Solved: Re: Writing a script and need to connect to find out whats my connecte

hfakoor222 · ‎05-20-2023

I'm having a router send an EEM applet in the event of congestion threshold ~ what I want to do after that Is log into upstream routers to see where the traffic is coming from. To view connected neighbors, is there another way other than looking at sh cdp n eighbor detail?

Also would I be able to use netflow in this scenario to get an idea of where the upstream traffic is coming from ~ i.e - EEM sends ping, script goes in and implements netwflow as well as log into upstream routers?

M02@rt37 · ‎05-21-2023

Hello @hfakoor222,

If you want to gather information about upstream traffic and its sources, NetFlow can be a useful tool. NetFlow allows you to capture and analyze network traffic, including source and destination IP addresses, ports, and protocols. By enabling NetFlow on your routers, you can collect flow data and gain insights into traffic patterns and sources.

When an EEM applet detects congestion, you can use a separate EEM applet to trigger the configuration of NetFlow on the router. The applet can dynamically enable NetFlow on the necessary interfaces or adjust the existing NetFlow configuration to capture the desired traffic data.

To enable NetFlow, you would typically configure a flow exporter, a flow record, and a flow monitor. These configurations specify where the flow data should be sent, what information should be captured, and where it should be monitored.

=>the specific commands and configurations for NetFlow may vary depending on the router model and IOS version you are using.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

hfakoor222 · ‎05-20-2023

I think I might try show mac-address and show arp to find upstream routers, I am wondering if anyone has thoughts on this. Also I'm a noob with netflow, and wondering if that may help me in anyway, if anyone has advice.

Thanks

hfakoor222 · ‎05-20-2023

I think show ip arp has everything I need.

Would anyone have any advice if implementing netflow would help me pinpoint upstream routers causing congestion?

M02@rt37 · ‎05-21-2023

Hello @hfakoor222,

If you want to gather information about upstream traffic and its sources, NetFlow can be a useful tool. NetFlow allows you to capture and analyze network traffic, including source and destination IP addresses, ports, and protocols. By enabling NetFlow on your routers, you can collect flow data and gain insights into traffic patterns and sources.

When an EEM applet detects congestion, you can use a separate EEM applet to trigger the configuration of NetFlow on the router. The applet can dynamically enable NetFlow on the necessary interfaces or adjust the existing NetFlow configuration to capture the desired traffic data.

To enable NetFlow, you would typically configure a flow exporter, a flow record, and a flow monitor. These configurations specify where the flow data should be sent, what information should be captured, and where it should be monitored.

=>the specific commands and configurations for NetFlow may vary depending on the router model and IOS version you are using.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

hfakoor222 · ‎05-21-2023

I guess this might make the script useless then :0

Thanks I think I have all the info I need. I may try to write a script to continue to login to upstream devices and get the traffic statistics until a certain threshold is met

MHM Cisco World · ‎05-21-2023

where traffic coming from?
use ACL permit any and log under each interface
when traffic come from interface x it hit acl and log message send and you can detect it.

Writing a script and need to connect to find out whats my connected in