cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2536
Views
0
Helpful
6
Replies

IP SLA monitor together with EEM (Embedded Event Manager)

alanchia2000
Level 1
Level 1

I am looking for a solution to monitor 2 ISP links. Both ISPs are on the same VLAN.
Right now, if one link fails, a manually fail over has to be done by shutting down a port.

A friend of mine advised me to use IP SLA with EEM (Embedded Event Manager) but did not give examples.Can anyone help?

Say if I am only able to control Sw1 and Sw 2, what would be the required configuration?

If  I have 2 links

Sw3 ----- Sw4

  |             

R1-------------

  |               |

ISP 1       ISP 2

  |               |

Sw1 ------ Sw2

6 Replies 6

Joe Clarke
Cisco Employee
Cisco Employee

EEM and IP SLA are certainly a possibility (depending on the code you're running).  Exactly what needs to be done to maintain availability?  With both ISPs on the same VLAN, I'm guessing one ISP port is always down.  Therefore, would a failure on one switch have to alert the other switch?

> EEM and IP SLA are certainly a possibility (depending on the code you're running).

What do you mean by code? What sort of code do I need to run? Pardon me, I am new to this.

>  Exactly what needs to be done to maintain availability?

Switch port to ISP 2 would be shut down. Should the link of ISP 1 be down, shutdown switchport to ISP 1 and do "no shut" on ISP 2 to maintain availability.

> With both ISPs on the same VLAN, I'm guessing one ISP port is always down.

Yes, that's right.

> Therefore, would a failure on one switch have to alert the other switch?

Yes, that's right.To let the other switch with the faulty link shutdown its port to the ISP.

So can anyone help?

By code, I mean what version of IOS is running on both of these switches?  Given that you will need to do some RPC between the two switches, it would be good if they supported EEM 2.4 or higher.

Version of IOS running on both switches :

Cisco IOS Software, s72033_rp Software (s72033_rp-IPBASEK9-M), Version 12.2(33)SXH3, RELEASE SOFTWARE (fc1)

How can I check if it supports EEM 2.4 or higher?

You only have EEM 2.3.  It will not be as easy to communicate between the two switches with EEM.  However, it can be done.  See this thread for a policy I wrote to facilitate running remote commands on devices:

https://supportforums.cisco.com/message/3010692#3010692

This should help get you started from an EEM standpoint.  From the IP SLA standpoint, though, you also have a tough situation.  Your version of code does not support Enhanced Object Tracking nor do you have the syslog messages which can be generated when a tacked object goes down.  For that (and for EEM 2.4), you'd need 12.2(33)SXI.

You could still make it work, but you'd need to use an EEM SNMP policy to watch for the IP SLA collector to timeout.  When it does, you can fire off the no_easy_shell.tcl policy to adjust the other switch's interface.  Your IP SLA collector would need to ping SOME address in each ISP's network.  For example:

ip sla 1

icmp-echo x.x.x.x source-interface Vlan3

!

ip sla schedule 1 life forever start now

Then, you would have an EEM applet which polled the timeout state via SNMP:

event manager applet watch-ipsla

event snmp oid  1.3.6.1.4.1.9.9.42.1.2.9.1.6.1 get-type exact entry-val 1 entry-op eq exit-val 2 exit-op 2 poll-interval 60

action 1.0 cli command "enable"

action 2.0 policy no_easy_shell.tcl

Since your switches do not support EEM 2.4, you will need to use that input.bat file I mentioned in the post above to drive the function of no_easy_shell.tcl.

Each switch would need a nearly identical setup.  However, you could get into a situation where both switch ports are down (i.e. both ISPs could be down).  To recover from that, you would need to manually "no shut" one of the ports.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: