IP SLA monitor together with EEM (Embedded Event Manager)

Unanswered Question
Mar 8th, 2010
User Badges:

I am looking for a solution to monitor 2 ISP links. Both ISPs are on the same VLAN.
Right now, if one link fails, a manually fail over has to be done by shutting down a port.


A friend of mine advised me to use IP SLA with EEM (Embedded Event Manager) but did not give examples.Can anyone help?

Say if I am only able to control Sw1 and Sw 2, what would be the required configuration?



If  I have 2 links

Sw3 ----- Sw4

  |             

R1-------------

  |               |

ISP 1       ISP 2

  |               |

Sw1 ------ Sw2

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joe Clarke Mon, 03/08/2010 - 23:31
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

EEM and IP SLA are certainly a possibility (depending on the code you're running).  Exactly what needs to be done to maintain availability?  With both ISPs on the same VLAN, I'm guessing one ISP port is always down.  Therefore, would a failure on one switch have to alert the other switch?

alanchia2000 Mon, 03/08/2010 - 23:44
User Badges:

> EEM and IP SLA are certainly a possibility (depending on the code you're running).

What do you mean by code? What sort of code do I need to run? Pardon me, I am new to this.


>  Exactly what needs to be done to maintain availability?

Switch port to ISP 2 would be shut down. Should the link of ISP 1 be down, shutdown switchport to ISP 1 and do "no shut" on ISP 2 to maintain availability.


> With both ISPs on the same VLAN, I'm guessing one ISP port is always down.

Yes, that's right.


> Therefore, would a failure on one switch have to alert the other switch?

Yes, that's right.To let the other switch with the faulty link shutdown its port to the ISP.

Joe Clarke Tue, 03/09/2010 - 22:36
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

By code, I mean what version of IOS is running on both of these switches?  Given that you will need to do some RPC between the two switches, it would be good if they supported EEM 2.4 or higher.

alanchia2000 Tue, 03/09/2010 - 23:38
User Badges:

Version of IOS running on both switches :

Cisco IOS Software, s72033_rp Software (s72033_rp-IPBASEK9-M), Version 12.2(33)SXH3, RELEASE SOFTWARE (fc1)


How can I check if it supports EEM 2.4 or higher?

Joe Clarke Wed, 03/10/2010 - 10:30
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

You only have EEM 2.3.  It will not be as easy to communicate between the two switches with EEM.  However, it can be done.  See this thread for a policy I wrote to facilitate running remote commands on devices:


https://supportforums.cisco.com/message/3010692#3010692


This should help get you started from an EEM standpoint.  From the IP SLA standpoint, though, you also have a tough situation.  Your version of code does not support Enhanced Object Tracking nor do you have the syslog messages which can be generated when a tacked object goes down.  For that (and for EEM 2.4), you'd need 12.2(33)SXI.


You could still make it work, but you'd need to use an EEM SNMP policy to watch for the IP SLA collector to timeout.  When it does, you can fire off the no_easy_shell.tcl policy to adjust the other switch's interface.  Your IP SLA collector would need to ping SOME address in each ISP's network.  For example:


ip sla 1

icmp-echo x.x.x.x source-interface Vlan3

!

ip sla schedule 1 life forever start now


Then, you would have an EEM applet which polled the timeout state via SNMP:


event manager applet watch-ipsla

event snmp oid  1.3.6.1.4.1.9.9.42.1.2.9.1.6.1 get-type exact entry-val 1 entry-op eq exit-val 2 exit-op 2 poll-interval 60

action 1.0 cli command "enable"

action 2.0 policy no_easy_shell.tcl


Since your switches do not support EEM 2.4, you will need to use that input.bat file I mentioned in the post above to drive the function of no_easy_shell.tcl.


Each switch would need a nearly identical setup.  However, you could get into a situation where both switch ports are down (i.e. both ISPs could be down).  To recover from that, you would need to manually "no shut" one of the ports.

Actions

This Discussion