Showing results for 
Search instead for 
Did you mean: 

N9K EEM force shutdown of port till BGP recovers


Hi All


Another EEM port from me I'm afraid but somehow this does not seem to work under the 9k's.


We're running VXLAN and running VSAN across racks. Now there's a limitation with VMware where if the ESXi host sees the host port up when the spine links are down, it will think that it's in VSAN isolation and then go split brain.


The 2 conditions I want to protect against are


1) both spine links go down and shut down the port.

2) if the host ports are brought up before the spine bgp session is established immediately reshut the ports.


Following is the first EEM script which i've drawn up however it looks like the boolean AND operation does not work as expected.


track 50 interface Ethernet1/50 line-protocol
track 51 interface Ethernet1/51 line-protocol


event manager applet BOTHDOWN
event track tag eth50 50 state down
event track tag eth51 51 state down
tag eth50 and eth51 happens 1 in 1
action 1 cli conf t
action 2 cli interface ethernet 1/1-10
action 3 cli shut
action 4 cli end


Of course I can't simulate an actual link failure but best I can do is admin down the ports.


The thing is if i run int eth1/50-51 and shut only then does it trigger the EEM to shut 1 to 10.


however if I shut 50 then wait a min or 2 and then shut 51 it does not trigger.


Also when I have shut both spine links and bring up the host ports.. it does not re-trigger the EEM to re-shut the ports.


is there a different logic I should be using to achieve the protection required for the 2 scenarios above?


Thanks for any advice.

2 Replies 2


I've got the first scenario working with using the track boolean or command.


However still stuck on scenario 2 where while the spine ports are still disabled and the host ports are brought up then EEM does not kick in to reshut the ports.


Also it looks like in the NX-OS software there is no event ipsla operation command.


Is there any other logic I can use to ensure that EEM is able to recognize that both spine ports are still down and re-shut the ports.

In the nexus 9K python cli I'm not able to parse the following syntax


cli("int %s" % interface)


according to the guide, I need to issue it as

cli ("conf ; int %s % interface ; shut")


The help only says the following


Execute CLI commands. Takes CLI command string and returns show command output in a plain string form.

cmd: Single CLI command or a Batch of CLI commands. Delimiter for mutlple CLI
commands is space + semi-colon. Configuration commands need to be in a
fully qualified form.
For example, configure terminal ; interface ethernet1/1 ; no shutdown

string: CLI output string for show commands and an empty string for configuration

cli_syntax_error: CLI command is not a valid NXOS command.
cmd_exec_error: Execution of CLI command is not successful.


How can I pass variables into the cli command in the new nexus 9k please?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: