Lab 3 - EEM Task 1
Transcription
Lab 3 - EEM Task 1
Lab 3 - EEM Task 1 Configure an applet named TST on R1 that assigns the F0/0 interface an IP address of 10.1.1.1 /24 and enables the interface. On R1 R1(config)#Event manager applet TST R1(config-applet)#event none R1(config-applet)#action 1.0 R1(config-applet)#action 1.1 R1(config-applet)#action 1.2 R1(config-applet)#action 1.3 R1(config-applet)#action 1.4 R1(config-applet)#action 1.5 sync yes cli command cli command cli command cli command cli command cli command "enable" "config t" "interface f0/0" "ip address 10.1.1.1 255.255.255.0" "no shut" "end" R1(config-applet)#end EEM applets are divided into three main elements: the name, the trigger (or event) and the action(s). In this example, the command “event manager applet TST” is used to name the applet “TST”. We define our trigger with the command “event none sync yes “. A trigger is used to tell the applet to execute. “Event none” states that there is to be a manual trigger (i.e. that the applet needs to be executed from the CLI with the “event manager run” command). “Sync yes” tells the router to run the commands in the applet synchronously with the router CLI, rather than execute them in a batch. This helps prevent command overruns. When the applet executes the commands it uses “action” statements. These must be numbered in ascending order but do not have to be consecutive. Generally, it is wise to use the number before the period to represent code sections and after the period the line within the sections that make a function. In our example we have the following action statements: action 1.0 cli command "enable" action 1.1 cli command "config terminal" action 1.2 cli command "interface F0/0" action 1.3 cli command "ip address 10.1.1.1 255.255.255.0" action 1.4 cli command "no shut" action 1.5 cli command "end" CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 1 of 15 The syntax here dictates each statement to be a CLI (command line interface) command and in double quotes we specify which regular IOS command needs to be run. You’ll notice here we include every command needed to get from enable mode to the F0/0 interface, the applet then executes our configuration commands and then exits back to privileged exec mode. Because this is all one function we chose to number it 1.x for each command line within the function. To test the configuration: On R1 R1#event manager run TST You should see the following console messages: %SYS-5-CONFIG_I: Configured from console by on vty0 (EEM:TST) %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up R1#Show run int f0/0 | B interface interface FastEthernet0/0 ip address 10.1.1.1 255.255.255.0 duplex auto speed auto end Task 2 Using EEM configure an applet on R1 to generate the following Console message when it’s run manually. “Micronics is the BEST” On R1 R1(config)#Event manager applet CCIE R1(config-applet)#event none R1(config-applet)#action 2.0 syslog msg "Micronics is the BEST" R1(config-applet)#end To test the configuration: CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 2 of 15 On R1 R1#Event manager run CCIE You should see the following console message: %HA_EM-6-LOG: CCIE: Micronics is the BEST Task 3 Configure an applet named TST on R2 that gives the F0/0 interface an IP address of 10.1.1.2 /24 and enables the interface. The applet should then log a console message that states “IP address assigned successfully”. On R2 R2(config)#Event manager applet TST R2(config-applet)#event none R2(config-applet)#action 3.0 R2(config-applet)#action 3.1 R2(config-applet)#action 3.2 R2(config-applet)#action 3.3 R2(config-applet)#action 3.4 R2(config-applet)#action 3.5 R2(config-applet)#action 3.6 sync yes cli command "enable" cli command "config t" cli command "interface f0/0" cli command "ip addr 10.1.1.2 255.255.255.0" cli command "no shut" cli command "end" syslog msg "IP Address assigned successfully" To test the configuration: On R2 R2#Event manager run TST You should see the following console messages: %SYS-5-CONFIG_I: Configured from console by on vty0 (EEM:TST) %HA_EM-6-LOG: TST: IP Address assigned successfully %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up This example is very similar to the first task. The major difference (besides it being used to configure R2 rather than R1) is that there is an additional action to log a syslog message after the IP address of R2 is configured and enabled. Syslog is a protocol used to manage events and alerts. By default syslog messages are sent straight to the router console, so we see the following message on the router console CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 3 of 15 after the script executes: %HA_EM-6-LOG: TST: IP Address assigned successfully To enable a syslog message we used the action statement in the applet of: action 3.6 syslog msg "IP Address assigned successfully" This caused our string of text to be displayed on the console after our other commands executed successfully. Task 4 Using EEM configure an applet such that it saves R2’s configuration and reloads the router. Before the reload a console message of “Router about to reload” should be logged to the console. On R2 R2(config)#Event manager applet Reload R2(config-applet)#event none sync yes R2(config-applet)#action 4.0 cli command "enable" R2(config-applet)#action 4.1 cli command "wr" R2(config-applet)#action 4.2 syslog msg "Router about to reload" R2(config-applet)#action 4.3 reload R2(config-applet)#exit NOTE: The “Reload” is an option after the “action 4.3”, therefore, the “cli command “Reload” should NOT be configured. A “?” will reveal this information: R2(config-applet)#action 4.3 ? cli Execute a CLI command cns-event Send a CNS event counter Modify a counter value force-switchover Force a software switchover info Obtain system specific information mail Send an e-mail policy Run a pre-registered policy publish-event Publish an application specific event reload Reload system CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 4 of 15 snmp-trap syslog track Send an SNMP trap Log a syslog message Read/Set a tracking object You should always exit or else the EEM will NOT be invoked. To test the configuration On R2 R2#Event manager run Reload You should see the following console messages: %HA_EM-6-LOG: Reload: Router is about to reload %HA_EM-6-FMS_RELOAD_SYSTEM: fh_io_msg: Policy has requested a system reload; -Process= "EEM Server", ipl= 0, pid= 231 %SYS-5-RELOAD: Reload requested by EEM. Reload Reason: Embedded Event Manager action. System Bootstrap, Version 12.2(8r)T2, RELEASE SOFTWARE (fc1) TAC Support: http://www.cisco.com/tac Copyright (c) 2002 by cisco Systems, Inc. c3725 processor with 262144 Kbytes of main memory Main memory is configured to 64 bit mode with parity disabled To verify the configuration: On R2 After the system reloads: R2#Show run int f0/0 | B interface interface FastEthernet0/0 ip address 10.1.1.2 255.255.255.0 duplex auto speed auto end CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 5 of 15 Task 5 Configure R2 so that whenever a Syslog message including the text “UPDOWN” is written to the log, an additional Syslog message of “Interface state changed, Wake UP mate” is written by EEM to the Syslog. On R2 R2(config)#Event manager applet UpDown R2(config-applet)#event syslog pattern UPDOWN R2(config-applet)#action 5.0 syslog msg "Interface state changed, wake up mate” To test the configuration: On R2 R2(config)#int f0/0 R2(config-if)#Shut You should see the following console messages: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down %HA_EM-6-LOG: UpDown: Interface state changed, Wake up mate The new element in this applet is the “Event syslog pattern UPDOWN” trigger. This trigger looks for a certain pattern to occur within a Syslog message, and when that pattern occurs, it triggers the applet which in this case will write another Syslog message. The pattern can be any regular expression or string match. Task 6 Assign the following IP addresses to the F0/0 and F0/1 interfaces of R3, and enable both interfaces: F0/0 – 30.3.3.3 /24 F0/1 – 31 3.3.3 /24 R3 should be configured such that when its F0/0 interface goes down, the F0/1 interface of this router also goes down, and when it comes back up, the F0/1 interface should also come back up. You should use an EEM applet to accomplish this task. CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 6 of 15 On R3 R3(config)#Int F0/0 R3(config-if)#ip addr 30.3.3.3 255.255.255.0 R3(config-if)#No shut R3(config)#Int F0/1 R3(config-if)#ip addr 31.3.3.3 255.255.255.0 R3(config-if)#No shut To verify the configuration: On R3 R3#Show ip int brief | Exc unass Interface FastEthernet0/0 FastEthernet0/1 IP-Address 30.3.3.3 31.3.3.3 OK? Method Status YES manual up YES manual up Protocol up up To configure the EEM applet: The following track command “Track 1” tracks the status of F0/0 interface: R3(config)#Track 1 inter F0/0 line-protocol In the following event manager called “R3” the event tracks the state of F0/0 interface and if the state is down, then, it executes the cli commands that follow: R3(config)#Event manager applet F00-DOWN R3(config-applet)#event track 1 state down R3(config-applet)#action 6.0 cli command "enable" R3(config-applet)#action 6.1 cli command "configure terminal" R3(config-applet)#action 6.2 cli command "int f0/1" R3(config-applet)#action 6.3 cli command "Shut" R3(config-applet)#action 6.4 cli command "end" R3(config-applet)#end R3(config)#event manager applet F00-UP R3(config-applet)#event track 1 state up R3(config-applet)#action 6.5 cli command R3(config-applet)#action 6.6 cli command R3(config-applet)#action 6.7 cli command R3(config-applet)#action 6.8 cli command R3(config-applet)#action 6.9 cli command CCIE R&S by Narbik Kocharians "enable" "config t" "int f0/1" "no shut" "end" Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 7 of 15 R3(config-applet)#end To test the configuration: On R3 R3(config)#Int F0/0 R3(config-if)#shut You should see the following console messages: %TRACKING-5-STATE: 1 interface Fa0/0 line-protocol Up->Down %SYS-5-CONFIG_I: Configured from console by on vty0 (EEM:R3) %SYS-5-CONFIG_I: Configured from console by console %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down To verify the configuration: On R3 R3#Show ip int brief | Exc unass Interface FastEthernet0/0 FastEthernet0/1 IP-Address 30.3.3.3 31.3.3.3 OK? Method Status Protocol YES manual administratively down down YES manual administratively down down Let’s “NO SHUT” the F0/0 interface to test the second part of this task: On R3 R3(config)#Int F0/0 R3(config-if)#NO shut You should see the following console messages on R3: %TRACKING-5-STATE: 1 interface Fa0/0 line-protocol Down->Up %SYS-5-CONFIG_I: Configured from console by on vty0 (EEM:R3-UP) %SYS-5-CONFIG_I: Configured from console by console %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 8 of 15 %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up To verify the configuration: On R3 R3#Show ip int brief | Exc unass Interface FastEthernet0/0 FastEthernet0/1 IP-Address 30.3.3.3 31.3.3.3 OK? Method Status YES manual up YES manual up Protocol up up Task 7 R2 is going to pretend to be an SMTP server. Configure R3 to be able to send an email to [email protected]. The email should come from [email protected], however, the script should be portable and used by other routers so use a variable to obtain the value R3. The email subject should be “Test Email”. On R3 R3(config)#Event manager applet TestEmail R3(config-applet)#event none sync yes R3(config-applet)#action 7.0 info type routername R6(config-applet)# action 7.1 mail server "10.1.1.2" to "[email protected]" from "[email protected]" subject "Test Email" R3(config-applet)#end To test the configuration: On R3 R3#Event manager run TestEmail You should see the following console messages: %HA_EM-3-FMPD_SMTP: Error occured when sending mail to SMTP server: 10.1.1.2 : error in connecting to SMTP server %HA_EM-3-FMPD_ERROR: Error executing applet TestEmail statement 7.1 CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 9 of 15 This example uses two new action statement types. The first is the “info” action statement. The info action statement is used when a piece of system information needs to be retrieved by the applet. In this case we use the “info type routername” statement which retrieves the name of the router and holds it as a variable “$_info_routername”. This variable can be obtained from the Cisco documentation at: http://www.cisco.com/en/US/docs/ios/netmgmt/command/reference/nm_01.html#wp1049967 The second statement type added here is the mail action statement. The mail action statement is used to send emails to an email server (which we don’t have in the CCIE lab) to deliver to a recipient. Each field (server, to, from, subject, etc.) needs to be filled in to the mail action statement to construct an email to be sent. In our example we execute the TestEmail applet however, due to there being no SMTP server on R2 we return an error message rather than sending an email. Task 8 Configure R2 or any other router such that when a “ping 10.1.1.1” command is entered the following console message is displayed: “The command is bypassed, try again later.” On R2 R2(config)#Event manager applet Task8 R2(config-applet)#event cli pattern "ping 10.1.1.1" sync no skip yes R2(config-applet)#action 8.0 syslog msg "The command is bypassed, try again later." R3(config-applet)#end To test the configuration: On R2 R2#ping 10.1.1.1 R2# %HA_EM-6-LOG: Task8: The command is bypassed, try again later. In the above example the “Sync NO” option is used to stop the policy from running synchronously, this gave us the ability to use the “Skip” keyword; the “Skip” keyword prevents the issued command (ping 10.1.1.1) from running. Then, the ONLY action is taken which generates a console message. CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 10 of 15 Task 9 Configure R3 such that when you enter “configure terminal” it puts you back in the privilege mode. DO NOT save the configuration after configuring this task, reload the router once the task is fully tested. On R3 R3(config)#event manager applet TST R3(config-applet)#event cli pattern "configure terminal" sync no skip yes R3(config-applet)#action 9.0 cli command "enable" R3(config-applet)#end NOTE: In this configuration if the “SKIP” option is set to “NO”, it will NOT skip and it will execute the command and the IOS will take you to the global configuration mode, but if you want to skip the execution of the “config t” command and go to the action, then, it MUST be set to “YES”. To test the configuration: On R3 R3#conf t R3# The router needs to be reloaded to get ride off the Event manager applet. Task 10 Configure the routers according to the following diagram. All directly connected interfaces should be configured in area 0, except the lo0 of R1, this interface should NOT be configured in any routing protocol. Lab Setup: To copy and paste the initial configurations, go to “Boot-Camp-Init” folder “IP Services-Adv Features” ”Lab-3-Task-10”. CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 11 of 15 10.1.12.0 /24 F0/0 .1 1.1.1.1 /8 2.2.2.2 /8 .2 F0/0 F0/1 R1 R3 .3 10.1.23.0 /24 R2 .2 4.4.4.4 /8 3.3.3.3 /8 F0/1 R4 .4 F0/0 F0/0 .3 10.1.34.0 /24 Task 11 R1 should redistribute its Lo0 interface if network 2.2.2.0/24 is up and network 3.3.3.0/24 is down. EEM MUST be part of the solution to accomplish this task. On R1 R1(config)#Track 1 list boolean and R1(config-track)#object 2 R1(config-track)#object 3 NOT R1(config-track)#track 2 ip route 2.0.0.0 255.0.0.0 reach R1(config-track)#track 3 ip route 3.0.0.0 255.0.0.0 reach R1(config-track)#exit R1(config)#Event manager applet UP R1(config-applet)#event track 1 state up R1(config-applet)#action 1.0 cli command R1(config-applet)#action 1.1 cli command R1(config-applet)#action 1.2 cli command R1(config-applet)#action 1.3 cli command map TST sub" R1(config-applet)#action 1.4 cli command CCIE R&S by Narbik Kocharians "enable" "configure terminal" "router ospf 1” "Redistribute connected route"end" Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 12 of 15 R1(config-applet)#exit R1(config)#Event manager applet DOWN R1(config-applet)#event track 1 state down R1(config-applet)#action 2.0 cli command "enable" R1(config-applet)#action 2.1 cli command "configure terminal" R1(config-applet)#action 2.2 cli command " router ospf 1" R1(config-applet)#action 2.3 cli command "NO redistr connected" R1(config-applet)#action 2.4 cli command "end" R1(config)#Route-map TST R1(config-route-map)#match inter lo0 To test the conditions: On R1 R1#Sh track 1 Track 1 List boolean and Boolean AND is Down 3 changes, last change 00:04:20 object 2 Up object 3 not Up Tracked by: EEM applet DOWN EEM applet UP On R3 R3(config)#int lo0 R3(config-if)#Shut You should see the following console messages on R1: On R1 %TRACKING-5-STATE: 3 ip route 3.0.0.0/8 reachability Up->Down %TRACKING-5-STATE: 1 list boolean and Down->Up %SYS-5-CONFIG_I: Configured from console by on vty0 (EEM:UP) To see the action taken by EEM: On R1 CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 13 of 15 R1#Sh run | s router ospf 1 router ospf 1 log-adjacency-changes redistribute connected subnets route-map TST network 10.1.12.1 0.0.0.0 area 0 On R4 R4#Sh ip route ospf | i O O E2 1.0.0.0/8 [110/20] via 10.1.34.3, 00:00:20, FastEthernet0/0 O 2.0.0.0/8 [110/3] via 10.1.34.3, 00:01:31, FastEthernet0/0 O 10.1.12.0 [110/3] via 10.1.34.3, 00:01:31, FastEthernet0/0 O 10.1.23.0 [110/2] via 10.1.34.3, 00:01:31, FastEthernet0/0 To test the condition: On R3 R3(config)#Int lo0 R3(config-if)#No shut You should see the following console messages on R1: On R1 %TRACKING-5-STATE: 3 ip route 3.0.0.0/8 reachability Down->Up %TRACKING-5-STATE: 1 list boolean and Up->Down %SYS-5-CONFIG_I: Configured from console by on vty0 (EEM:DOWN) R1#Sh track 1 Track 1 List boolean and Boolean AND is Down 5 changes, last change 00:00:22 object 2 Up object 3 not Up Tracked by: EEM applet DOWN EEM applet UP R1#Sh run | s router ospf 1 CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 14 of 15 router ospf 1 log-adjacency-changes network 10.1.12.1 0.0.0.0 area 0 R4#Sh ip route ospf | i O O O O O 2.0.0.0/8 [110/3] via 10.1.34.3, 00:03:03, FastEthernet0/0 3.0.0.0/8 [110/2] via 10.1.34.3, 00:00:59, FastEthernet0/0 10.1.12.0 [110/3] via 10.1.34.3, 00:03:03, FastEthernet0/0 10.1.23.0 [110/2] via 10.1.34.3, 00:03:03, FastEthernet0/0 Task 12 Erase the startup configuration of the routers and reload the routers before you proceed to the next lab CCIE R&S by Narbik Kocharians Boot Camp 4.0 © 2012 Narbik Kocharians. All rights reserved Page 15 of 15