Automatically Set Port Descriptions - Page 6

Joe Clarke · ‎05-19-2012

In preparing for CiscoLive! in San Diego, I am provisioning our access layer 3560-E switches. Since things have a tendency to change a lot at an event like CiscoLive! I thought it would be best to make sure our port descriptions are always up-to-date when it comes to reflecting what devices are connected. To help me do that, I wrote up this small EEM applet policy. It will update the port's description based on the CDP neighbor learned on that port. This policy requires EEM 3.2, so you're looking at 12.2(55)SE or higher for the 3560s. It will also work on 3750s and ISR G2 routers running 15.x code.

event manager applet update-port-description

event neighbor-discovery interface regexp GigabitEthernet.* cdp add

action 1.0 cli command "enable"

action 2.0 cli command "config t"

action 3.0 cli command "interface $_nd_local_intf_name"

action 4.0 cli command "description $_nd_cdp_entry_name:$_nd_port_id"

The result of this will be a description like the following on switch ports:

description SDCC_IDF_1.11:TenGigabitEthernet0/1

Avery Abbott · ‎05-03-2017

Sorry to zombie this thread. Lots of great info here, but the regexp could use a bit of cleaning up:

/d matches a numeric digit (same as [0-9])

* matches the previous character 0 or more times (optional set of characters)

+ matches the previous character 1 or more times (definitely at least 1 of something there)

I'm surprised you don't have to escape the forward slashes-

// matches / because / normally indicates something special for the next character, like /s = space, /d = digit, etc.

GigabitEthernet/d///d///d+ matches GigabitEthernet<digit>/<digit>/<one or more digits>

I'm fairly handy with regexp, but a total noob at EEM.

Joe Clarke · ‎05-03-2017

Your slashes are wrong. The regex to match a digit is \d and \s to match a whitespace character. You never have to escape the forward slash. You do have to escape backslashes '\'.

I tend to prefer the shorthand notations, but EEM applets do not support them. You must use the older POSIX regex format of [0-9] to match a digit and [[:space:]] to match a whitespace character.

Tcl does support the shorthand notation.

Avery Abbott · ‎05-03-2017

Oh man, I don't know how I managed that big of an err. You're absolutely right about the slashes. D'oh!

Thanks for the word about EEM vs Tcl.

jdevyor · ‎03-08-2018

Hi,

I am applying the following to a pair of 4500X's in VSS mode. I am getting the following error after I issue command "event manager run auto-update-port-description"

Error:

!

Mar 8 15:41:14: %HA_EM-3-FMPD_UNKNOWN_ENV: fh_parse_var: could not find environment variable: _nd_cdp_capabilities_string
!

Mar 8 15:41:14: %HA_EM-3-FMPD_ERROR: Error executing applet auto-update-port-description statement 1.1

Can you help me troubleshoot it?

event manager applet auto-update-port-description authorization bypass
description "Auto-update port-description based on CDP neighbors info"
event none
action 0.0 comment "Event line regexp: Deside which interface to auto-update description on"
action 1.0 comment "Verify CDP neighbor to be Switch or Router"
action 1.1 regexp "(Switch|Router)" "$_nd_cdp_capabilities_string"
action 1.2 if $_regexp_result eq "1"
action 2.0   comment "Trim domain name"
action 2.1   regexp "^([^\.]+)\." "$_nd_cdp_entry_name" match host
action 3.0   comment "Convert long interface name to short"
action 3.1   string first "Ethernet" "$_nd_port_id"
action 3.2   if $_string_result eq "7"
action 3.21   string replace "$_nd_port_id" 0 14 "Gi"
action 3.3   elseif $_string_result eq 10
action 3.31   string replace "$_nd_port_id" 0 17 "Te"
action 3.4   elseif $_string_result eq 4
action 3.41   string replace "$_nd_port_id" 0 11 "Fa"
action 3.5   end
action 3.6   set int "$_string_result"
action 4.0   comment "Check old description if any, and do no change if same host:int"
action 4.1   cli command "enable"
action 4.11 cli command "config t"
action 4.2   cli command "do show interface $_nd_local_intf_name | incl Description:"
action 4.21 set olddesc "<none>"
action 4.22 set olddesc_sub1 "<none>"
action 4.23 regexp "Description: ([a-zA-Z0-9:/\-]*)([a-zA-Z0-9:/\-\ ]*)" "$_cli_result" olddesc olddesc_sub1
action 4.24 if $olddesc_sub1 eq "$host:$int"
action 4.25   syslog msg "EEM script did NOT change desciption on $_nd_local_intf_name, since remote host and interface is unchanged"
action 4.26   exit 10
action 4.27 end
action 4.3   cli command "interface $_nd_local_intf_name"
action 4.4   cli command "description $host:$int"
action 4.5   cli command "do write"
action 4.6   syslog msg "EEM script updated description on $_nd_local_intf_name from $olddesc to Description: $host:$int and saved config"
action 5.0 end
action 6.0 exit 1

