Re: EEM to keep BGP peer shut during an interface flap

I'd have to think that features like BFD, bgp fast failover, interface dampening, and BGP dampening would accommodate the issue at hand.

Why the requirement to use EEM?

Jon Hartman
CCIE #34941

On Aug 15, 2013, at 4:14 AM, "Christopher Rae" <chris.rae07_at_me.com> wrote:

> Hey Joseph,
>
> Yes, had BFD running with a few providers no worries.
>
> Cheers
> Chris
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Mathew
> Sent: Thursday, August 15, 2013 3:47 PM
> To: Joe Sanchez
> Cc: Joseph L. Brunner; John Neiberger; Chris Rae; Cisco certification
> Subject: Re: EEM to keep BGP peer shut during an interface flap
>
> Hi,
>
> I just tried the below but I could not get it to work. The idea is to ping
> an IP and depending on the result to take action.
>
> I think line "action 11.2 regexp "(.*) (!\!\!\!\!) (.*)"
> "$_cli_result" _match _sub1" is NOT correct.
> As I am still building this applet, I run this manually.
>
> How do I get this regular expression correctly to match ping result?
>
> R2#show event manager version | in Event Manager Version Embedded Event
> Manager Version 3.00 R2#
>
> !
> event manager applet CHECK-PING-STATUS
> event none
> action 11.1 cli command "ping 2.2.2.2"
> action 11.2 regexp "(.*) (!\!\!\!\!) (.*)" "$_cli_result" _match _sub1
> action 11.3 if $_regexp_result eq 1 action 11.4 syslog msg "Ping is
> success"
> action 11.5 else
> action 11.6 syslog msg "Ping is failed"
> action 11.7 end
> !
>
> Mathew
>
> On Wed, Aug 14, 2013 at 11:09 PM, Joe Sanchez <marco207p_at_gmail.com> wrote:
>> Level 3 will as long as your're homed to the right gateway boxes.
>>
>> Regards,
>> Joe Sanchez
>>
>> ( please excuse the brevity of this email as it was sent via a mobile
>> device. Please excuse misspelled words or sentence structure.)
>>
>> On Aug 14, 2013, at 3:26 AM, "Joseph L. Brunner" <joe_at_affirmedsystems.com>
> wrote:
>>
>>> I have never seen an ISP that will run BFD with any customers... they
>>> seem to have enough issues just getting basic bgp setup (cogent
>>> anyone?)
>>>
>>> How about an EEM solution that shuts down bgp for a few hours and
>>> turns it back on aftermarket hours? Yes it works... we use it :)
>>>
>>> kbro-voip-rt01#show run | sec event
>>>
>>> event manager directory user policy "flash:/"
>>> event manager policy sendmail.tcl
>>>
>>> event manager applet ShutdownCohereBGPNeighbor event track 10 state
>>> down action 1.0 info type routername action 2.0 cli command "enable"
>>> action 2.1 cli command "configure terminal"
>>> action 2.5 cli command "router bgp 65080"
>>> action 2.6 cli command "neighbor 208.71.93.213 shutdown"
>>> action 3.0 mail server "outbounds9.obsmtp.com" to
> "kbro-notif_at_affirmedsystems.com" from "kbro-voip-rt01_at_kbro.com" subject
> "Cohere VoIP Direct route down @ $_info_routername"
>>>
>>> event manager applet EnableCohereat8PM event timer cron name
>>> EnableCohereat8PM cron-entry "0 20 * * *"
>>> action 1.0 info type routername
>>> action 2.0 cli command "enable"
>>> action 2.1 cli command "configure terminal"
>>> action 2.5 cli command "router bgp 65080"
>>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>>>
>>> event manager applet NoShutCohere805PM event tag 1.0 track 10 state
>>> up event tag 2.0 timer cron name NoShutCohere805PM cron-entry "5 20 *
>>> * *"
>>> trigger occurs 1 delay 10
>>> correlate event 1.0 and event 2.0
>>> attribute tag 1.0 occurs 1
>>> attribute tag 2.0 occurs 1
>>> action 1.0 info type routername
>>> action 2.0 cli command "enable"
>>> action 2.1 cli command "configure terminal"
>>> action 2.5 cli command "router bgp 65080"
>>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>>> action 2.7 cli command "do clear ip nat translation *"
