IP SLA EEM Combination Pt3
Hi Community,
I have made some modifications myself to the EEM. Can someone please take a look at the following IP SLA - EEM combination and let me know why it won't work?
ip sla 102
icmp-echo 180.80.8.4 source-ip 180.80.8.3
request-data-size 24
tos 30
timeout 60000
threshold 200
owner NetFlow
ip sla schedule 102 life forever start-time pending ageout 60
ip sla reaction-configuration 102 react timeout threshold-type immediate
ip sla enable reaction-alerts
event manager applet ISPCheck
event ipsla operation-id 102 reaction-type timeout
action 1.0 if $_ipsla_condition eq Occurred
action 2.0 cli command "enable"
action 3.0 info type routername
action 4.0 cli command "show ip int brief"
action 5.0 mail server "150.50.5.2" to "[email protected]" from "[email protected]" subject "Internet Gateway Down on: $_info_routername" body "$_cli_result"
action 6.0 else
action 7.0 syslog msg "Primary Internet Circuit UP"
action 8.0 mail server "150.50.5.2" to "[email protected]" from "[email protected]" subject "Internet Gateway UP on: $_info_routername" body "$_cli_result"
action 9.0 end
Cheers
Carlton
What about it doesn't work? Is the policy not triggering? Is the IPSLA operation not transitioning state?
Similar Messages
-
Hello Community,
I have been testing a EEM/Tcl scripts for IP SLA. However, after testing I realised that the script didn't go far enough in identifying the link(s) that has actually gone down.
I was wondering if someone knows any good EEM/Tcl scripts for IP SLA?
Cheers
CarltonWhat about it doesn't work? Is the policy not triggering? Is the IPSLA operation not transitioning state?
-
IP SLA/EEM running out of VTY lines and failing
I am using IP SLA to ping network devices to detect network failures from an AS5400XM voice gateway. The AS5400XM platform is limited to 5 vty lines ( vty 0 4). When simulating a simultaneous outage, there are not enough tty lines available to process my EEM events.
However, when simulating a simultaneous outage, we have a new issue – there are not enough lines available:
Feb 9 15:16:22.970 CST: %HA_EM-3-FMPD_CLI_CONNECT: Unable to establish CLI session: no tty lines available, minimum of 2 required by EEM
Feb 9 15:16:22.970 CST: %HA_EM-3-FMPD_ERROR: Error executing applet ReportIPSLAevent_1005065020_up statement 1.1
Feb 9 15:16:22.974 CST: %HA_EM-3-FMPD_CLI_CONNECT: Unable to establish CLI session: no tty lines available, minimum of 2 required by EEM
Feb 9 15:16:22.978 CST: %HA_EM-3-FMPD_ERROR: Error executing applet ReportIPSLAevent_1005081020_up statement 1.1
Feb 9 15:16:22.986 CST: %HA_EM-3-FMPD_CLI_CONNECT: Unable to establish CLI session: no tty lines available, minimum of 2 required by EEM
Feb 9 15:16:22.986 CST: %HA_EM-3-FMPD_ERROR: Error executing applet ReportIPSLAevent_100000226_up statement 1.1
Feb 9 15:16:22.994 CST: %HA_EM-3-FMPD_CLI_CONNECT: Unable to establish CLI session: no tty lines available, minimum of 2 required by EEM
Feb 9 15:16:22.994 CST: %HA_EM-3-FMPD_ERROR: Error executing applet ReportIPSLAevent_1001012021_up statement 1.1
Feb 9 15:16:23.006 CST: %HA_EM-3-FMPD_CLI_CONNECT: Unable to establish CLI session: no tty lines available, minimum of 2 required by EEM
Feb 9 15:16:23.006 CST: %HA_EM-3-FMPD_ERROR: Error executing applet ReportIPSLAevent_1061247018_up statement 1.1
How can I detect/wait until there are enough lines free before processing the EEM rules?
Regards,
-DougJoe,
So far, it looks like there are only two issues remaining:
Issue #1 - E-mail subject has destination listed as "unknown" versus the hostname
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : Subject: IP SLA alert - {router} connectivity to Unknown has been restored
Issue #2 - Source IP address issue (SMTP relay restricted to IP 10.5.32.90). Traffic to the SMTP server needs to sourced from the Loopback0 address 10.5.32.90. There are NAT rules in place to cover this, but it looks like the TCL script is bypassing the NAT:
#sh ip int brief | ex una
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 10.5.34.242 YES NVRAM up up
GigabitEthernet0/1 10.5.34.250 YES NVRAM up up
Loopback0 10.5.32.90 YES NVRAM up up
NVI0 10.5.32.90 YES unset up up
ip nat inside source list smtp-nat interface Loopback0 overload
sh ip access-lists smtp-nat
Extended IP access list smtp-nat
10 permit ip host 10.5.34.242 host 10.0.10.10 (2 matches)
20 permit ip host 10.5.34.250 host 10.0.10.10 (15 matches)
Feb 18 10:39:33.297 CST: FIBfwd-proc: sending link IP ip_pak_table 0 ip_nh_table 65535 if GigabitEthernet0/0 nh 10.5.34.241 uhp 1 deag 0 ttlexp 0 rec 0
Feb 18 10:39:33.297 CST: IP: s=10.5.34.242 (local), d=10.0.10.10 (GigabitEthernet0/0), len 58, sending
Feb 18 10:39:33.297 CST: TCP src=26095, dst=25, seq=3453704840, ack=2112864439, win=3890 ACK
Feb 18 10:39:33.297 CST: IP: s=10.5.34.242 (local), d=10.0.10.10 (GigabitEthernet0/0), len 58, output feature
Feb 18 10:39:33.297 CST: TCP src=26095, dst=25, seq=3453704840, ack=2112864439, win=3890 ACK, CCE Output Classification(5), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:33.297 CST: IP: s=10.5.32.90 (local), d=10.0.10.10 (GigabitEthernet0/0), len 58, output feature
Feb 18 10:39:33.297 CST: TCP src=26095, dst=25, seq=3453704840, ack=2112864439, win=3890 ACK, Post-routing NAT Outside(17), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:33.297 CST: IP: s=10.5.32.90 (local), d=10.0.10.10 (GigabitEthernet0/0), len 58, output feature
Feb 18 10:39:33.297 CST: TCP src=26095, dst=25, seq=3453704840, ack=2112864439, win=3890 ACK, Stateful Inspection(20), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:33.297 CST: IP: s=10.5.32.90 (local), d=10.0.10.10 (GigabitEthernet0/0), len 58, sending full packet
Feb 18 10:39:33.297 CST: TCP src=26095, dst=25, seq=3453704840, ack=2112864439, win=3890 ACK
Feb 18 10:39:33.297 CST: [fh_smtp_debug_cmd]
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : From: {router}@mydomain.com
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : To: [email protected]
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : Cc:
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : Subject: IP SLA alert - {router} connectivity to Unknown has been restored
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : IPSLAs Latest Operation Statistics
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : IPSLA operation id: 100000226
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : Type of operation: icmp-echo
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : Latest RTT: 36 milliseconds
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : Latest operation start time: 10:39:29.377 CST Thu Feb 18 2010
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : Latest operation return code: OK
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : Number of successes: 21
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : Number of failures: 13
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : Operation time to live: Forever
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : {router}
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write :
Feb 18 10:39:33.297 CST: [fh_smtp_debug_cmd]
Feb 18 10:39:33.297 CST: %HA_EM-6-LOG: sl_ip_sla_report.tcl : DEBUG(smtp_lib) : smtp_write : .
Feb 18 10:39:33.529 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, input feature
Feb 18 10:39:33.529 CST: TCP src=25, dst=26095, seq=2112864439, ack=3453704858, win=65374 ACK, Stateful Inspection(4), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:33.529 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, input feature
Feb 18 10:39:33.529 CST: TCP src=25, dst=26095, seq=2112864439, ack=3453704858, win=65374 ACK, Virtual Fragment Reassembly(21), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:33.529 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, input feature
Feb 18 10:39:33.529 CST: TCP src=25, dst=26095, seq=2112864439, ack=3453704858, win=65374 ACK, Virtual Fragment Reassembly After IPSec Decryption(32), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:33.529 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, input feature
Feb 18 10:39:33.529 CST: TCP src=25, dst=26095, seq=2112864439, ack=3453704858, win=65374 ACK, NAT Outside(53), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:33.529 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, input feature
Feb 18 10:39:33.529 CST: TCP src=25, dst=26095, seq=2112864439, ack=3453704858, win=65374 ACK, MCI Check(64), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:33.529 CST: FIBipv4-packet-proc: route packet from GigabitEthernet0/1 src 10.0.10.10 dst 10.5.34.242
Feb 18 10:39:33.529 CST: FIBfwd-proc: Default:10.5.34.242/32 receive entry
Error:
Feb 18 10:39:33.529 CST: FIBipv4-packet-proc: packet routing failed
Feb 18 10:39:33.529 CST: IP: tableid=0, s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242 (GigabitEthernet0/0), routed via RIB
Feb 18 10:39:33.529 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242 (GigabitEthernet0/0), len 40, output feature
Feb 18 10:39:33.529 CST: TCP src=25, dst=26095, seq=2112864439, ack=3453704858, win=65374 ACK ACK
Feb 18 10:39:33.953 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, stop process pak for forus packet
Feb 18 10:39:33.953 CST: TCP src=25, dst=26095, seq=2112864535, ack=3453704892, win=65340 ACK
Feb 18 10:39:34.245 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 88, input feature
