cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2710
Views
0
Helpful
27
Replies

how to use eem on core to shutdown ports on access-layer stacks

marco.bernardy
Level 1
Level 1

Hi,

We have a 6509 core with 8 stacks of 9*3750PS. We want to use eem on the core to turn off the ports on the 3750's outside office hours(green-it initiative).

Is this possible? If so do have a link to scripts we could use?

The core runs s3223_rp Software (s3223_rp-IPBASE_WAN-M), Version 12.2(18)SXF16, RELEA

SE SOFTWARE (fc2)

The 3750's run c3750-IPBASE-M 12.2(25)SEE2

Thanks!

Marco

1 Accepted Solution

Accepted Solutions

I was more interested in CONFIG. You have configured the community string "private". However, your 6500 config is using a different RW community. Make sure the community string in your CONFIG file is the read-write community string configured on the 3750, and that any access-list you have tied to that community string allows the 6500.

My default, a timeout will occupy 90 seconds of time. Given the number of ifIndexes, this can overflow the allowed 10 minutes of execution time.

View solution in original post

27 Replies 27

Lucien Avramov
Level 10
Level 10

You can actually use just KRON for this task:

kron occurrence TIME2at 17:00 recurring

policy-list interface-down

kron occurrence TIME1 at 09:00 recurring

policy-list interface-up

kron policy-list interface-up

cli interface range f0/1-4

cli no shut

kron policy-list interface-down

cli interface range f0/1-4

cli shut

I don't think so. The cli policy run in EXEC mode.

I just checked the cli guide, and that is correct it's only EXEC mode, so it wont let you go to config terminal in KRON:

http://www.cisco.com/en/US/docs/ios/netmgmt/command/reference/nm_08.html#wp1058933

So, then EEM is the way to go.

Joe Clarke
Cisco Employee
Cisco Employee

There is actually an example like this on our Cisco Beyond repository now. See http://forums.cisco.com/eforum/servlet/EEM?page=eem&fn=script&scriptId=1701 . If you'd rather use an applet, you could go with something as simple as:

event manager applet shut-ports

event timer cron cron-entry "0 17 * * *"

action 1.0 cli command "enable"

action 2.0 cli command "config t"

action 3.0 cli command "interface range $PORT_RANGE"

action 4.0 cli command "shut"

action 5.0 cli command "end"

action 6.0 syslog msg "Ports in range $PORT_RANGE were shutdown"

event manager applet up-ports

event timer cron cron-entry "0 8 * * *"

action 1.0 cli command "enable"

action 2.0 cli command "config t"

action 3.0 cli command "interface range $PORT_RANGE"

action 4.0 cli command "no shut"

action 5.0 cli command "end"

action 6.0 syslog msg "Ports in range $PORT_RANGE were brought back up"

Then, set the PORT_RANGE environment variable:

event manager environment PORT_RANGE Gi1/1-24

This will then take down those ports at 5 pm, and bring them back up at 8 am.

I should point out, that these policies are for the 6500s. The 3750s would need to be upgraded to 12.2(40)SE to get EEM support.

I wanted to run the scripts from the core because it has eem support and the 3750's don't. I am running C3750-IPBASE-M now, i tested with C3750-IPSERVICES-M 12.2.(50)SE2 and that does support eem. But our cisco contact told me that if we would upgrade from IPBASE to IPSERVICES we would need to buy a license of about $2000 per 3750 switch? Is this correct? ifso i'm still looking for a way to have the scripts on the core trigger something on the 3750's to shut down the ports.

Thanks

I believe it is correct that you'd need to purchase a license to move feature set.

As for running an EEM policy on the 6500 to trigger a port down on the 3750, that is certainly possible. You can use SNMP on the 6500 to shut the ports down on the 3750. You could even use telnet/SSH from the 6500. SNMP would be the easiest of the two to implement. To do it, you would first need to know the list of ifIndex values of the ports to shutdown.

I can write up a script for you depending on the approach you'd like to take.

Hi,

Thanks a lot for your support sofar,if snmp is the easiest way to go i'd prefer that. I attached the ifIndex values of the ports on my test-3750. I really appreciate you offer to write the script for me as i've no expirience in this area.

Thanks,

Marco

These two policies should do what you want. First, define three required environment variables:

event manager environment shutdown_ports_cron DOWN_CRON_ENTRY

event manager environment up_ports_cron UP_CRON_ENTRY

event manager environment shutdown_ports_config CONFIG

Where DOWN_CRON_ENTRY is a cron entry specifying when to shutdown ports. For example, to shutdown ports at 5 pm:

event manager environment shutdown_ports_cron 0 17 * * *

UP_CRON_ENTRY us a cron entry specifying when to bring ports back up. For example, to bring ports up at 8 am:

event manager environment up_ports_cron 0 8 * * *

And CONFIG is a path to a file containing the configuration on which switches and ports to shutdown. The format of the file lists individual switches on different lines with colon-separated fields specifying switch name/IP, read-write community string, and a comma-separated list of port ifIndexes to shutdown:

SWITCH:COMMUNITY:PORTS

For example:

10.1.1.1:private:10001,10002,10003

20.1.1.1:private:1,2,3

Once the environment variables and the config file are in place, then you can register the two policies. Be sure to set initial cron entries close to the current time for testing.

Here are newer versions of these policies with some fixes.

Grrr, I got greedy with my search and replace in the up script. New version attached.

Hi,

Thanks for the scripts.

I copied them to disk0/USER_TCL, and i did 'event manager directory user policy disk0:/USER_TCL.

I create a text file CONFIG with ifindexec of the ports as you explained and put this in the root of disk0.

But when i try to register the policie

i get this error:

event manager policy tm_up_ports.tcl type user

Compile check and registration failed:Wrong # args, usage is "::cisco::eem::even

t_register_timer watchdog|countdown|absolute|cron name ? cron_entry ? time ? que

ue_priority normal|low|high maxrun ? nice ?"

while executing

"::cisco::eem::event_register_timer cron cron_entry $up_ports_cron

"

Tcl policy execute failed: Wrong # args, usage is "::cisco::eem::event_register_

timer watchdog|countdown|absolute|cron name ? cron_entry ? time ? queue_priority

normal|low|high maxrun ? nice ?"

Embedded Event Manager configuration: failed to retrieve intermediate registrati

on result for policy tm_up_ports.tcl: Unknown error 0

Can you tell me what i'm doing wrong?

Thanks!

Marco

Your version of IOS requires another argument. Try these.

Just in case, I am reposting with a higher maxrun time. I tested with only two ifIndexes, but more could overrun the 20 second default.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: