Suspend Inactive Ports

Document

Mon, 01/06/2014 - 09:35
Jan 5th, 2014
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Here are two EEM Tcl policies that work in concert to track ports that are operationally down for a given period of time.  If they are down long enough, then the ports are administratively shutdown (or placed in a quarantine VLAN if said VLAN is defined) to prevent unknown or untracked use of them.  Each policy uses some EEM environment variables.  For the timer policy:


# This policy runs at a configured time, then checks to see if inactive ports

# have been inactive for a configured amount of time.  If so, then the ports

# will be shutdown.

#

# This policy uses the following environment variables:

#

# suspend_ports_days        : Number of days before a port is suspended.

#

# suspend_ports_config      : Path to configuration file.

#

# suspend_quarantine_vlan   : (optional) VLAN number into which ports will be moved

#                             instead of being shutdown.  If not defined, ports will be

#                             shutdown.

#


And for the syslog policy:


# This policy listens for link up syslog messages, and removes the port from

# the list of down ports.

#

# This policy uses the following environment variables:

#

# suspend_ports_config      : Path to configuration file.

#

Loading.

Actions

This Document

Related Content