06-12-2013 08:49 PM
track 1 ip sla 1
track 2 ip sla 2
ip sla auto discovery
ip sla 1
http get http://www.cisco.com
ip sla schedule 1 life forever start-time now
ip sla 2
http get http://juniper.com
frequency 80
ip sla schedule 2 life forever start-time now
event manager applet EEM-INTERNET-DOWN
event tag Check1 track 1 state down
event tag Check2 track 2 state down
trigger
correlate event Check1 and event Check2
action 2.0 syslog msg "ISP is $_track_state"
action 2.1 cli command "enable"
action 2.2 cli command "config t"
action 2.3 cli command "no ip route 0.0.0.0 0.0.0.0 1.1.1.1 5"
Hi All,
I've inherited a network that is using the above EEM script. I'm new to EEM so I really don't know what is wrong with this script (if anything). The problem is, the script is designed so if a WAN router cannot reach the internet via our ISP, it will remove the default route and receive the internet from another site via the MPLS network. The script is working flawlessly because we are getting the internet through another site via MPLS like it was intended. The problem is when I add the default route to the ISP back into the config the EEM script will run and remove the default route again. My limited understanding of the script is that it should check for www.cisco.com and juniper.com to see if both are reachable before failing over. Another thing I've noticed is our admin probably meant to track juniper.net. Any thoughts? I've noticed that pinging the juniper.com site yields no response. Would changing this to juniper.net solve my problems? Also, based on the EEM applet shouldn't it be checking both cisco.com and juniper.com (as it stands now) for reachability before it fails over? Last thing, this script does not appear to failback. Is there a suggested way to automatically failback via this EEM script or would I have to create a new script? I know I'm asking a lot, I truly appreciate any help. Thanks!
-Derrick
06-27-2013 07:17 AM
Derrick,
Just noticed your query.
The script seems to do what you have described. If both IP SLA probes are down, it would go an remove the static default route.
You are right, there is no recovery script, and I guess it was intended to be done manually.
For recovery, you would need to come up with a logic you like, because if you are getting a backup internet uplink through your MPLS network, then the IP SLA probes should recover, and there is no easy way to know the ISP uplink is working again...
You could have a script that recovers automatically later in the night (just adding the static route again), and if the IP SLA probes fail again, it would fail back again, and generate the syslog.
If you are adding the default route, and the script triggers, then it means something is wrong with the IP SLA probes... Are you sure the route is working?
Take a look at the "show ip sla stat" outputs to see what is wrong...
You could disable the script (just remove it from the config) and see if Internet actually works for you when you add the static route...
Arie
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide