RE: EEM to keep BGP peer shut during an interface flap

I think that would be a really cool script to see.
________________________________________
From: nobody_at_groupstudy.com [nobody_at_groupstudy.com] on behalf of Chris Rae [chris.rae07_at_me.com]
Sent: Thursday, August 15, 2013 12:02 PM
To: Joseph L. Brunner
Cc: marco207p_at_gmail.com; jon.hartman_at_verizon.net; mathewfer_at_gmail.com; jneiberger_at_gmail.com; ccielab_at_groupstudy.com
Subject: Re: EEM to keep BGP peer shut during an interface flap

Any chance you could post the eem script to achieve this?

I think we are talking different things.
Your talking internet facing.
My angle is more L3 IP VPN.....where the carrier is more willing to use some of the BGP features that Jon mentioned.

Cheers
Chris Rae

On 15/08/2013, at 11:40 PM, "Joseph L. Brunner" <joe_at_affirmedsystems.com> wrote:

> BFD is just the wrong solution for internet routing, imho.
>
> I don't care if my peer is up.
>
> I don't care if my peer is healthy.
>
> I care if my peer (my isp)'s backbone is healthy to the world!!!
>
> The way I see it, google has smarter people that anyone any most isp's (if not all).
>
> So I ping their a & b dns servers with sla's through my isp's and if my isp can get me to them, then I know they are healthy enough at that moment to trust. (8.8.8.8 & 8.8.4.4)
>
> So, I really just care about bgp for the inbound to my netblocks over two isp's...
> Otherwise, yes we would just use ip sla's, track obj's and static routes for the outbound...
>
> Sometimes, just because something "should be enough" (BFD) doesn't mean it is...
>
> I have no faith in my isp's backbone connectivity that ip sla's and track obj's don't prove... The eem's we just use to generate emails and shut bouncing neighbor's down.
>
> thanks,
>
> Joe
>
> ----- Original Message -----
> From: Christopher Rae [mailto:chris.rae07_at_me.com]
> Sent: Thursday, August 15, 2013 11:26 AM
> To: Joe Sanchez <marco207p_at_gmail.com>
> Cc: Joseph L. Brunner; jon.hartman_at_verizon.net <jon.hartman_at_verizon.net>; mathewfer_at_gmail.com <mathewfer_at_gmail.com>; jneiberger_at_gmail.com <jneiberger_at_gmail.com>; ccielab_at_groupstudy.com <ccielab_at_groupstudy.com>
> Subject: Re: EEM to keep BGP peer shut during an interface flap
>
> .....as long as Jon took it that way.
> Anyway.....I thought Jon's comments where valuable.
> There are alot of other options within BGP itself without going to EEM.
> Though, I do like the idea of playing with EEM and seeing what I can get out of it.
>
> Cheers
> Chris Rae
>
> On 15/08/2013, at 11:19 PM, Joe Sanchez <marco207p_at_gmail.com> wrote:
>
>> Chris, don't think to much into that one. That's Joe B's humor.
>>
>> Regards,
>> Joe Sanchez
>>
>> ( please excuse the brevity of this email as it was sent via a mobile device. Please excuse misspelled words or sentence structure.)
>>
>> On Aug 15, 2013, at 10:15 AM, Christopher Rae <chris.rae07_at_me.com> wrote:
>>
>>> Whats a lab rate ccie?
>>>
>>> Cheers
>>> Chris Rae
>>>
>>> On 15/08/2013, at 11:08 PM, "Joseph L. Brunner" <joe_at_affirmedsystems.com> wrote:
>>>
>>>> Another lab rate ccie :)
>>>>
>>>> Cause Jon,
>>>>
>>>> ISP are often useless post office style entities. We often cant rely on them for much. In my experience (500+ bgp implementations with a dual homed site or colo) the carriers can do things like freeze up, so you have to wait the keepalive and dead times before the secondary route(s) take over. BFD? I have not seen an isp offer that. We have Windstream (Paetec), TWC, Level3, Transbeam and Cogent to choose from here in NYC. I have a hard enough time just getting the peering session setup (one of those carrier's noc guy needed a config, I kid you not)
>>>>
>>>> EEM can also send you an email when bad things happen before your users (or boss) comes and tells you...
>>>>
>>>> Also, fast external failover is often useless. We are in the ethernet society... That feature was designed 15 years ago in the era of hdlc and ppp connections - like a DS3/T3. Your interface will almost never go down when your ethernet isp is "down". I know on my Level3 connections there are 2 alcatel lucent boxes between us and the juniper router actually doing the bgp. No chance that will help.
>>>>
>>>> EEM is your final control of how the router functions under different bgp and other conditions. Don't leave home without it...
>>>>
>>>>
>>>> ----- Original Message -----
>>>> From: Jon Hartman [mailto:jon.hartman_at_verizon.net]
>>>> Sent: Thursday, August 15, 2013 10:40 AM
>>>> To: Christopher Rae <chris.rae07_at_me.com>
>>>> Cc: Mathew <mathewfer_at_gmail.com>; Joe Sanchez <marco207p_at_gmail.com>; Joseph L. Brunner; John Neiberger <jneiberger_at_gmail.com>; Cisco certification <ccielab_at_groupstudy.com>
>>>> Subject: Re: EEM to keep BGP peer shut during an interface flap
>>>>
>>>> I'd have to think that features like BFD, bgp fast failover, interface dampening, and BGP dampening would accommodate the issue at hand.
>>>>
>>>> Why the requirement to use EEM?
>>>>
>>>> Jon Hartman
>>>> CCIE #34941
>>>>
>>>> On Aug 15, 2013, at 4:14 AM, "Christopher Rae" <chris.rae07_at_me.com> wrote:
>>>>
>>>>> Hey Joseph,
>>>>>
>>>>> Yes, had BFD running with a few providers no worries.
>>>>>
>>>>> Cheers
>>>>> Chris
>>>>>
>>>>> -----Original Message-----
>>>>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
>>>>> Mathew
>>>>> Sent: Thursday, August 15, 2013 3:47 PM
>>>>> To: Joe Sanchez
>>>>> Cc: Joseph L. Brunner; John Neiberger; Chris Rae; Cisco certification
>>>>> Subject: Re: EEM to keep BGP peer shut during an interface flap
>>>>>
>>>>> Hi,
>>>>>
>>>>> I just tried the below but I could not get it to work. The idea is to ping
>>>>> an IP and depending on the result to take action.
>>>>>
>>>>> I think line "action 11.2 regexp "(.*) (!\!\!\!\!) (.*)"
>>>>> "$_cli_result" _match _sub1" is NOT correct.
>>>>> As I am still building this applet, I run this manually.
>>>>>
>>>>> How do I get this regular expression correctly to match ping result?
>>>>>
>>>>> R2#show event manager version | in Event Manager Version Embedded Event
>>>>> Manager Version 3.00 R2#
>>>>>
>>>>> !
>>>>> event manager applet CHECK-PING-STATUS
>>>>> event none
>>>>> action 11.1 cli command "ping 2.2.2.2"
>>>>> action 11.2 regexp "(.*) (!\!\!\!\!) (.*)" "$_cli_result" _match _sub1
>>>>> action 11.3 if $_regexp_result eq 1 action 11.4 syslog msg "Ping is
>>>>> success"
>>>>> action 11.5 else
>>>>> action 11.6 syslog msg "Ping is failed"
>>>>> action 11.7 end
>>>>> !
>>>>>
>>>>> Mathew
>>>>>
>>>>> On Wed, Aug 14, 2013 at 11:09 PM, Joe Sanchez <marco207p_at_gmail.com> wrote:
>>>>>> Level 3 will as long as your're homed to the right gateway boxes.
>>>>>>
>>>>>> Regards,
>>>>>> Joe Sanchez
>>>>>>
>>>>>> ( please excuse the brevity of this email as it was sent via a mobile
>>>>>> device. Please excuse misspelled words or sentence structure.)