derek-shnosh · ‎12-13-2018

Is this still not possible on Nexus, specifically 9000? I see that `event neighbor-discovery` is valid now, but I don't see `action string` or `action set` options.

estavros · ‎05-29-2019

Is there any way to read the interface descriptions without launching a show command each time?

I'm using the script as a base but instead of using cdp neighbor, I'm using the mac address added. I'd like to check the interface description as a condition of whether to do an action or not. I'm worried that with the rate mac addresses may be learned I could be spawning hundreds or thousands of show commands on the switch.

Here is a test script I was playing with:

event manager applet TEST11 authorization bypass

event mat interface GigabitEthernet1/0/14 type add

action 001 string range "$_mat_mac_address" 0 6

action 002 set oui $_string_result

action 003 syslog msg "Found OUI $oui from $_mat_mac_address"

action 004 cli command "enable"

action 005 cli command "show interface $_mat_intf_name | inc Description:" <----THIS IS WHAT I WANT TO DO A BETTER WAY

action 006 set cdescr ""

action 007 regexp "Description: ([^\n]+)" $_cli_result match cdescr

action 008 string trim $cdescr

action 009 set cdescr $_string_result

action 010 syslog msg "cdescr is $cdescr"

action 011 string range "$cdescr" 0 3

action 012 if $_string_result ne "AUTO"

action 013 syslog msg "Port is ignored"

action 014 elseif $oui eq "ec8e.b5"

action 015 syslog msg "Port is OUI Laptop"

action 016 else

action 017 syslog msg "all tests failed"

action 018 end

stefan.mathys · ‎06-10-2020

hi, has anyone an update for this EEM script on page 1 for C9300 TwentyFiveGigE Interface ?

thanks in advance

derek-shnosh · ‎06-11-2020

@stefan.mathys, the following regexp should include them.

event neighbor-discovery interface regexp .* cdp add

Mark Ibrahim · ‎07-08-2020

I am attempting something slightly different, on a Nexus switch, I want any port with the status of disabled, assigned to a particular VLAN (in this case, blackhole VLAN). Any ideas on what the configuration would look like?

Roberto Lopez · ‎09-02-2022

Hi @Joe Clarke

Thanks so much for sharing! Works great on the switches I've tested - in production. I was wondering if there's a way to do the same for an NX-OS (9000). Or if you could share one for that environment? We have an nexus9000 that has about 300 neighbors and want to apply the same concept as the trunks are sometimes swapped occasionally. I dont think the same code will apply will it? Thanks in advance

derek-shnosh · ‎09-02-2022

@Roberto Lopez - The last time I tried on Nexus the EEM trigger was not working. I have a python script you can run to either name a single interface, or multiple interfaces available here: https://github.com/derek-shnosh/network-code/blob/master/python/nxos-cdp-describe.py

You can run this from the guestshell on the N9K platform: e.g.,

python <script_file> -i all

Roberto Lopez · ‎09-03-2022

@derek-shnosh oh nice! Ok I’ll check it out and try it out. I wanna try it out in a sandbox environment tho before going straight to our production network. Thanks!