Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

EEM and CLI scripting

I'm looking at this EEM feature for the first time and I think it can solve a problem that I have. I would prefer to find a way to fix my problem with a CLI script over a TCL, but will take what I can get.

.

I have an MPLS network and want to backup one of my sites with a GRE/IPSEC tunnel on a different ISR router. Because of the way OSPF works and other factors, I cannot leave the tunnel0 interface up when my MPLS network is up too. Some routes will be preferred over the tunnel, and some over the MPLS router. No amount of changing metrics can fix that. So for now, I leave the tunnel interface shutdown and only bring it up manually if there is an outage.

.

I'd like to automate that procedure of bringing up the tunnel interface with EEM if it's possible. Is there a sample config somewhere which looks for a particular event, like a routing table change, and brings up the tunnel? Or a way to ping an external IP through an interface on the MPLS network, and if it goes down, issue that 'no shutdown' on the tunnel interface?

.

Of course, I'd need the reverse to put the tunnel back down too. Is this what EEM is used for?

Thanks.

6 REPLIES
Cisco Employee

Re: EEM and CLI scripting

Yes, this problem can easily be solved with EEM. It sounds like you could do everything using applet policies without needing TCL. What version of IOS are you running?

New Member

Re: EEM and CLI scripting

Thanks. I'm running 12.4(9)T. I am using a DMVPN at the moment.

Cisco Employee

Re: EEM and CLI scripting

With 12.4T you can take advantage of Enhanced Object Tracking in conjunction with EEM to get what you want. In this case, you will configure an IP SLA collector to ping a host across your MPLS network. When that collector goes down, then the EOT object will also go down, and this will trigger the EEM applet. For example:

ip sla 1

icmp-echo 10.1.1.1

ip sla schedule 1 start now life forever

track 1 rtr 1

event manager applet mpls_down

event track 1 state down

action 1.0 syslog msg "MPLS network is no longer passing traffic"

action 2.0 cli command "enable"

action 3.0 cli command "config t"

action 4.0 cli command "int tun0"

action 5.0 cli command "no shut"

action 6.0 cli command "end"

action 7.0 syslog msg "Failed over to tunnel interface"

event manager applet mpls_up

event track 1 state up

action 1.0 syslog msg "MPLS network is once again passing traffic"

action 2.0 cli command "enable"

action 3.0 cli command "config t"

action 4.0 cli command "int tun0"

action 5.0 cli command "shut"

action 6.0 cli command "end"

action 7.0 syslog msg "Returned traffic to MPLS network"

Some additional notes, you may need to specify a source address when configuring your IP SLA collector above. You should also test this in the lab to make sure it is working before deploying it in production.

New Member

Re: EEM and CLI scripting

Thanks. I'll play with that tomorrow. Since the pinged node would be reachable with both scenarios, it would be important that I can specify the source interface and direction of the ping. Can that be done?

Do you have any alternative scripts that perhaps look for events in the log or other such common parameters when a routing table changes? I would think this is a common request for EEM.

Robert

Cisco Employee

Re: EEM and CLI scripting

As I said, you can specify a source IP address for the ping. For example:

icmp-echo 10.1.1.1 source-ip 20.1.1.1

You can also look at a syslog message instead. I don't know what messages you get specifically, but the event detector is syslog:

event syslog pattern "..."

You can even use EOT to watch for routing changes. for example:

track 1 ip route 10.1.1.0/24 reachability

Then you could use the same EEM applets.

New Member

Re: EEM and CLI scripting

Perfect. Thank you.

304
Views
0
Helpful
6
Replies