>>>>>>
>>>>>> On Aug 14, 2013, at 3:26 AM, "Joseph L. Brunner" <joe_at_affirmedsystems.com>
>>>>> wrote:
>>>>>>
>>>>>>> I have never seen an ISP that will run BFD with any customers... they
>>>>>>> seem to have enough issues just getting basic bgp setup (cogent
>>>>>>> anyone?)
>>>>>>>
>>>>>>> How about an EEM solution that shuts down bgp for a few hours and
>>>>>>> turns it back on aftermarket hours? Yes it works... we use it :)
>>>>>>>
>>>>>>> kbro-voip-rt01#show run | sec event
>>>>>>>
>>>>>>> event manager directory user policy "flash:/"
>>>>>>> event manager policy sendmail.tcl
>>>>>>>
>>>>>>> event manager applet ShutdownCohereBGPNeighbor event track 10 state
>>>>>>> down action 1.0 info type routername action 2.0 cli command "enable"
>>>>>>> action 2.1 cli command "configure terminal"
>>>>>>> action 2.5 cli command "router bgp 65080"
>>>>>>> action 2.6 cli command "neighbor 208.71.93.213 shutdown"
>>>>>>> action 3.0 mail server "outbounds9.obsmtp.com" to
>>>>> "kbro-notif_at_affirmedsystems.com" from "kbro-voip-rt01_at_kbro.com" subject
>>>>> "Cohere VoIP Direct route down @ $_info_routername"
>>>>>>>
>>>>>>> event manager applet EnableCohereat8PM event timer cron name
>>>>>>> EnableCohereat8PM cron-entry "0 20 * * *"
>>>>>>> action 1.0 info type routername
>>>>>>> action 2.0 cli command "enable"
>>>>>>> action 2.1 cli command "configure terminal"
>>>>>>> action 2.5 cli command "router bgp 65080"
>>>>>>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>>>>>>>
>>>>>>> event manager applet NoShutCohere805PM event tag 1.0 track 10 state
>>>>>>> up event tag 2.0 timer cron name NoShutCohere805PM cron-entry "5 20 *
>>>>>>> * *"
>>>>>>> trigger occurs 1 delay 10
>>>>>>> correlate event 1.0 and event 2.0
>>>>>>> attribute tag 1.0 occurs 1
>>>>>>> attribute tag 2.0 occurs 1
>>>>>>> action 1.0 info type routername
>>>>>>> action 2.0 cli command "enable"
>>>>>>> action 2.1 cli command "configure terminal"
>>>>>>> action 2.5 cli command "router bgp 65080"
>>>>>>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>>>>>>> action 2.7 cli command "do clear ip nat translation *"
>>>>>>> action 3.0 mail server "outbounds9.obsmtp.com" to
>>>>> "kbro-notif_at_affirmedsystems.com" from "kbro-voip-rt01_at_kbro.com" subject
>>>>> "Cohere VoIP Direct route restored @ $_info_routername"
>>>>>>>
>>>>>>>
>>>>>>> event manager applet EnableCohereat7AM event timer cron name
>>>>>>> EnableCohereat7AM cron-entry "0 7 * * *"
>>>>>>> action 1.0 info type routername
>>>>>>> action 2.0 cli command "enable"
>>>>>>> action 2.1 cli command "configure terminal"
>>>>>>> action 2.5 cli command "router bgp 65080"
>>>>>>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>>>>>>>
>>>>>>> event manager applet KeepNoShutCohere705AM event tag 1.0 track 10
>>>>>>> state up event tag 2.0 timer cron name KeepNoShutCohere705AM
>>>>>>> cron-entry "5 7 * * *"
>>>>>>> trigger occurs 1 delay 10
>>>>>>> correlate event 1.0 and event 2.0
>>>>>>> attribute tag 1.0 occurs 1
>>>>>>> attribute tag 2.0 occurs 1
>>>>>>> action 1.0 info type routername
>>>>>>> action 2.0 cli command "enable"
>>>>>>> action 2.1 cli command "configure terminal"
>>>>>>> action 2.5 cli command "router bgp 65080"
>>>>>>> action 2.6 cli command "no neighbor 208.71.93.213 shutdown"
>>>>>>> action 2.7 cli command "do clear ip nat translation *"
>>>>>>> action 3.0 mail server "outbounds9.obsmtp.com" to
>>>>> "kbro-notif_at_affirmedsystems.com" from "kbro-voip-rt01_at_kbro.com" subject
>>>>> "Cohere VoIP Direct route restored @ $_info_routername"
>>>>>>>
>>>>>>>
>>>>>>> -----Original Message-----
>>>>>>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf
>>>>>>> Of John Neiberger
>>>>>>> Sent: Tuesday, August 13, 2013 12:12 PM
>>>>>>> To: Chris Rae
>>>>>>> Cc: Mathew; Cisco certification
>>>>>>> Subject: Re: EEM to keep BGP peer shut during an interface flap
>>>>>>>
>>>>>>> This. Exactly. Use BFD for this. It already does what you're trying to do
>>>>> and it's a heck of a lot easier to configure.
>>>>>>>
>>>>>>>
>>>>>>> On Tue, Aug 13, 2013 at 6:53 AM, Chris Rae <chris.rae07_at_me.com> wrote:
>>>>>>>
>>>>>>>> Hey Matt,
>>>>>>>>
>>>>>>>> Why not just use BFD?
>>>>>>>> If the BFD peer is down (ie no keep alive or interface goes down)
>>>>>>>> BGP will immediately reroute via other peer.
>>>>>>>>
>>>>>>>> Chris
>>>>>>>>
>>>>>>>> On 13/08/2013, at 7:52 PM, Mathew <mathewfer_at_gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> I tested two EEM applet configs:
>>>>>>>>>
>>>>>>>>> - One check for syslog for an interface down and CLI to shut down
>>>>>>>>> BGP
>>>>>>>> peer.
>>>>>>>>> - Second one to no shut the BGP peer when syslog entry is seen with
>>>>>>>>> interface up.
>>>>>>>>>
>>>>>>>>> In fact the interface that I want check is NOT being used for this
>>>>>>>>> BGP peering so there is no way to do it with BGP configuration.
>>>>>>>>>
>>>>>>>>> The above two EEM configs works but the issue is that when this
>>>>>>>>> interface start to flap, EEM keep shutting and no-shutting BGP peer.
>>>>>>>>> I want to
>>>>>>>> avoid
>>>>>>>>> this as it results in BGP flap.
>>>>>>>>>
>>>>>>>>> Has any body tried an EEM solution to keep the BGP peer shut during
>>>>>>>>> an interface flap?
>>>>>>>>>
>>>>>>>>> I do not mind keeping the BGP shut till interface flapping is over
>>>>>>>>> but
>>>>>>>> how
>>>>>>>>> do we do/detect it with EEM?
>>>>>>>>>
>>>>>>>>> Thanks in advance for your replies.
>>>>>>>>>
>>>>>>>>> Mathew
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Thanks
>>>>>>>>>
>>>>>>>>> Mathew
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>>>>
>>>>>>>>> ___________________________________________________________________
>>>>>>>>> _ ___ Subscription information may be found at:
>>>>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>>>>
>>>>>>>>
>>>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>>>
>>>>>>>> ____________________________________________________________________
>>>>>>>> __ _ Subscription information may be found at:
>>>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>>>
>>>>>>>
>>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>>
>>>>>>> _____________________________________________________________________
>>>>>>> __ Subscription information may be found at:
>>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>>>
>>>>>>>
>>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>>
>>>>>>> _____________________________________________________________________
>>>>>>> __ Subscription information may be found at:
>>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Thanks
>>>>>
>>>>> Mathew
>>>>>
>>>>>
>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>
>>>>> _______________________________________________________________________
>>>>> Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>
>>>>>
>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>
>>>>> _______________________________________________________________________
>>>>> Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Thu Aug 15 2013 - 19:01:46 ART