Re: EEM to keep BGP peer shut during an interface flap

Matt -

Use a tracked obj with the connected route or an ip sla being pinged as the tracked entity.

track 10 ip sla 10 reachability

Etc,

Joe

----- Original Message -----
From: Mathew [mailto:mathewfer_at_gmail.com]
Sent: Thursday, August 15, 2013 03:46 AM
To: Joe Sanchez <marco207p_at_gmail.com>
Cc: Joseph L. Brunner; John Neiberger <jneiberger_at_gmail.com>; Chris Rae <chris.rae07_at_me.com>; Cisco certification <ccielab_at_groupstudy.com>
Subject: Re: EEM to keep BGP peer shut during an interface flap

Hi,

I just tried the below but I could not get it to work. The idea is to
ping an IP and depending on the result to take action.

I think line "action 11.2 regexp "(.*) (!\!\!\!\!) (.*)"
"$_cli_result" _match _sub1" is NOT correct.
As I am still building this applet, I run this manually.

How do I get this regular expression correctly to match ping result?

R2#show event manager version | in Event Manager Version
Embedded Event Manager Version 3.00
R2#

!
event manager applet CHECK-PING-STATUS
 event none
 action 11.1 cli command "ping 2.2.2.2"
 action 11.2 regexp "(.*) (!\!\!\!\!) (.*)" "$_cli_result" _match _sub1
 action 11.3 if $_regexp_result eq 1
 action 11.4 syslog msg "Ping is success"
 action 11.5 else
 action 11.6 syslog msg "Ping is failed"
 action 11.7 end
!

Mathew

On Wed, Aug 14, 2013 at 11:09 PM, Joe Sanchez <marco207p_at_gmail.com> wrote:
> Level 3 will as long as your're homed to the right gateway boxes.
>
> Regards,
> Joe Sanchez
>
> ( please excuse the brevity of this email as it was sent via a mobile device. Please excuse misspelled words or sentence structure.)
>
> On Aug 14, 2013, at 3:26 AM, "Joseph L. Brunner" <joe_at_affirmedsystems.com> wrote:
>
>> I have never seen an ISP that will run BFD with any customers... they seem to have enough issues just getting basic bgp setup (cogent anyone?)
>>
>> How about an EEM solution that shuts down bgp for a few hours and turns it back on aftermarket hours? Yes it works... we use it :)
>>
>> kbro-voip-rt01#show run | sec event
>>
>> event manager directory user policy "flash:/"
>> event manager policy sendmail.tcl
>>
>> event manager applet ShutdownCohereBGPNeighbor
>> event track 10 state down
>> action 1.0 info type routername
>> action 2.0 cli command "enable"
>> action 2.1 cli command "configure terminal"
>> action 2.5 cli command "router bgp 65080"
>> action 2.6 cli command "neighbor 208.71.93.213 shutdown"
>> action 3.0 mail server "outbounds9.obsmtp.com" to "kbro-notif_at_affirmedsystems.com" from "kbro-voip-rt01_at_kbro.com" subject "Cohere VoIP Direct route down @ $_info_routername"
>>
>> event manager applet EnableCohereat8PM
>> event timer cron name EnableCohereat8PM cron-entry "0 20 * * *"
>> action 1.0 info type routername
>> action 2.0 cli command "enable"
>> action 2.1 cli command "configure terminal"
>> action 2.5 cli command "router bgp 65080"
>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>>
>> event manager applet NoShutCohere805PM
>> event tag 1.0 track 10 state up
>> event tag 2.0 timer cron name NoShutCohere805PM cron-entry "5 20 * * *"
>> trigger occurs 1 delay 10
>> correlate event 1.0 and event 2.0
>> attribute tag 1.0 occurs 1
>> attribute tag 2.0 occurs 1
>> action 1.0 info type routername
>> action 2.0 cli command "enable"
>> action 2.1 cli command "configure terminal"
>> action 2.5 cli command "router bgp 65080"
>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>> action 2.7 cli command "do clear ip nat translation *"
>> action 3.0 mail server "outbounds9.obsmtp.com" to "kbro-notif_at_affirmedsystems.com" from "kbro-voip-rt01_at_kbro.com" subject "Cohere VoIP Direct route restored @ $_info_routername"
>>
>>
>> event manager applet EnableCohereat7AM
>> event timer cron name EnableCohereat7AM cron-entry "0 7 * * *"
>> action 1.0 info type routername
>> action 2.0 cli command "enable"
>> action 2.1 cli command "configure terminal"
>> action 2.5 cli command "router bgp 65080"
>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>>
>> event manager applet KeepNoShutCohere705AM
>> event tag 1.0 track 10 state up
>> event tag 2.0 timer cron name KeepNoShutCohere705AM cron-entry "5 7 * * *"
>> trigger occurs 1 delay 10
>> correlate event 1.0 and event 2.0
>> attribute tag 1.0 occurs 1
>> attribute tag 2.0 occurs 1
>> action 1.0 info type routername
>> action 2.0 cli command "enable"
>> action 2.1 cli command "configure terminal"
>> action 2.5 cli command "router bgp 65080"
>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>> action 2.7 cli command "do clear ip nat translation *"
>> action 3.0 mail server "outbounds9.obsmtp.com" to "kbro-notif_at_affirmedsystems.com" from "kbro-voip-rt01_at_kbro.com" subject "Cohere VoIP Direct route restored @ $_info_routername"
>>
>>
>> -----Original Message-----
>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of John Neiberger
>> Sent: Tuesday, August 13, 2013 12:12 PM
>> To: Chris Rae
>> Cc: Mathew; Cisco certification
>> Subject: Re: EEM to keep BGP peer shut during an interface flap
>>
>> This. Exactly. Use BFD for this. It already does what you're trying to do and it's a heck of a lot easier to configure.
>>
>>
>> On Tue, Aug 13, 2013 at 6:53 AM, Chris Rae <chris.rae07_at_me.com> wrote:
>>
>>> Hey Matt,
>>>
>>> Why not just use BFD?
>>> If the BFD peer is down (ie no keep alive or interface goes down) BGP
>>> will immediately reroute via other peer.
>>>
>>> Chris
>>>
>>> On 13/08/2013, at 7:52 PM, Mathew <mathewfer_at_gmail.com> wrote:
>>>
>>>> Hi,
>>>>
>>>> I tested two EEM applet configs:
>>>>
>>>> - One check for syslog for an interface down and CLI to shut down
>>>> BGP
>>> peer.
>>>> - Second one to no shut the BGP peer when syslog entry is seen with
>>>> interface up.
>>>>
>>>> In fact the interface that I want check is NOT being used for this
>>>> BGP peering so there is no way to do it with BGP configuration.
>>>>
>>>> The above two EEM configs works but the issue is that when this
>>>> interface start to flap, EEM keep shutting and no-shutting BGP peer.
>>>> I want to
>>> avoid
>>>> this as it results in BGP flap.
>>>>
>>>> Has any body tried an EEM solution to keep the BGP peer shut during
>>>> an interface flap?
>>>>
>>>> I do not mind keeping the BGP shut till interface flapping is over
>>>> but
>>> how
>>>> do we do/detect it with EEM?
>>>>
>>>> Thanks in advance for your replies.
>>>>
>>>> Mathew
>>>>
>>>>
>>>> --
>>>> Thanks
>>>>
>>>> Mathew
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> ____________________________________________________________________
>>>> ___ Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> ______________________________________________________________________
>>> _ Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>

-- 
Thanks
Mathew
Blogs and organic groups at http://www.ccie.net