>>> action 3.0 mail server "outbounds9.obsmtp.com" to
> "kbro-notif_at_affirmedsystems.com" from "kbro-voip-rt01_at_kbro.com" subject
> "Cohere VoIP Direct route restored @ $_info_routername"
>>>
>>>
>>> event manager applet EnableCohereat7AM event timer cron name
>>> EnableCohereat7AM cron-entry "0 7 * * *"
>>> action 1.0 info type routername
>>> action 2.0 cli command "enable"
>>> action 2.1 cli command "configure terminal"
>>> action 2.5 cli command "router bgp 65080"
>>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>>>
>>> event manager applet KeepNoShutCohere705AM event tag 1.0 track 10
>>> state up event tag 2.0 timer cron name KeepNoShutCohere705AM
>>> cron-entry "5 7 * * *"
>>> trigger occurs 1 delay 10
>>> correlate event 1.0 and event 2.0
>>> attribute tag 1.0 occurs 1
>>> attribute tag 2.0 occurs 1
>>> action 1.0 info type routername
>>> action 2.0 cli command "enable"
>>> action 2.1 cli command "configure terminal"
>>> action 2.5 cli command "router bgp 65080"
>>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>>> action 2.7 cli command "do clear ip nat translation *"
>>> action 3.0 mail server "outbounds9.obsmtp.com" to
> "kbro-notif_at_affirmedsystems.com" from "kbro-voip-rt01_at_kbro.com" subject
> "Cohere VoIP Direct route restored @ $_info_routername"
>>>
>>>
>>> -----Original Message-----
>>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf
>>> Of John Neiberger
>>> Sent: Tuesday, August 13, 2013 12:12 PM
>>> To: Chris Rae
>>> Cc: Mathew; Cisco certification
>>> Subject: Re: EEM to keep BGP peer shut during an interface flap
>>>
>>> This. Exactly. Use BFD for this. It already does what you're trying to do
> and it's a heck of a lot easier to configure.
>>>
>>>
>>> On Tue, Aug 13, 2013 at 6:53 AM, Chris Rae <chris.rae07_at_me.com> wrote:
>>>
>>>> Hey Matt,
>>>>
>>>> Why not just use BFD?
>>>> If the BFD peer is down (ie no keep alive or interface goes down)
>>>> BGP will immediately reroute via other peer.
>>>>
>>>> Chris
>>>>
>>>> On 13/08/2013, at 7:52 PM, Mathew <mathewfer_at_gmail.com> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> I tested two EEM applet configs:
>>>>>
>>>>> - One check for syslog for an interface down and CLI to shut down
>>>>> BGP
>>>> peer.
>>>>> - Second one to no shut the BGP peer when syslog entry is seen with
>>>>> interface up.
>>>>>
>>>>> In fact the interface that I want check is NOT being used for this
>>>>> BGP peering so there is no way to do it with BGP configuration.
>>>>>
>>>>> The above two EEM configs works but the issue is that when this
>>>>> interface start to flap, EEM keep shutting and no-shutting BGP peer.
>>>>> I want to
>>>> avoid
>>>>> this as it results in BGP flap.
>>>>>
>>>>> Has any body tried an EEM solution to keep the BGP peer shut during
>>>>> an interface flap?
>>>>>
>>>>> I do not mind keeping the BGP shut till interface flapping is over
>>>>> but
>>>> how
>>>>> do we do/detect it with EEM?
>>>>>
>>>>> Thanks in advance for your replies.
>>>>>
>>>>> Mathew
>>>>>
>>>>>
>>>>> --
>>>>> Thanks
>>>>>
>>>>> Mathew
>>>>>
>>>>>
>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>
>>>>> ___________________________________________________________________
>>>>> _ ___ Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> ____________________________________________________________________
>>>> __ _ Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _____________________________________________________________________
>>> __ Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _____________________________________________________________________
>>> __ Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>
>
>
> --
> Thanks
>
> Mathew
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Thu Aug 15 2013 - 10:40:24 ART