EEM & IP SLA

Answered Question
Apr 8th, 2017
User Badges:

I'm trying to get the below script running.


What for...... I have 2 GRE Tunnels on Nexus 7710's connected to some 3900 routers with GRE. Nexus do not support keepalives for some reason.


I have some static mroute's pointing to 2 tunnels Primary and backup


In the event of the Primary GRE tunnel failing I want to remove the mroute for the Primary as below. Basically a failover mechanism.

I just wondering if my action cli script is correct. I can see "Multicast" in the syslog (SLA) when I shut down the Primary Tunnel but my EEM does not seem to work. I take it pinging the 3900 Tunnel end of the tunnel from the 7710 loopback and adding the route in every 5 seconds shouldn't be a problem as the route is already there!


Any help or other methods for this Tunnel failover would be great! We are migrating from 6500's where keepalives are supported and something like EEM is a not a requirement. I still do not understand why Nexus doesn't support keepalives!!!


ip mroute 10.x.x.252/30 10.x.x.10 2 (Secondary tunnel)
ip mroute 10.x.x.252/30 10.x.x.13 (Primary Tunnel)


ip sla 98
  icmp-echo 10.x.x.13 source-interface loopback0
    request-data-size 64
    tag Multicast
    frequency 5
ip sla schedule 98 life forever start-time now
ip sla reaction-configuration 98 react timeout threshold-type immediate action-type trapOnly
ip sla logging traps


event manager applet track_SLA_98
 event track 98 state down
 action 1.0 cli command "enable"
 action 1.1 syslog msg Multicast
 action 1.2 cli regexp "!!" "$_cli_result"
 action 1.3 cli if $_regexp_result eq 1
 action 1.4 cli command "show ip mroute"
 action 1.5 cli regexp "10.x.x.252/30" "$_cli_result"
 action 1.6 cli  if $_regexp_result ne 1
 action 1.7 cli command "conf t"
 action 1.8 cli command "ip mroute 10.x.x.252/30 10.x.x.13"
 action 1.9 cli end
 action 2.0 cli else
 action 2.1 cli  continue
 action 2.2 cli else
 action 2.3  cli command "conf t"
 action 2.4  cli command "no ip mroute 10.x.x.252/30 10.x.x.13"
 action 2.5 end

Correct Answer by Joe Clarke about 1 month 2 weeks ago

Action 1.2 is trying to match something in $_cli_result, but the last CLI command run was enable, so that will not match.  It looks like you're missing a "ping" CLI action before action 1.2.

You also have a problem with action 1.9.  You're missing a "command" keyword.

Finally, you're missing another "end" to terminate the second if block.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Joe Clarke Sat, 04/08/2017 - 15:39
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Action 1.2 is trying to match something in $_cli_result, but the last CLI command run was enable, so that will not match.  It looks like you're missing a "ping" CLI action before action 1.2.

You also have a problem with action 1.9.  You're missing a "command" keyword.

Finally, you're missing another "end" to terminate the second if block.

Actions

This Discussion