Feb 18 10:39:34.245 CST: TCP src=25, dst=26095, seq=2112864535, ack=3453704892, win=65340 ACK PSH, Stateful Inspection(4), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.245 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 88, input feature
Feb 18 10:39:34.245 CST: TCP src=25, dst=26095, seq=2112864535, ack=3453704892, win=65340 ACK PSH, Virtual Fragment Reassembly(21), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 88, input feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864535, ack=3453704892, win=65340 ACK PSH, Virtual Fragment Reassembly After IPSec Decryption(32), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 88, input feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864535, ack=3453704892, win=65340 ACK PSH, NAT Outside(53), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 88, input feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864535, ack=3453704892, win=65340 ACK PSH, MCI Check(64), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: FIBipv4-packet-proc: route packet from GigabitEthernet0/1 src 10.0.10.10 dst 10.5.34.242
Feb 18 10:39:34.249 CST: FIBfwd-proc: Default:10.5.34.242/32 receive entry
Error:
Feb 18 10:39:34.249 CST: FIBipv4-packet-proc: packet routing failed
Feb 18 10:39:34.249 CST: IP: tableid=0, s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242 (GigabitEthernet0/0), routed via RIB
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242 (GigabitEthernet0/0), len 88, output feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864535, ack=3453704892, win=65340 ACK PSH, CCE Output Classification(5), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242 (GigabitEthernet0/0), len 88, output feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864535, ack=3453704892, win=65340 ACK PSH, Post-routing NAT Outside(17), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242 (GigabitEthernet0/0), len 88, output feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864535, ack=3453704892, win=65340 ACK PSH, Stateful Inspection(20), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 88, rcvd 4
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864535, ack=3453704892, win=65340 ACK PSH
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 88, stop process pak for forus packet
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864535, ack=3453704892, win=65340 ACK PSH
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, input feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864583, ack=3453704892, win=65340 ACK FIN, Stateful Inspection(4), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, input feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864583, ack=3453704892, win=65340 ACK FIN, Virtual Fragment Reassembly(21), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, input feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864583, ack=3453704892, win=65340 ACK FIN, Virtual Fragment Reassembly After IPSec Decryption(32), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, input feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864583, ack=3453704892, win=65340 ACK FIN, NAT Outside(53), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, input feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864583, ack=3453704892, win=65340 ACK FIN, MCI Check(64), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: FIBipv4-packet-proc: route packet from GigabitEthernet0/1 src 10.0.10.10 dst 10.5.34.242
Feb 18 10:39:34.249 CST: FIBfwd-proc: Default:10.5.34.242/32 receive entry
Error:
Feb 18 10:39:34.249 CST: FIBipv4-packet-proc: packet routing failed
Feb 18 10:39:34.249 CST: IP: tableid=0, s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242 (GigabitEthernet0/0), routed via RIB
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242 (GigabitEthernet0/0), len 40, output feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864583, ack=3453704892, win=65340 ACK FIN, CCE Output Classification(5), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242 (GigabitEthernet0/0), len 40, output feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864583, ack=3453704892, win=65340 ACK FIN, Post-routing NAT Outside(17), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242 (GigabitEthernet0/0), len 40, output feature
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864583, ack=3453704892, win=65340 ACK FIN, Stateful Inspection(20), rtype 1, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, rcvd 4
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864583, ack=3453704892, win=65340 ACK FIN
Feb 18 10:39:34.249 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, stop process pak for forus packet
Feb 18 10:39:34.249 CST: TCP src=25, dst=26095, seq=2112864583, ack=3453704892, win=65340 ACK FIN
Feb 18 10:39:34.249 CST: IP: s=10.5.34.242 (local), d=10.0.10.10, len 40, local feature
Feb 18 10:39:34.249 CST: TCP src=26095, dst=25, seq=3453704892, ack=2112864584, win=3746 ACK, NAT(2), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
Feb 18 10:39:34.249 CST: FIBipv4-packet-proc: route packet from (local) src 10.5.34.242 dst 10.0.10.10
Feb 18 10:39:34.249 CST: FIBfwd-proc: Default:10.0.0.0/20 proces level forwarding
Feb 18 10:39:34.249 CST: FIBfwd-proc: depth 0 first_idx 0 paths 2 long 0(0)
Feb 18 10:39:34.249 CST: FIBfwd-proc: try path 0 (of 2) v4-anh-10.5.34.241-Gi0/0 first short ext 0(-1)
Feb 18 10:39:34.249 CST: FIBfwd-proc: v4-anh-10.5.34.241-Gi0/0 valid
Feb 18 10:39:34.249 CST: FIBfwd-proc: ip_pak_table 0 ip_nh_table 65535 if GigabitEthernet0/0 nh 10.5.34.241 deag 0 via fib 0 path type attached nexthop
Feb 18 10:39:34.249 CST: FIBfwd-proc: packet routed to GigabitEthernet0/0 10.5.34.241(0)
Feb 18 10:39:34.249 CST: FIBipv4-packet-proc: packet routing succeeded ACK
Feb 18 10:39:34.405 CST: IP: s=10.0.10.10 (GigabitEthernet0/1), d=10.5.34.242, len 40, stop process pak for forus packet
Feb 18 10:39:34.405 CST: TCP src=25, dst=26095, seq=2112864584, ack=3453704893, win=65340 ACK
Regards,
-Doug
P.S. Can you recommend any documents or books to learn Tcl? -
IP SLA EEM to reload router after ping failure
Hi,
I have created the below configuration but it seems to be failing to trigger the reload. Anybody can please comment what is missing here?
track 1 ip sla 10 reachability
delay down 180 up 40 ***** this is in sec - since ping freq is 10 sec , after 18 ping failure and 3 mnts track reachability will be down - it will wait 40 sec before declaring UP *****
ip sla 10
icmp-echo 172.20.20.153
threshold 450 **** in millisec it is threshold value - no action will be taken ****
timeout 500 **** in millisec it is icmp timeout *****
frequency 10 *** icmp ping every 10 sec *****
ip sla schedule 10 life forever start-time now
event manager applet Router-Reload
event track 1 state down
action 1.0 syslog msg "Reply timed out; Router will Reload"
action 1.1 cli command "enable"
action 1.2 cli command "reload"It worked. Thanks Joseph.
So what was the issue with my approach. Is it the sequence number? -
Using IP SLA and EEM to provide 3G backup to ADSL connection on CISCO887VAG+7-K9 router
On a Cisco887VAG+7-K9 router, I want to be able to use IP SLA and EEM to track connectivity to an external address via my ADSL line, if connectivity is UP then I want the 3G interface to be admin shutdown. If connectivity is down, then I want the 3G interface to be activated and connectivity to resume via 3G.
I have configured this and it works apart from one problem. If the config on the router is written to startup memory while the 3G interface is admin shutdown, we subsequently have a problem with the ADSL line and the router is then rebooted, then the EEM does not seem to re-activate the 3G interface so all connectivity is lost until the ADSL is returned to service. i.e. it seems to be the case that if the IP SLA starts off as "Down" then the EEM doesn't take any action. The IP SLA has to have gone into the "up" state before it starts working? Does that make sense and, if so, is there any way round it?
For info, here is my IP SLA and EEM config:
ip sla 1
icmp-echo 8.8.8.8 source-interface dialer2
timeout 60000
ip sla schedule 1 life forever start-time now
track 1 ip sla 1 reachability
ip route 0.0.0.0 0.0.0.0 Dialer2 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1 20
event manager applet 3G-ACTIVATE
event track 1 state down
action 10 cli command "enable"
action 20 cli command "configure terminal"
action 30 cli command "interface Cellular0"
action 40 cli command "no shutdown"
action 50 cli command "end"
event manager applet 3G-DEACTIVATE
event track 1 state up
action 10 cli command "enable"
action 20 cli command "configure terminal"
action 30 cli command "interface Cellular0"
action 40 cli command "shutdown"
action 50 cli command "end"
Any assistance/advice on getting this to work effectively would be appreciated!
Thanks.Yes, basically, when the tracked object is not reachable on initial router boot, the router doesn’t detect a transition of the tracking object from up to down and therefore does not execute the associated EEM script.
So, in my case, if I have an ADSL fault and the 3G interface has taken over, if the router is subsequently rebooted, all connectivity will be lost because the startup config of the router has the 3G interface as admin down and the EEM script to activate it does not kick in.
I've tried using "default-state up" under the track config but this didn't seem to have any effect - the reachability of my IP SLA was still down after a router reboot with no ADSL connection.
I also tried your script but this gave the errors:
%HA_EM-3-FMPD_ACTION_NOTRACK: bump-track: unable to set state for tracking object number 1; object does not exist or is not a stub-object.
Mar 19 10:23:00.005: %HA_EM-3-FMPD_ERROR: Error executing applet bump-track statement 1.0 %HA_EM-3-FMPD_ACTION_NOTRACK: bump-track: unable to set state for tracking object number 1; object does not exist or is not a stub-object.
Mar 19 10:23:00.005: %HA_EM-3-FMPD_ERROR: Error executing applet bump-track statement 1.0
I'm not sure how to resolve that?
Any further advice would be welcome! Thanks. -
EEM / IP SLA to shutdown lossy high RTT BGP neighbor
Hi,
I'm relatively new to the IP SLA procedure and very new to EEM. I'm searching for the most efficient way to monitor the availability (packet loss and latency) of a BGP neighbor from a router to actively shutdown the neighbor relationship in order to failover to a back up L2L VPN I have configured on an ASA. It's important that I'm able to continue monitoring the BGP neighbor so that when the neighbor becomes stable again, I can reenable the BGP neighbor relationship. I've put something quick together (below) but am not sure if it will do what I want. I'd appreciate any suggestions and feedback.
Thank you!
-Mike
ip sla 90
icmp-echo <neighbor_ip> source-ip <source_ip>
threshold 250
timeout 500
frequency 3
ip sla schedule 90 life forever start-time now
ip sla enable reaction-alerts
track 90 ip sla 90 reachability
delay down 3 up 180
event manager applet BGP_NEIGHBOR_DIRTY
description SHUT DOWN BGP NEIGHBOR IF RTT OVER 250 FOR 3 SECONDS
event syslog pattern "90 ip sla 90 reachability Up->Down"
action 1.0 cli command "enable"
action 1.1 cli command "configure term"
action 1.2 cli command "router bgp 63320"
action 1.3 cli command "neighbor <neighbor_ip> shutdown"
action 1.4 cli command "end"
event manager applet BGP_NEIGHBOR_CLEAN
description ENABLE BGP NEIGHBOR IF RTT UNDER 250 FOR 3 MINUTES
event syslog pattern "90 ip sla 90 reachability Down->Up"
action 1.0 cli command "enable"
action 1.1 cli command "configure term"
action 1.2 cli command "router bgp 63320"
action 1.3 cli command "no neighbor <neighbor_ip> shutdown"
action 1.4 cli command "end"By chosing a target that is along your desired path, you can certainly have a more robust script. I would use loopback to loopback communication as well, this will force the traffic through the router, and also find any potential issues where the peer is alive and sending bgp but not actually passing traffic. You will definitely need some "fudge" factors in there to deal with routers have to process the ICMP packets (Any CoPP will really really skew the results you are getting). I have had experiences where testing to/from a Nexus device gives wildly different results vs testing through the boxes.
HTH -
EEM script to alert on IP SLA failures
I have the following IP SLA set up and would like to do the following. I would like to have a log entry if any of the below have a failure and then send an email alerting to that failure. Is there a way to do this with EEM?
ip sla 1010
udp-jitter 64.xxx.xxx.xxx 3456 num-packets 30 interval 25
history hours-of-statistics-kept 24
ip sla schedule 1010 life forever start-time now
ip sla 1011
tcp-connect 64.xxx.xxx.xxx 2000
history hours-of-statistics-kept 24
ip sla schedule 1011 life forever start-time now
ip sla 1012
icmp-echo 64.xxx.xxx.xxx
frequency 30
history hours-of-statistics-kept 24
history distributions-of-statistics-kept 10
ip sla schedule 1012 life forever start-time now
Thanks,
MikeThanks that is very helpful. Now what about something like this?
From below I would like to alert if there is a failure (see the bold)
IP_SLA_2821#show ip sla stat 1020
IPSLAs Latest Operation Statistics
IPSLA operation id: 1020
Type of operation: udp-jitter
Latest RTT: 23 milliseconds
Latest operation start time: 14:25:34.377 EDT Fri Aug 24 2012
Latest operation return code: OK
RTT Values:
Number Of RTT: 30 RTT Min/Avg/Max: 23/23/33 milliseconds
Latency one-way time:
Number of Latency one-way Samples: 30
Source to Destination Latency one way Min/Avg/Max: 9/10/16 milliseconds
Destination to Source Latency one way Min/Avg/Max: 13/13/23 milliseconds
Jitter Time:
Number of SD Jitter Samples: 29
Number of DS Jitter Samples: 29
Source to Destination Jitter Min/Avg/Max: 0/1/6 milliseconds
Destination to Source Jitter Min/Avg/Max: 0/1/10 milliseconds
Packet Loss Values:
Loss Source to Destination: 0 Loss Destination to Source: 0
Out Of Sequence: 0 Tail Drop: 0
Packet Late Arrival: 0 Packet Skipped: 0
Voice Score Values:
Calculated Planning Impairment Factor (ICPIF): 0
Mean Opinion Score (MOS): 0
Number of successes: 33
Number of failures: 0
Operation time to live: Forever -
Hi,
i need help with EEM script
have tried below script on 1841 with 12.4(24)T5 but not working
snmp-server enable traps ipsla
snmp-server enable traps event-manager
ip sla 10
icmp-echo 192.168.100.50 source-interface Loopback0
frequency 300
ip sla schedule 10 start-time now
track 20 ip sla 10 reachability
delay down 180
option one tried
event manager applet RESET
event track 10 state down
action 01.0 syslog msg "No ping response "
action 02.0 syslog msg "Reloading The Router"
action 03.0 reload
end
option two
event manager applet RESET
event syslog pattern "%TRACKING-5-STATE: 20 ip sla 10 reachability Up->Down"
action 01.0 syslog msg "No ping response "
action 02.0 syslog msg "Reloading The Router"
action 03.0 reload
end
i want to try ping remote ip every 5 mins , if ping fails wait for 3 mins then trigger reload , and router come up again if ping fails reload again
both are not working as expected ,any help highly appreciatedYour config is mostly correct. You need to do:
ip sla 10
icmp-echo 192.168.100.50 source-interface Loopback0
frequency 300
ip sla schedule 10 start-time now life forever
track 20 ip sla 10 reachability
delay down 180
option one tried
event manager applet RESET
event track 20 state down
action 01.0 syslog msg "No ping response "
action 02.0 syslog msg "Reloading The Router"
action 03.0 reload -
Simple EEM script that references SLA but is inconsistent?
Hi,
Just a little confused here..... I can do the exact commands in the EEM script directly and it does what I need it to do. However, the script, when triggered, with the "EXACT" same commands sometimes works / sometimes not. Arrrgghhh! So, here is the script:
event manager applet Virtual-PPP1_Ping
event syslog pattern "TRACKING-5-STATE: 1 ip sla 1 reachability Up->Down"
action 010 cli command "enable"
action 011 cli command "clear vpdn tunnel l2tp all" pattern "[confirm]"
action 012 cli command "confirm"
action 020 cli command "conf t"
action 030 cli command "int Virtual-PPP1"
action 040 cli command "shut"
action 045 wait 3
action 050 cli command "no shut"
action 060 cli command "end"
Basically what happens is that the Virtual-PPP1 interface sometimes loses it's ip address through IPCP. So, the L2TP tunnel is still up, BUT, the Virtual-PPP1 interface loses it's assigned IP when I check the interface as it shows "unassigned".
Ideas?
Thanks for the help.
JasonTry this instead:
event manager applet Virtual-PPP1_Ping
event syslog pattern "TRACKING-5-STATE: 1 ip sla 1 reachability Up->Down" maxrun 30
action 010 cli command "enable"
action 011 cli command "clear vpdn tunnel l2tp all" pattern "confirm"
action 012 cli command "confirm"
action 020 cli command "conf t"
action 030 cli command "int Virtual-PPP1"
action 040 cli command "shut"
action 045 wait 3
action 050 cli command "no shut"
action 060 cli command "end" -
Hi,
I have setup an IP SLA on my cisco 3850 switch internally. Everything is working great! What i need to know is how can i setup an Embedded Event Manager (EEM) email alert on my 3850 so when the IP SLA does occur i want an email triggered informing me. Same goes for when IP SLA returns back to primary route.
Your help is appreciated immensely.
SaifSo sorry to bother you again, but is this is how it is suppose to look:
ip sla 1
icmp-echo 8.8.8.8 source-ip 192.168.10.1
frequency 5
ip sla schedule 1 life forever start-time now
ip sla reaction-configuration 1 react timeout threshold-type immediate
ip sla enable reaction-alerts
track 1 ip sla 1 reachability
delay down 90 up 90
event manager environment _email_server
event manager environment _email_from [email protected]
event manager environment _email_to [email protected]
event manager applet ISPCheck
event ipsla operation-id 1 reaction-type timeout
action 1.0 if $_ipsla_condition eq "Occurred"
action 1.1 syslog msg "Primary Internet Circuit Down"
action 1.2 mail server "$_email_server" to "$_email_to" from "$_email_from" subject "Circuit Down" body "Primary Internet Circuit Down."
action 1.3 else
action 1.4 syslog msg "Primary Internet Circuit UP"
action 1.5 mail server "$_email_server" to "$_email_to" from "$_email_from" subject "Circuit UP" body "Primary Internet Circuit UP."
action 1.6 end
thanks, -
Hello,
I have a router running IOS version 15.3(3)M2 with the below configuration. The intent is for the router to shut down it's WAN interface in the event that it is unable to successfully ping the internal IP 192.168.1.1. Is there a way I can have it do further testing upon having a single timeout (via ICMP) such as triggering it to monitor at a greater frequency (ping every 3 seconds for 15 seconds straight) and if packet loss is greater than a certain percentage (20%) have it shut down the interface at that point?
track 1 ip sla 1 reachability
delay down 45 up 45
ip sla auto discovery
ip sla 1
icmp-echo 192.168.1.1
frequency 15
ip sla schedule 1 life forever start-time now
event manager session cli username "USERNAME"
event manager applet IPSLA_Down
event track 1 state down maxrun 40
action 1 cli command "enable"
action 2 cli command "config t"
action 3 cli command "int s2/0"
action 4 cli command "shutdown"
event manager applet IPSLA_Up
event track 1 state up maxrun 40
action 1 cli command "enable"
action 2 cli command "config t"
action 3 cli command "int s2/0"
action 4 cli command "no shutdown"
Thanks!You can use the IPSLA event detector instead of track, and use an IPSLA reaction-configuration to only react on consecutive failures or X out of Y failed attempts. If you wanted more control than that, you might consider rewriting this as a timer policy where you run an extended ping and process the results to count the number of '!' characters.
-
EEM- Email alert with IP SLA Based on Packet Loss
hi joseph,
i need your advise, i want to get alert email based on IP SLA Packet loss
the scenarion as below :
1. If the traffic hit threshold packet loss greater than 20% as long 15 minutes --> send email
2. If reset condition packet loss eq 0% as long 15 minutes --> send email again
I don't know how to configure it condition. could you help me to verify my configuration below?
ip sla logging traps
ip sla 1
icmp-jitter 10.216.0.105 source-ip 10.216.0.107 num-packets 100 interval 40
frequency 50
ip sla schedule 1 life forever start-time now
ip sla reaction-configuration 1 react Packetloss threshold-value 3 1 threshold-type immediate action-type trapOnly
ip sla enable reaction-alerts
event manager applet TEST
event syslog pattern "IP SLAs\(1\): Threshold exceeded"
action 2.0 mail server "10.240.0.10" to "[email protected]" from "[email protected]" subject "Alert for Intermittent Link" body "link intermittent in x %"
thank youWhat's you have could work with a few modifications. First, increase that threshold-value of 3 to 20. You can leave the falling threshold value of 1. You'll need to add another applet to match the falling threshold syslog message. Not sure exactly what that one will look like.
The first applet will look like this:
event manager environment q "
event manager applet ipsla-threshold-exceeded
event syslog pattern "IP SLAs\(1\): Threshold exceeded"
action 001 cli command "enable"
action 002 cli command "config t"
action 003 cli command "no event manager applet ipsla-healthy"
action 004 cli command "event manager applet ipsla-unhealthy"
action 005 cli command "event timer countdown time 900"
action 006 cli command "action 1.0 mail server $q 10.240.0.10$q to $q [email protected]$q from $q [email protected]$q subject $q Alert for Intermittent Link$q body $q link intermittent in 20 %$q"
action 007 cli command "action 2.0 cli command enable"
action 008 cli command "action 3.0 cli command $q config t$q"
action 009 cli command "action 4.0 cli command $q no event manager applet ipsla-unhealthy$q"
action 010 cli command "action 5.0 cli command end"
action 011 cli command "end"
And the second applet (the one where you'll need to fill in the appropriate syslog pattern) will look like:
event manager applet ipsla-threshold-normal
event syslog pattern "FALLING THRESHOLD PATTERN HERE"
action 001 cli command "enable"
action 002 cli command "config t"
action 003 cli command "no event manager applet ipsla-unhealthy"
action 004 cli command "event manager applet ipsla-healthy"
action 005 cli command "event timer countdown time 900"
action 006 cli command "action 1.0 mail server $q 10.240.0.10$q to $q [email protected]$q from $q [email protected]$q subject $q Link is stable$q body $q Link has been stable for 15 minutes$q"
action 007 cli command "action 2.0 cli command enable"
action 008 cli command "action 3.0 cli command $q config t$q"
action 009 cli command "action 4.0 cli command $q no event manager applet ipsla-healthy$q"
action 010 cli command "action 5.0 cli command end"
action 011 cli command "end" -
I am trying to extract the numerical value from the followng using Embedded event manager(TCL Scripting)
i also have SLA probes running between 2 connected routers
sho ip sla statistics | sec SD Jitter
So i write the the following
conf ter
event manager applet STAT
event none sync yes
action 1 cli command "enable"
action 2 cli command "sho ip sla stat | sec SD Jitter"
action 3 regexp " [0-9]+ " $_cli_result result
action 4 puts "$result"
However it produces result
*Mar 27 16:42:08.806: %HA_EM-3-FMPD_UNKNOWN_ENV: fh_parse_var: could not find environment variable: result
*Mar 27 16:42:08.806: %HA_EM-3-FMPD_ERROR: Error executing applet STAT statement 4
pls clarifyDoes the "show ip sla stat | sec SD Jitter" show any output with numbers? If not, then the result variable will not be populated. Try adding line 2 below into your applet so if there is not a match it will not produce an error.
event manager applet STAT
event none sync yes
action 1 cli command "enable"
action 2 set result "No match"
action 3 cli command "sho ip sla stat | sec SD Jitter"
action 4 regexp " [0-9]+ " $_cli_result result
action 5 puts "$result" -
Hello,
where can i find Documentations about the Cisco EEM?
With commands, instructions and so on...
For example: How can i configure my Cisco-819 4G Router to change the SIM-Card if the connection decreases (check with ping and so on).
If i understand the Documents i've read right, it is possible to implement tasks like this with the EEM, but i can't find any usefull Docs.
Thanks for your help!The following document describes the configuration for dual sim with automatic failover when the primary sim connection is lost.
http://www.cisco.com/c/en/us/td/docs/routers/access/interfaces/software/feature/guide/EHWIC-4G-LTESW.html#wp1305076
If you want to change the primary sim using EEM, you can use a combination of IPSLA and EEM applet to manually configure the primary sim.
Here is a good overview of some EEM commands.
you could potentially use "sh cell 0 sec | inc Active SIM" to determine the current active sim and then change to the opposing.
Below is an example using a GSM dual sim device. This is unvalidated and untested so test and adjust commands as needed but it should give you a start on how to change things.
ip sla 11
icmp-echo 8.8.8.8
threshold 4000
frequency 6
ip sla schedule 11 life forever start-time now
event manager applet CHECKSIM
event track 11 state down
action 01 cli command "enable"
action 02 cli command "sh cell 0 sec | inc Active SIM"
action 03 set commandresult $_cli_result
action 04 regexp "0" $commandresult
action 05 if $_regexp_result eq 1
action 06 syslog msg "Changing Primary SIM to 1"
action 07 cli command "enable"
action 08 cli command "conf t"
action 09 cli command "controller cellular 0"
action 10 cli command "gsm sim primary slot 1"
action 11 exit 0
action 12 end
action 13 regexp "1" $commandresult
action 14 if $_regexp_result eq 1
action 15 syslog msg "Changing Primary SIM to 0"
action 16 cli command "enable"
action 17 cli command "conf t"
action 18 cli command "controller cellular 0"
action 19 cli command "gsm sim primary slot 0"
action 20 exit 0
action 21 end -
Eem on cisco 877, trouble with mail server action and smtp auth
hello all,
i'm using a router 877 at home and i really need to check out what this router do during the day.
So some time ago i configured it using some eem actions and sending to me email, without any problems.
Yesterday I changed my internet provider and now i need to use smtp autheticantion to send emails.
I read about how to authenticate, like username:password@host and also made a fast search here, without solve my problem.
I need to put as username the email of the provider like: [email protected]:[email protected]
So, i want to know if someone had the same problem and solved it. Of course i couldn't use @ two times or eem would think that host.com is my smtp server! And right now is going in this way!
My IOS version is 15.1(2)T2, eem version is 3.1.
Hope someone could help me!
Thank you in advance.
SandroHello,
Thank you very much in advance for any help you can offer. Debugging I get this but stunnel.conf is edited and started
%HA_EM-3-FMPD_SMTP: Error occured when sending mail to SMTP server: smtp.gmail.com : error in reply from SMTP server
Router Cisco 877 with IOS version is 12.4(15)T16
Router Config:
ip host gmail.com pc_host*
track 1 rtr 1 reachability
delay down 10 up 60
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
ip sla 1
icmp-echo 8.8.8.8 source-interface Dialer0
timeout 2000
frequency 4
ip sla schedule 1 life forever start-time now
event manager environment to@gmail
event manager environment [email protected]
event manager environment smtp.gmail.com*
event manager applet TRACK-1-OK
event track 1 state up
action 1.0 mail server "smtp.gmail.com" to "[email protected]" from "[email protected]" subject "E2E up/down" body "DSL is UP"*
* I use several possible key combinations:
ip host smtp.gmail.com pc_host
event manager environment [email protected]:[email protected]
action 1.0 mail server "[email protected]:[email protected]" to "[email protected]" from "[email protected]" subject "E2E up/down" body "DSL is UP"*
stunnel.conf config:
cert = stunnel.pem
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
client = yes
options = NO_SSLv2
[pop3s]
accept = 110
connect = pop.gmail.com:995
[imaps]
accept = 143
connect = pop.gmail.com:993
[ssmtp]
accept = 25
connect = smtp.gmail.com:465
Greetings,
Guiller
Maybe you are looking for
-
Probably similar to this thread, the T530 I recently received has fan noise issues. I've invested considerable time in solving this, but found that a solution can be achieved with reasonable effort only by Lenovo: Introduction: Most ThinkPad models d
-
I upgraded to window 8.1 and now flashplayer is not being very freindly. I keep getting a box that shows some names of programs that is not working or has a problem. It asks, continue or dismiss all. Is there a flashplayer program that will opperate
-
URGENT help needed:Address data missing after QA Refresh from PRD
All, Address data for almost all user-ids are missing after QA Refresh from PRD. In QA, after importing the User-Master although its shows successful. The detailed log shows: Data inconsistency in USR21. Start RSADRCK2 (See Note 459763) Exit pr
-
IMac display with second computer?
Is anyone driving the 27" iMac display with a second computer? If so, can you switch between the iMac and the second computer to see what is happening on each machine?
-
My MacBook Pro don't want stay off but he restarts. What can i do?
Hi, So when I click on turn off in the apple my MacBook Pro turn off, but less 5 secondes later it restart. I don't know what can I do? Can you help me?