cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2205
Views
0
Helpful
8
Replies

Traceroute with EEM to multiple addresses

mruhenkamp
Level 1
Level 1

    I am looking for a way to traceroute to a number of ip addresses(about 50) all at the same time. For example, every 2 hours I want to do a traceroute from a router to remote locations to confirm traffic is routing across the correct WAN circuit. Does anyone have any scripts for this or provide any guidance?

8 Replies 8

Joe Clarke
Cisco Employee
Cisco Employee

This script doesn't sound too difficult on the surface.  You would use a watchdog timer ED to trigger every two hours.  The question is, do you really want to trace to 50 addresses in parallel, or can the script trace to each in series?  What do you want to do with the output?

At the simplest, this script will perform a traceroute to a host specified in the traceroute_host EEM environment variable.  The output will be sent via a syslog message.

::cisco::eem::event_register_timer watchdog time 7200

if { ! [info exists traceroute_host] } {

    action_syslog msg "ERROR: Cannot execute: environment variable traceroute_host has not been set"

    exit 1

}

namespace import ::cisco::eem::*

namespace import ::cisco::lib::*

proc run_cli { clist } {
    set rbuf ""

    if {[llength $clist] < 1} {
        return -code ok $rbuf
    }

    if {[catch {cli_open} result]} {
        return -code error $result
    } else {
        array set cliarr $result
    }

    if {[catch {cli_exec $cliarr(fd) "enable"} result]} {
        return -code error $result
    }

    if {[catch {cli_exec $cliarr(fd) "term length 0"} result]} {
        return -code error $result
    }

    foreach cmd $clist {
        if {[catch {cli_exec $cliarr(fd) $cmd} result]} {
            return -code error $result
        }

        append rbuf $result
    }

    if {[catch {cli_close $cliarr(fd) $cliarr(tty_id)} result]} {
        puts "WARNING: $result"
    }

    return -code ok $rbuf
}

set output [run_cli "traceroute $traceroute_host"]

action_syslog msg "$output"

Joe,

Thanks for the response.

If I could do 10 addresses every 5 or 10 minutes, that would be fine too. So if the script does it's traceroutes in a series, that's OK.

When I do a trace, I am looking for a particular address in one of the hops. I am looking for 172.27.x.x in the hops. If I see this IP range in one of the hops, I know routing is working properly. If I don't see 172.27.x.x in the hops, I want it to generate an email to me indicating the IP address that the traceroute was incorrect for.

I hope this helps explain it in more detail.

Thanks for the assistance.

Joe,

One other thing, I would like to accomplish this by IOS CLI applets instead of .tcl scripts. Any help you can provide is appreciated.

Mark

What version of code are you running?  You will not be able to do what you want with applets unless you have EEM 3.0 or higher.

Joe,

I am running version 3.00 of EEM.

Thanks,

Mark

Since you have EEM 3.0, then you can use an applet.  Here is an example for one address.  You can adapt this to add multiple destinations.

event manager applet periodic-traceroute

event timer watchdog time 7200

action 001 cli command "enable"

action 002 cli command "traceroute x.x.x.x"

action 003 regexp "(172\.27\.[0-9]+\.[0-9]+")" $_cli_result ignore match

action 004 if $_regexp_result eq 1

action 005 mail subject "Address found in traceroute to x.x.x.x" body "Found $match in traceroute to x.x.x.x" to user@company.com from user@company.com server y.y.y.y

action 006 end

Here, x.x.x.x is the address to which you are tracerouting, y.y.y.y is the IP address of your SMTP server, and user@company.com is the address for your emails.

Joe,

Thanks for the information. I have added multiple trace destinations but when it finds a match to send an email, after it sends the email, it throws me out of the applet and doesn't finish the remaining code. How do I force it to go all the way thru to code regardless of whether it finds a result eq 0 or not?

Attached is some code I have.

Mark

Result eq 0 means a match was not found.  But even if a match is not found, the applet should continue to run.  One bit of caution is that the maximum run time of this appet is 20 seconds.  That may not nearly enough time to run through all addresses.  Try extending that time to 100 seconds in the event declaration:

event timer watchdog time 100 maxrun 100

Review Cisco Networking for a $25 gift card