03-21-2013 09:59 AM
I have two applets I am using to track connectivity and add or remove an ICMP ACL to an interface based on the tracking state. On the "up" applet I have two correlated events, one for tracking and the other for a cron timer. Essentially I want to add the ACL when tracking goes down and then remove it at a specified time once the tracking comes back up. It is working, but I would like to add some logic that tells the SLA_TEST_UP applet to only run the actions at the specified cron time IF the tracking object has been up for <x> seconds to avoid bringing up an unstable path.
ip sla 99
icmp-echo 8.8.8.8 source-ip 10.10.1.1
tag "ICMP Monitoring to Internet - 1"
frequency 10
ip sla schedule 99 life forever start-time now
ip sla 100
icmp-echo 8.8.4.4 source-ip 10.20.1.1
tag "ICMP Monitoring to Internet - 2"
frequency 10
ip sla schedule 100 life forever start-time now
track 5 ip sla 99
!
track 10 ip sla 100
!
track 42 list boolean and
object 5
object 10
event manager applet SLA_TEST
event syslog pattern "TRACKING-5-STATE: 42 .* Up->Down" ! had to use this since it is a C3560X switch and EEM doesn't support tracking
action 1.1 cli command "enable"
action 1.2 cli command "configure terminal"
action 1.3 cli command "interface GigabitEthernet0/1.10"
action 1.4 cli command "ip access-group ICMP_DROP in"
action 1.5 cli command "end"
event manager applet SLA_TEST_UP
event tag 1.0 syslog pattern "TRACKING-5-STATE: 42 .* Down->Up"
event tag 2.0 timer cron cron-entry "24 16 * * *"
trigger occurs 1 delay 1
correlate event 1.0 and event 2.0
attribute tag 1.0 occurs 1
attribute tag 2.0 occurs 1
action 1.1 cli command "enable"
action 2.1 cli command "configure terminal"
action 3.1 cli command "interface GigabitEthernet0/1.10"
action 4.1 cli command "no ip access-group ICMP_DROP in"
action 5.0 cli command "end"
Thanks!
Tim
03-23-2013 06:50 PM
Dear Tim,
This is achevable by providing two default static routes to internet. the first ISP should be tracked by the IPSLA. So it will be only in the routing table and will process. During the first track is coming down, it will flush from the routing table and switch to secondary route. Corresponding ACL also will work.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide