Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Script for a 6500 switch EEM

Hello experts,

I need assistance to validate the following script:

!

track 100 ip sla 99 reachability

 delay down 10 up 60

!

ip sla 99

 icmp-echo X.X.X.X source-interface X

 frequency 10

 ip sla schedule 99 life forever start-time now

!

event manager environment interface_to_shut interface X

event manager applet shut_some_interface

event track 100 state down

action 0 cli command "conf t"

action 1 cli command "$interface_to_shut"

action 2 cli command "shut"

action 3 cli command "end"

action 4 syslog priority errors msg "X.X.X.X unpingable; shutting down $interface_to_shut"

!

The idea is shutdown the interface when the device loses connectivity with the neighbor in order to start the communication with the failover link; also I want to know what are the considerations to use TACACS+ authentication with EEM.

Thanks in advance for the support.

Regards.

 

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

This will certainly shutdown

This will certainly shutdown the interface, but how will it recover?  If you shutdown the source interface for your IPSLA collector, then the collector will never come back up, and thus the interface will never recover.  This assumes, of course, that interface X is the same throughout.

 

As for AAA authentication, EEM doesn't do anything with authentication.  It does, however, care about authorization.  If you are using AAA command authorization, then make sure you configure "event manager session cli username USER" where USER is a username authorized to run all of the CLI commands in your EEM policies.

1 REPLY
Cisco Employee

This will certainly shutdown

This will certainly shutdown the interface, but how will it recover?  If you shutdown the source interface for your IPSLA collector, then the collector will never come back up, and thus the interface will never recover.  This assumes, of course, that interface X is the same throughout.

 

As for AAA authentication, EEM doesn't do anything with authentication.  It does, however, care about authorization.  If you are using AAA command authorization, then make sure you configure "event manager session cli username USER" where USER is a username authorized to run all of the CLI commands in your EEM policies.

96
Views
0
Helpful
1
Replies
CreatePlease login to create content