Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3139
Views
0
Helpful
6
Replies

EEM shut interface / admin can't no shut

Go to solution
jean1
Level 1
Level 1

‎09-20-2017 08:43 AM - edited ‎03-01-2019 06:08 PM

Hello,

I want to create a simple EEM applet to shut an interface when a cable is unplug. I can only monitor the link-state of this interface. (not line-protocol). But i need administrators are able to re-enabled this interface.  This applet is working but administrator can't "no shut" interface in config mode :

 

 event manager applet PC-1
 event neighbor-discovery interface FastEthernet1/0/23 link-event down
 action 1.0 cli command "enable"
 action 2.0 cli command "configure terminal"
 action 3.0 cli command "interface f1/0/23"
 action 4.0 cli command "shutdown"
 action 5.0 syslog priority notifications msg "PC-1 UNPLUG"

 

When cable is unplug :

 

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/23, changed state to down
%LINK-3-UPDOWN: Interface FastEthernet1/0/23, changed state to down
%HA_EM-5-LOG: PC-1: PC-1 UNPLUG
%SYS-5-CONFIG_I: Configured from console by vty1
%LINK-5-CHANGED: Interface FastEthernet1/0/23, changed state to administratively down

 

Example : a new cable is plug, Administrator want change interface status in config mode :

 

SWITCH#conf t
SWITCH(config)#int fa1/0/23
SWITCH(config-if)#no shut
%LINK-3-UPDOWN: Interface FastEthernet1/0/23, changed state to down
%HA_EM-5-LOG: PC-1: PC-1 UNPLUG
%SYS-5-CONFIG_I: Configured from console by vty1
%LINK-5-CHANGED: Interface FastEthernet1/0/23, changed state to administratively down

 

how can i do to change this, this is an easy job normally ?

(i can't use "event track" cli command not available)

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to jean1

‎09-23-2017 07:57 AM

The fact that you have a circular event chain makes this difficult.  The act of shutting down the interface is quite easy.

What you could do is either save an environment variable in the config, or a context variable in memory to track the state of the interface.  That is, when you shutdown the interface, create a variable that tracks this.  The next time the applet runs, check the variable.  If it is set, then unset it (contexts clear automatically), and allow the interface to be no shut.  If it is not set, shut the interface and set the variable.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎09-20-2017 02:14 PM

Do you have the ability to configure object tracking in general (irrespective of the track event detector)?

0 Helpful

Go to solution
jean1
Level 1
Level 1
In response to Joe Clarke

‎09-21-2017 01:17 AM

Hello Joe,

 

I can use track command in global config  :

 

SWITCH:(config)#track 1 interface fa1/0/23 ?

  ip             IP parameters
  line-protocol  Track interface line-protocol

 

but only for line-protocol and i need for link-state. (I am using 3750 and 3650 switches)

0 Helpful

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to jean1

‎09-21-2017 11:49 AM

This is a tricky one, then.  I can't think of a perfect solution since transitionining from admin down to down is like going from up to down.

What I would suggest is look at How To Introduce Large Delays In EEM Policies and use a nested timer policy in the "detect down" policy.  Give it a short countdown (like 5 or 10 seconds).  If the timer is allowed to reach 0, shut the interface down.  If, however, the interface comes back up, delete the timer policy.  You'd have a small window here where the user could unplug then replug and the network would continue to work.  But that may be fine if you can make the window small enough.

0 Helpful

Go to solution
jean1
Level 1
Level 1
In response to Joe Clarke

‎09-22-2017 06:06 AM

Thanks for your answers. But for security i need this interface fall immediatly in admin-down when cable is unplug. In reality this is not for one (User-PC) but for a speficic device. I can't use port-security and 802.1x because i have some incompatibilities with fonctionnalities already use in this interface. I need to be sure nobody can plug hub in this interface between a device and a switch. We can do so more complex applet with EEM, i can't believe it's not possible to do this easy task without use EEM policy nesting.

0 Helpful

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to jean1

‎09-23-2017 07:57 AM

The fact that you have a circular event chain makes this difficult.  The act of shutting down the interface is quite easy.

What you could do is either save an environment variable in the config, or a context variable in memory to track the state of the interface.  That is, when you shutdown the interface, create a variable that tracks this.  The next time the applet runs, check the variable.  If it is set, then unset it (contexts clear automatically), and allow the interface to be no shut.  If it is not set, shut the interface and set the variable.

0 Helpful

Go to solution
jean1
Level 1
Level 1
In response to Joe Clarke

‎10-02-2017 07:33 AM - edited ‎10-04-2017 09:10 AM

 
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents