enable"

action 013 cli command "config t"

action 014 cli command "int fa3"

action 015 cli command "no shut"

action 016 cli command "int tun201"

action 017 cli command "no shut"

action 018 cli command "end"

event manager applet BGP-State-UP

event syslog pattern "%BGP-5-ADJCHANGE: neighbor x.x.x.x Up"

action 001 context retrieve key BGPCTXT

action 002 handle-error type ignore

action 003 cli command "enable"

action 004 cli command "config t"

action 005 cli command "int fa3"

action 006 cli command "shut"

action 007 cli command "int tun201"

action 008 cli command "shut"

action 009 cli command "end"

event manager applet BGP-State-Down-Opening

event timer cron name Opening cron-entry "0 8 * * *" maxrun 15

action 001 context retrieve key BGPCTXT variable "bgp_down"

action 002 handle-error type exit

action 003 if $bgp_error ne 1

action 004 exit

action 005 end

action 006 cli command "enable"

action 007 cli command "config t"

action 008 cli command "int fa3"

action 009 cli command "no shut"

action 010 cli command "int tun201"

action 011 cli command "no shut"

action 012 cli command "end"

Thanks for the scripting info, I am going to run this against our lab setup and see how it runs, I don't suspect I will run into any problems, and there are a lot of items there I never expected from the EEM system. I look forward to reporting the result and adding in anything valuable to the forum!

Thank you very much for your time spent working with me on this thus far!

I had a typo in my BGP-State-Down-Opening policy. It should have read:

event manager applet BGP-State-Down-Opening

event timer cron name Opening cron-entry "0 8 * * *" maxrun 15

action 001 context retrieve key BGPCTXT variable "bgp_down"

action 002 handle-error type exit

action 003 if $bgp_down ne 1

action 004 exit

action 005 end

action 006 cli command "enable"

action 007 cli command "config t"

action 008 cli command "int fa3"

action 009 cli command "no shut"

action 010 cli command "int tun201"

action 011 cli command "no shut"

action 012 cli command "end"

I caught that last night as well, I managed to make the modification with little ill effect, however the time matching action lines in BGP-State-Down appear to not work as intended.

I did an action puts in a sample applet and received the result of the number of the hour with a : on it

I am working on trying to get this repaired this output where possible, it appears everything else will work as intended though.

I looked up the action context commands, and I have to admit that is a pretty ingenious way to pass variables and other data between applets.

The time capture code works fine for me. I think you typed it in wrong. Post EXACTLY what you have configured on your router.

Alright, you are absolutely correct, it did work exactly as was given to in you previous post with the single errata you provided for one of the variable names. The only thing that I think we both overlooked (lord knows I was thinking about it all weekend), was the fact that the time constraints were from 10pm to 8am. Well if we set the if condition statements:

action 006 if $hours ge 22

action 007 exit

action 008 end

action 009 if $hours le 8

action 010 exit

action 011 end

Then the code will not prevent execution of the shutdown commands until 11PM, and before 7AM.

Essentially it was just a matter of a single hour correction in the code, that is what was throwing me off!

Beyond that the code works beautifully, and I will also post my result of all of the customizations, so everyone in the netpro forums might benefit from this information!

Thanks again for your time, and the extra time you spent with me getting this working!

For the rest of the community, I am including the entire script with modifications. The scenario of this script is pretty straight-forward, but to detail it I will explain our reasoning for each section:

We have many retail locations migrating to a wireless backup solution that charges us per hour start starts when data is put through the connection. We have to suppress the automated failover script we were using from the hours of 10pm until 8am until opening.

We also needed a solution that would ignore the router's clock status about whether or not the time was authoritative, or synced with our NTP servers (the * or . at the beginning of "show clock" output).

The last condition we needed to meet for this solution was for store opening and closing time. If the wireless backup were currently up at store closing time, it was to be forced back down until the next morning. Also there needed to be a script to bring the wireless backup link up at store opening if the primary WAN circuit went down overnight, or if it was down before the store closed the previous business day.

This is the code that appears to do what we need:

event manager applet BGP-State-UP

event syslog pattern "%BGP-5-ADJCHANGE: neighbor x.x.x.x Up" maxrun 60

action 001 context retrieve key BGPCTXT

action 002 handle-error type ignore

action 003 cli command "enable"

action 004 cli command "config t"

action 005 cli command "int fa3"

action 006 cli command "shut"

action 007 cli command "int tun201"

action 008 cli command "shut"

action 009 cli command "end"

event manager applet BGP-State-Down

event syslog pattern "%BGP-5-ADJCHANGE: neighbor x.x.x.x Down BGP Notification sent"

action 001 set bgp_down "1"

action 002 context save key BGPCTXT variable "bgp_down"

action 003 cli command "show clock"

action 004 string trim "$_cli_result"

action 005 set tempstring "$_string_result"

action 006 string trimleft "$tempstring" "*"

action 007 set tempstring "$_string_result"

action 008 string trimleft "$tempstring" "."

action 009 regexp "^([0-9]+):" "$_string_result" ignore hours

action 010 if $hours ge 21

action 011 exit

action 012 end

action 013 if $hours le 7

action 014 exit

action 015 end

action 016 cli command "enable"

action 017 cli command "config t"

action 018 cli command "int fa3"

action 019 cli command "no shut"

action 020 cli command "int tun201"

action 021 cli command "no shut"

action 022 cli command "end"

event manager applet BGP-Opening-WAN-Down

event timer cron name Opening cron-entry "0 22 * * *" maxrun 15

action 001 context retrieve key BGPCTXT variable "bgp_down"

action 002 handle-error type exit

action 003 if $bgp_down ne 1

action 004 exit

action 005 end

action 006 context save key BGPCTXT variable "bgp_down"

action 007 cli command "enable"

action 008 cli command "config t"

action 009 cli command "int fa3"

action 010 cli command "no shut"

action 011 cli command "int tun201"

action 012 cli command "no shut"

action 013 cli command "end"

event manager applet BGP-Closing-WAN-Down

event timer cron name Closing cron-entry "0 8 * * *" maxrun 15

action 001 context retrieve key BGPCTXT variable "bgp_down"

action 002 handle-error type exit

action 003 if $bgp_down ne 1

action 004 exit

action 005 end

action 006 context save key BGPCTXT variable "bgp_down"

action 007 cli command "enable"

action 008 cli command "config t"

action 009 cli command "int fa3"

action 010 cli command "shut"

action 011 cli command "int tun201"

action 012 cli command "shut"

action 013 cli command "end"

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco