Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
219
Views
1
Helpful
1
Replies

OSPF Dead Timer Expiration Trap

Go to solution
WMA Hell
Level 1
Level 1

‎08-05-2024 11:47 AM

Hi

Once a month I have my OSPF hello packets eaten by the router or upstream ISP prompting dead timer expiration, which is set for 8 seconds instead of the default of 40 seconds. This upstream ISP has a 8 second acceptable outage written into the signed SLA. This impacts our VoIP and Video services. I would like to create a trap that catches that specific error message as our buffered sys log is filled up with silly SSH authentication notifications. 

Note: We have SolarWinds setup. 

Note: I am not changing the timers as they are on NHRP DMVPN and there not static routes to keep the tunnel up when OSPF parameters are changed, which isolates my branch sites. 

So, how do I alert on OSPF dead timer expiration and create a trap for a network monitoring tool to capture. Do I need to use NetFlow or EEM? Our SolarWinds has a Netflow snapin. 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Ramblin Tech
Spotlight
Spotlight

‎08-05-2024 01:43 PM - edited ‎08-05-2024 01:49 PM

One possible solution (I am sure there are many others)... use XE's Embedded Syslog Manager to match on the dead-timer messages. You could then either send them to an alternate syslog collector or escalate the severity level and send to the same collector where you could filter on the escalated sev level. I am, of course, assuming your router is using XE, but other NOSes may have similar utilities.

Disclaimer: I am long in CSCO

View solution in original post

1 Reply 1

Go to solution
Ramblin Tech
Spotlight
Spotlight

‎08-05-2024 01:43 PM - edited ‎08-05-2024 01:49 PM

One possible solution (I am sure there are many others)... use XE's Embedded Syslog Manager to match on the dead-timer messages. You could then either send them to an alternate syslog collector or escalate the severity level and send to the same collector where you could filter on the escalated sev level. I am, of course, assuming your router is using XE, but other NOSes may have similar utilities.

Disclaimer: I am long in CSCO
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card