Solved: Re: Auto Clear DHCP Conflict.

Al 7onsh · ‎09-27-2022

I need to Auto Clear DHCP Conflict. I used the below script. I see in my log , that the Conflict is cleared, but when I show the ip dhcp conflict. I see the conflict IPs still there. Should I restart the Router first then the script will start to be excuted after that ? or should I clear it first time manual then the script will run? Or there is another solution. Can someone help me ?

event manager applet CLEAR_DHCP_CONFLICT
event timer watchdog time 300
action 1.0 cli command "enable"
action 2.0 cli command "clear ip dhcp conflict *"
action 3.0 syslog msg "Cleared IP DHCP conflict records"

Sep 27 15:00:21: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT: Cleared IP DHCP conflict records
Sep 27 15:05:21: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT: Cleared IP DHCP conflict records

MUESAVILLS3#show ip dhcp conf

192.168.67.142 Gratuitous ARP Sep 23 2022 10:39 AM
192.168.67.143 Gratuitous ARP Sep 23 2022 10:39 AM
192.168.67.145 Gratuitous ARP Sep 23 2022 10:40 AM
192.168.67.146 Gratuitous ARP Sep 23 2022 10:40 AM

Al 7onsh · ‎09-28-2022

I found the Solution, @MHM Cisco World . we should add after the Name of Event Manager die Authorization bypass.

Thanks for your Help, Appreciated

View solution in original post

Georg Pauwen · ‎09-27-2022

Hello,

add the lines marked in bold to your script and check if the gratuitous ARP requests keep being sent:

event manager applet CLEAR_DHCP_CONFLICT
event timer watchdog time 300
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "no service dhcp"
action 4.0 cli command "service dhcp"
action 5.0 cli command "end"
action 6.0 cli command "clear ip dhcp conflict *"
action 7.0 syslog msg "Cleared IP DHCP conflict records"

Al 7onsh · ‎09-27-2022

it doesn't work, all the action commands are not excuting. only the syslog is sent successfully. i tried it on another Router, it seems like i said all action commands not excuting, it doesn't delete the conflict IPs, and when i do it manually, it will be cleared.

event manager applet CLEAR_DHCP_CONFLICT
event timer watchdog time 300
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "no service dhcp"
action 4.0 cli command "service dhcp"
action 5.0 cli command "end"
action 6.0 cli command "clear ip dhcp conflict *"
action 7.0 syslog msg "Cleared IP DHCP conflict records"

Sep 27 17:19:21: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT: Cleared IP DHCP conflict records

BLNAMERMA8500#show ip dhcp conflict

192.168.29.23 Ping Sep 06 2022 04:08 PM

MHM Cisco World · ‎09-27-2022

ip dhcp conflict resolution <<- try this command

Al 7onsh · ‎09-27-2022

not worked. i don't know, why all action commands not excuting. only the syslog. the problem is not in command itself, but in another thing, i don't know it.

event manager applet CLEAR_DHCP_CONFLICT
event timer watchdog time 300
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "ip dhcp conflict resolution"
action 4.0 cli command "end"
action 5.0 cli command "clear ip dhcp conflict *"
action 6.0 syslog msg "Cleared IP DHCP conflict records"

Sep 27 17:38:21: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT: Cleared IP DHCP conflict records

BLNAMERMA8500#show ip dhcp conflict

192.168.29.23 Ping Sep 06 2022 04:08 PM

MHM Cisco World · ‎09-27-2022

no need EEM for this command
you can apply it directly to SW

Al 7onsh · ‎09-27-2022

I want the router to do it every hour or every day automatically , to clear the IP DHCP conflict.

Manual all commands are working, Clear ip dhcp conflict * and yours too. but i want it to be done automatically the clear every day or hour for examble.

MHM Cisco World · ‎09-27-2022

ip dhcp conflict resolution [interval minutes]

use interval to control when the SW will resolve the conflict IP.

Al 7onsh · ‎09-27-2022

it doesn't work too , the Conflict IP after the 5 min is still there.

BLNAMERMA8500#show run | s dhcp
ip dhcp conflict resolution interval 5
ip dhcp excluded-address 192.168.29.20
ip dhcp pool blnamgperma3000vlan1
network 192.168.29.0 255.255.255.0
default-router 192.168.29.20
option 150 ip 192.168.50.1 192.168.50.2
dns-server 192.168.11.101

BLNAMERMA8500#show ip dhcp conflict

192.168.29.23 Ping Sep 06 2022 04:08 PM

MHM Cisco World · ‎09-27-2022

So even this command not work... Hmmm
OK
let return to EEM then

event timer watchdog time 300

action 1.0 cli command "enable"

action 2.0 cli command "clear ip dhcp conflict *" <<- "*" must you notice add this to end

if not work
then please share the debug output of below

debug embedded event manager action cli

NOTE:- disable debug after finish

Al 7onsh · ‎09-28-2022

It doesn't work too, i made it with *. but the Debug isn't working too.

MUESAVILLS3# debug embedded event manager action cli
^
% Invalid input detected at '^' marker

event manager applet CLEAR_DHCP_CONFLICT
event timer watchdog time 300
action 1.0 cli command "enable"
action 2.0 cli command "clear ip dhcp conflict *"

MHM Cisco World · ‎09-28-2022

can I ask you are you sure you access the SW via full privilege account ??

Al 7onsh · ‎09-28-2022

Here is the Debug Result.

Sep 28 13:12:50: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : CTL : cli_open called.
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT :
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT : Unauthorized access prohibited
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT : Unberechtigter Zugang verboten
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT :
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT :
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT :
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT :
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT : MUESAVILLS3 Cisco C1111-4P LTEEA
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT : CE-Router savills 80331 Muenchen
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT : Rosental 4

Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT : MPLS-VPN-Standort MUE-Rosental
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT : Core-Layer Muenchen
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT :
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT :
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT : MUESAVILLS3>
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : IN : MUESAVILLS3>enable
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT : MUESAVILLS3#
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : IN : MUESAVILLS3#clear ip dhcp conflict *
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT : Tacacs session has expired.Please re-login to continue.
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT :
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : OUT : MUESAVILLS3#
Sep 28 13:12:51: %HA_EM-6-LOG: CLEAR_DHCP_CONFLICT : DEBUG(cli_lib) : : CTL : cli_close called.
Sep 28 13:12:51:
Sep 28 13:12:51: tty is now going through its death sequence

MHM Cisco World · ‎09-28-2022

let me check, but it seem that your EEM do CLI with command that not allow of privilege level.
but let me check how we can solve this issue.

Al 7onsh · ‎09-28-2022

I found the Solution, @MHM Cisco World . we should add after the Name of Event Manager die Authorization bypass.

Thanks for your Help, Appreciated