cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3126
Views
0
Helpful
11
Replies

EEM Script to trace default route down, wait x amount of time, check to make sure route is still gone and then conitnue running script

mvanosdall
Level 1
Level 1

Wanting the ability to track when default route goes away, then wait a certain period of time, like 60 seconds, check default once more to make sure it is still gone and if so then proceed with script to remove static routes. Here is what I had so far but its missing the piece to verify the route a second time before proceeding since this is the piece I'm having trouble with. Using null routes for now and manually removing the default to test the script.

 

event manager applet BGP_Remove_STATICS
 event routing network 0.0.0.0/0 type remove
 action 2.0 syslog msg "Default Route Missing-Removing Static Routes"
 action 2.5 cli command "enable"
 action 3.0 cli command "conf term"
 action 3.5 syslog msg "BGP STATIC ROUTES REMOVED BY EEM"
 action 4.0 cli command "no ip route 10.200.37.0 255.255.255.0 Null0"
 action 4.5 cli command "no ip route 10.200.38.0 255.255.255.0 Null0"
 action 5.0 cli command "no ip route 10.200.39.0 255.255.255.0 Null0"
 action 5.5 cli command "no ip route 10.200.40.0 255.255.255.0 Null0"
 action 6.0 cli command "no ip route 10.201.11.0 255.255.255.0 Null0"
 action 6.5 cli command "no ip route 10.201.12.0 255.255.255.0 Null0"
 action 7.0 cli command "no ip route 10.201.13.0 255.255.255.0 Null0"
 action 7.5 cli command "no ip route 10.201.14.0 255.255.255.0 Null0"
 action 8.0 cli command "clear ip bgp 10.161.44.195 soft"

11 Replies 11

Joe Clarke
Cisco Employee
Cisco Employee

Create another applet that looks like:

 

event manager applet BGP_Abort

 event routing network 0.0.0.0/0 type add

 action 1.0 cli command "enable"

 action 2.0 cli command "config t"

 action 3.0 cli command "event manager applet BGP_Remove_STATICS_Timer"

 action 4.0 cli command "event none"

 action 5.0 cli command "end"

 

Then within your current applet, remove the actions that remove the routes, and then create a third applet called BGP_Remove_STATICS_Timer with a "none" event.  This third applet will have all of your route remove actions.

 

BGP_Remove_STATICS will then looks like:

 

event manager applet BGP_Remove_STATICS
 event routing network 0.0.0.0/0 type remove
 action 2.0 syslog msg "Default Route Missing-Removing Static Routes"
 action 2.5 cli command "enable"
 action 3.0 cli command "conf term"

 action 4.0 cli command "event manager applet BGP_Remove_STATICS_Timer"

 action 5.0 cli command "event timer countdown time 60"

 action 6.0 cli command "end"

 

The last action in BGP_Remove_STATICS_Timer can reset its event to none, or you can leave it as it is as that is a timer.  The downside of the latter is that on reload, the timer will run again.

Thanks for the input. Here is what I did based on it:

event manager applet REMOVE_STATICS_Abort
 event routing network 0.0.0.0/0 type add
 action 1.0 cli command "enable"
 action 2.0 cli command "config t"
 action 3.0 cli command "event manager applet BGP_Remove_STATICS_Timer"
 action 4.0 cli command "event none"
 action 5.0 cli command "end"
event manager applet BGP_Remove_STATICS
 event routing network 0.0.0.0/0 type remove
 action 2.0 syslog msg "Default Route Missing-Removing Static Routes"
 action 2.5 cli command "enable"
 action 3.0 cli command "conf term"
 action 4.0 cli command "event manager applet BGP_Remove_STATICS_Timer"
 action 5.0 cli command "event timer countdown time 60"
 action 6.0 cli command "end"
event manager applet BGP_Remove_STATICS_Timer
 event none
 action 2.5 cli command "enable"
 action 3.0 cli command "conf term"
 action 5.0 cli command "no ip route 10.200.37.0 255.255.255.0 Null0"
 action 5.5 cli command "no ip route 10.200.38.0 255.255.255.0 Null0"
 action 6.0 cli command "no ip route 10.200.39.0 255.255.255.0 Null0"
 action 6.5 cli command "no ip route 10.200.40.0 255.255.255.0 Null0"
 action 7.0 cli command "no ip route 10.201.11.0 255.255.255.0 Null0"
 action 7.5 cli command "no ip route 10.201.12.0 255.255.255.0 Null0"
 action 8.0 cli command "no ip route 10.201.13.0 255.255.255.0 Null0"
 action 8.5 cli command "no ip route 10.201.14.0 255.255.255.0 Null0"
 action 9.0 cli command "clear ip bgp 10.161.44.195 soft"

Is that what you were thinking....as it does work. The only question I had about your last comment which was ...The last action in BGP_Remove_STATICS_Timer can reset its event to none, or you can leave it as it is as that is a timer.  The downside of the latter is that on reload, the timer will run again......Is that on a reload the timer would kick in and could remove the routes etc... depending on how the route reloads. I did see one other command which is ....event manager detector routing bootup-delay xx(seconds) This would delay the EEM until the router boots correct?

 

Thanks

Yes, this is what I had in mind.  No, that command won't help you with this problem (though it could help you in general).  The problem is that a countdown timer will rearm on reload.  So, 60 seconds after reload, all of your routes will be removed unless the "add" event kills it.  Not worth the risk in my opinion.  Better to add an action to the end of your timer applet to set its ED back to none.

not fully sure I understand yet. When you say set the ED back to none. So what you are saying is under the event manager applet BGP_Remove_STATICS_Timer you would put another action that says what?

action 9.1 "event manager applet BGP_Remove_STATICS_Timer"

action 9.2 "event none"

action 9.3 "end"

Based on the following script I have a couple of other questions:

 

1) When I run this script the device I see this in the logs:

Oct  6 19:37:04.461: %HA_EM-3-FMPD_CLI_CONNECT: Unable to establish CLI session: 'Embedded Event Manager' detected the 'fatal' condition 'no tty lines available, minimum of 2 required by EEM'............Yet the script runs fine. Is this an issue and if so how do I solve that?

 

2) The current script as written will monitor for default to go away. Once it goes away a 60 second timer starts. If within that 60 seconds the default comes back then the script and timer will stop and not remove the routes and prefix lists. This will continue cycling this way so the only concern is what happens if you are having a flapping situation. So would there be a way to do the following:

 

After the default route goes away......wait a defined time interface(such as 60 second.....Check for default route after the 60 second and if it still gone then go ahead and execute the script. If default is back then stop the execution of the script.

Thank you in advance for all the help.

======================

Current Script:

event manager applet REMOVE_STATICS_Abort

 event routing network 0.0.0.0/0 type add

 action 1.0 cli command "enable"

 action 2.0 cli command "config t"

 action 3.0 cli command "event manager applet BGP_Remove_STATICS_Timer"

 action 4.0 cli command "event none"

 action 5.0 cli command "end"

event manager applet BGP_Remove_STATICS

 event routing network 0.0.0.0/0 type remove

 action 2.0 syslog msg "Default Route Missing-Removing Static Routes"

 action 2.5 cli command "enable"

 action 3.0 cli command "conf t"

 action 4.0 cli command "event manager applet BGP_Remove_STATICS_Timer"

 action 5.0 cli command "event timer countdown time 60"

 action 6.0 cli command "end"

event manager applet BGP_Remove_STATICS_Timer

 event none

 action 1.0 cli command "enable"

 action 1.5 cli command "conf t"

 action 2.0 cli command "no ip route 10.200.37.0 255.255.255.0 63.145.22.189"

 action 2.1 cli command "no ip route 10.200.38.0 255.255.255.0 63.145.22.189"

 action 2.2 cli command "no ip route 10.200.39.0 255.255.255.0 63.145.22.189"

 action 2.3 cli command "no ip route 10.200.40.0 255.255.255.0 63.145.22.189"

 action 2.4 cli command "no ip route 10.201.11.0 255.255.255.0 63.145.22.189"

 action 2.5 cli command "no ip route 10.201.12.0 255.255.255.0 63.145.22.189"

 action 2.6 cli command "no ip route 10.201.13.0 255.255.255.0 63.145.22.189"

 action 2.7 cli command "no ip route 10.201.14.0 255.255.255.0 63.145.22.189"

 action 2.8 cli command "no ip prefix-list BGPANNOUNCE seq 5 permit 10.161.44.192/29"

 action 2.9 cli command "no ip prefix-list BGPANNOUNCE seq 10 permit 204.194.130.55/32"

 action 3.0 cli command "no ip prefix-list BGPANNOUNCE seq 15 permit 204.194.125.41/32"

 action 3.1 cli command "no ip prefix-list BGPANNOUNCE seq 25 permit 204.194.129.131/32"

 action 4.0 cli command "clear ip bgp 10.161.44.193 soft"

 action 4.1 cli command "clear ip bgp 10.161.44.195 soft"

 action 4.2 cli command "clear ip bgp 63.145.22.189 soft"

 action 5.0 cli command "event manager applet BGP_Remove_STATICS_Timer"

 action 5.1 cli command  "event none"

 action 5.2 cli command  "end"

 

1. EEM requires at least two open VTY lines in order to execute CLI commands.  One line will be used by EEM itself, and the other will be left free for human use.  This is so EEM doesn't use the last available line.  If you're getting this error, then you have most lines occupied already.

 

2. What you describe is how my applets work.  The applet that detects the remove doesn't do anything except install a timer to make sure the default route is still gone after 60 seconds.  If so, then the other routes are removed.  If the default is back, the timer is stopped, and nothing happens.

Joe, On your point number 2 I swear I've tested it a couple of times and as long as i bring default route back within the 60 seconds the routes and prefix lists are not removed. I'll test it again tomorrow and let you know.

 

Thanks for all you help.

Correct, they will NOT be removed.  This prevents the flapping one would get if the default route is continuously being added and removed.  I thought this is what you wanted and what you described in your previous post.

In production my script did not run as we are using AAA authentication. Could you help answer these questions?

1) When AAA is accessible you have to enter in a username and password to go into config mode. In this case I would assume I could add the entry

event manager session cli username "xxxxxxx" Where xxxxxxx is the username. Question here is what do you do for the password entry and is my first assumption/command correct?


2) In the event that AAA is down....which would be the case in what I am trying to setup.......how do you allow the script to run?


3) Is there a way to accommodate both if AAA is up or down in the same scripts?

 

1. All CLI commands go through command authz if configured.  Therefore, you either need to configure "event manager session cli username USER" where USER is a user authorized to run all CLI commands in your policies, or you need to register each policy with the "auth bypass" keywords to prevent AAA authz.

 

EEM does not do authn.  It assumes that because the policy was configured, it is authenticated.  Only authz is done, so you only need a username.

2. Make sure your "aaa authorization" config has an appropriate fallback (e.g., enable).

3. That all depends on your AAA config.  Of course, if you use "auth bypass" on your EEM policies AAA is moot.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: