思科增强对象跟踪

网络工程 思科 路由
2022-02-17 05:25:26

我正在尝试配置我们的路由器,以便如果 BGP 关闭我们的接口,FastEthernet0/0/0.3861 59.XXX 将从管理关闭 (SHUT) 更改为 UP。

我认为这可以通过 Cisco 增强型对象跟踪来实现。或者,如果我可以将隧道接口 (1) 配置为在 BGP 启动且 bgp 失败时处于待机模式,则从待机更改为启动。

抱歉,如果这令人困惑,但任何具有 Cisco 技能的人都可能会理解。

配置如下:

our_production_router2#show run 

Building configuration...

Current configuration : 17642 bytes 
! 
! 
Last configuration change at 14:54:15 UTC Wed Apr 13 2016 by johnsonmatthey\pattec0 
! 
version 15.4 
service timestamps debug datetime msec 
service timestamps log datetime msec 
service password-encryption 
! 
hostname jmeu-gurgaon02 
! 
boot-start-marker 
boot-end-marker 
! 
! 
logging buffered 51200 warnings 
enable password 7 ****************** 
! 
aaa new-model 
! 
! 
ip dhcp excluded-address 10.10.10.1 
! 
ip dhcp pool ccp-pool 
 import all 
 network 10.10.10.0 255.255.255.128 
 default-router 10.10.10.1 
  lease 0 2
!
! 
! 
no ip bootp server 
no ip domain lookup 
ip domain name routers.matthey.com 
ip name-server 192.168.1.233 
ip name-server 192.168.1.253 
ip cef 
no ipv6 cef 
! 
multilink bundle-name authenticated 
! 
cts logging verbose 
! 
! 
! 
interface Loopback0 
 ip address 10.41.252.72 255.255.255.255 
 no ip redirects 
 no ip unreachables 
 no ip proxy-arp 
 ip flow ingress 
! 
interface Loopback1 
 description BT Peering Loopback 
 ip address 10.1.243.106 255.255.255.255 
! 
interface Tunnel1 
 description Tunnel to jmeu-london-colo01 
 bandwidth 20000 
 ip address 10.9.249.34 255.255.255.252 
 no ip redirects 
 no ip unreachables 
 no ip proxy-arp 
 ip mtu 1420 
 ip hello-interval eigrp 65100 10 
 ip hold-time eigrp 65100 180 
 ip flow ingress 
 ip flow egress 
 ip tcp adjust-mss 1140 
 keepalive 4 6 
 tunnel source x.x.x.x 
 tunnel destination x.x.x.x 
 tunnel path-mtu-discovery 
 crypto map JMEU-VPN 
! 
interface Tunnel3 
 description Tunnel to jmeu-taloja01 
 bandwidth 256 
 ip address 10.41.248.18 255.255.255.252 
 no ip redirects 
 no ip unreachables 
 no ip proxy-arp 
 ip flow ingress 
 ip tcp adjust-mss 1340 
 keepalive 4 6 
 tunnel source x.x.x. 
 tunnel destination x.x.x.x 
 crypto map JMEU-VPN 
! 
interface Tunnel4 
 description p2p tunnel to Manesar 
 bandwidth 256 
 backup interface Tunnel3 
 ip address 10.41.249.170 255.255.255.252 
 no ip redirects 
 no ip unreachables 
 no ip proxy-arp 
 ip flow ingress 
 ip tcp adjust-mss 1340 
 keepalive 4 6 
 tunnel source x.x.x. 
 tunnel destination x.x.x.x 
 crypto map JMEU-VPN 
! 
interface Embedded-Service-Engine0/0 
 no ip address 
 shutdown 
! 
interface GigabitEthernet0/0 
 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$ 
 ip address 192.168.230.129 255.255.255.192 
 ip mtu 1420 
 ip tcp adjust-mss 1140 
 duplex auto 
 speed auto 
! 
interface GigabitEthernet0/1 
 bandwidth 10000 
 no ip address 
 no ip redirects 
 no ip unreachables 
 no ip proxy-arp 
 ip mtu 1420 
 ip flow ingress 
 ip tcp adjust-mss 1140 
 duplex auto 
 speed 10 
 no cdp enable 
 no mop enabled 
! 
interface GigabitEthernet0/1.2997 
 description CID:  
 bandwidth 10000 
 encapsulation dot1Q 2997 
 ip address 10.1.243.166 255.255.255.252 
 no cdp enable 
! 
interface FastEthernet0/0/0 
 no ip address 
 ip access-group Permitted-Inbound-Internet in 
 duplex auto 
 speed auto 
! 
interface FastEthernet0/0/0.3861 
 encapsulation dot1Q 3861 
 ip address x.x.x.x 255.255.255.252 
 ip access-group Permitted-Inbound-Internet in 
 no ip redirects 
 no ip unreachables 
 no ip proxy-arp 
 ip mtu 1420 
 ip tcp adjust-mss 1400 
 no cdp enable 
 crypto map JMEU-VPN 
! 
interface FastEthernet0/0/1 
 no ip address 
 duplex auto 
 speed auto 
! 
! 
router eigrp 65100 
 network 10.0.0.0 
 network 192.168.230.0 
 redistribute static metric 1500 1000 255 1 1500 route-map allow-static-routes 
 redistribute bgp 65304 metric 1500 1000 255 1 1500 
! 
router bgp 65304 
 bgp log-neighbor-changes 
 neighbor 10.1.243.165 remote-as 12641 
 ! 
 address-family ipv4 
  network 10.41.252.2 mask 255.255.255.255 
  network 10.41.252.72 mask 255.255.255.255 
  network 192.168.230.128 mask 255.255.255.192 
  neighbor 10.1.243.165 activate 
  neighbor 10.1.243.165 soft-reconfiguration inbound 
 exit-address-family 
! 
ip forward-protocol nd 
! 
ip http server 
ip http access-class 23 
ip http authentication local 
no ip http secure-server 
ip http timeout-policy idle 600 life 86400 requests 10000 
ip flow-export source Loopback0 
ip flow-export version 5 
! 
ip tacacs source-interface Loopback0 
! 
logging trap notifications 
logging source-interface Loopback0 
logging host 192.168.1.222 
logging host 10.16.1.252 
logging host 192.168.151.154 
! 
route-map allow-static-routes permit 10 
 match ip address 10 
! 
route-map static-to-bgp permit 10 
 match tag 111 
! 
! 
key 7 095B411B1501071D07051023282524 
access-list 1 permit 192.168.230.0 0.0.0.255 
access-list 10 remark redistribute-statics-first-line-dummy 
access-list 10 permit 10.10.10.0 0.0.0.255 
access-list 23 permit 10.10.10.0 0.0.0.127 
access-list 23 permit 10.10.10.0 0.0.0.7 
! 
! 
! 
control-plane 
! 
!

!
!
1个回答

如果您想根据事件更改接口的状态,您应该查看思科嵌入式事件管理器脚本:思科集成多业务路由器平台的 EEM 配置

基于事件,脚本可以执行如下操作:

ROUTER(config-applet)# action 1.2 cli command "interface g0/1"
ROUTER(config-applet)# action 1.3 cli command "no shut"

示例 1:记录事件的命令执行

此示例说明了使用 EEM 在发生特定事件时执行 show 命令并收集输出并将其保存在某个位置,以便以后用于故障排除。图 2 显示了拓扑。

挑战

此示例说明如何在路由器 B 中的开放最短路径优先 (OSPF) 邻居关闭时收集 CPU 使用率和接口输出。

解决方案

EEM 配置为检查 OSPF-neighbor-down syslog 消息;如果发生,它将执行以下命令并将输出保存在闪存中:

  • 显示cpu进程
  • 显示界面

配置如下:

RouterB#sh run
Building configuration...
Current configuration : 1137 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RouterB
ip cef
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface GigabitEthernet0/0
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 192.168.1.0 0.0.0.255 area 0
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login
!
scheduler allocate 20000 1000
!
webvpn cef
!
event manager applet OSPF
event syslog pattern "Neighbor Down: Dead timer expired"
action 1.0 cli command "enable"
action 1.1 cli command "sh proc cpu | append flash:cpu_info"
action 1.2 cli command "show interface | append flash:interface_info"
action 1.6 syslog msg "OSPF NEIGHBOR DOWN"
!
end
RouterB#
其它你可能感兴趣的问题
上一篇一台机器中的嵌套网络是否正确? 下一篇这种解释是否正确 - 如何确定 IP 地址是否在同一子网上