Scribd
Upload
281 views

Cisco IOS IP SLA and EEM Script

The document describes a lab exercise to demonstrate IP SLA and EEM script configuration on Cisco IOS routers. A network topology is set up with 4 routers and routes are configured so that ISP1 is the primary path to reach 8.8.8.8/32. IP SLA is configured on R2 to monitor reachability of R3. EEM scripts are used to change the default route to ISP2 when ISP1 fails and change it back when ISP1 is restored. The configuration and testing is shown to work as intended by changing routes when interfaces are shut down and brought back up.

Uploaded by

yasser
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
281 views

Cisco IOS IP SLA and EEM Script

The document describes a lab exercise to demonstrate IP SLA and EEM script configuration on Cisco IOS routers. A network topology is set up with 4 routers and routes are configured so that ISP1 is the primary path to reach 8.8.8.8/32. IP SLA is configured on R2 to monitor reachability of R3. EEM scripts are used to change the default route to ISP2 when ISP1 fails and change it back when ISP1 is restored. The configuration and testing is shown to work as intended by changing routes when interfaces are shut down and brought back up.

Uploaded by

yasser
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Download PNETLab Platform

PNETLAB Store
PNETLab.com

Cisco IOS IP SLA and EEM Script


Lab Topology:
The lab network topology is illustrated below:

https://user.pnetlab.com/store/labs/detail?id=16035330023569
Lab Objective:
The objective of this lab exercise is for you to learn and understand IP SLA and EEM Script on Cisco
IOS.
Task:
We have 4 routers: R1 and R2 are our DC, R3 is ISP 1 and R4 is ISP2. We will setup ISP1 is Primary
Path to reach prefix 8.8.8.8/32, Path to ISP2 will be disable. When ISP 1 down, R2 will automatic
enable ISP2. That we will do.

Solution

Basic Configuration:

1
Download PNETLab Platform
PNETLAB Store
PNETLab.com

Router R1 R2
Configuration interface Ethernet0/0 interface Ethernet0/0
no shutdown no shutdown
ip address 10.1.12.1 255.255.255.0 ip address 10.1.12.2 255.255.255.0
! !
ip route 0.0.0.0 0.0.0.0 10.1.12.2 interface Ethernet0/1
no shutdown
ip address 10.1.23.2 255.255.255.0
!
interface Ethernet0/2
no shutdown
ip address 10.1.24.2 255.255.255.0
!
ip route 8.8.8.8 255.255.255.255
10.1.23.3

Router R3 R4
Configuration interface Loopback0 interface Loopback0
no shutdown no shutdown
ip address 8.8.8.8 255.255.255.255 ip address 8.8.8.8 255.255.255.255
! !
interface Ethernet0/0 interface Ethernet0/0
no shutdown no shutdown
ip address 10.1.23.3 255.255.255.0 ip address 10.1.24.4 255.255.255.0
! !
ip route 0.0.0.0 0.0.0.0 10.1.23.2 ip route 0.0.0.0 0.0.0.0 10.1.24.2

IP SLA is configured on R2 which sends ICMP echoes to R3:

R2(config)#ip sla 1
R2(config-ip-sla)#icmp-echo 10.1.23.3 source-ip 10.1.23.2
R2(config-ip-sla-echo)#frequency 10
R2(config-ip-sla-echo)#exit
R2(config)#ip sla schedule 1 life forever start-time now
It’s a simple configuration where R2 will keep sending ICMP echoes to R3 forever. To combine IP
SLA with EEM, we’ll need to track it somehow. We can do this with object tracking:

R2(config)#track 1 ip sla 1 reachability


Above we created a new object that will track IP SLA 1. We can now track the status of this object
with EEM:
2
Download PNETLab Platform
PNETLAB Store
PNETLab.com

R2(config)#event manager applet TRACK_DOWN


R2(config-applet)#event track 1 state down
R2(config-applet)#action 1.0 cli command "enable"
R2(config-applet)#action 2.0 cli command "conf t"
R2(config-applet)#action 3.0 cli command "ip route 8.8.8.8 255.255.255.255 10.1.24.4"
R2(config-applet)#action 4.0 cli command "no ip route 8.8.8.8 255.255.255.255 10.1.23.3"
As soon as the object goes down, EEM will perform 4 actions:

1. Enable Router

2. Entering the configuration mode

3. Configuring new route to 8.8.8.8/32 that go via R4

4. Removing old route to 8.8.8.8/32 that go via R3

We’ll also configure an action that will be performed when the object is up again:

R2(config)#event manager applet TRACK_UP


R2(config-applet)#event track 1 state up
R2(config-applet)#action 1.0 cli command "enable"
R2(config-applet)#action 2.0 cli command "conf t"
R2(config-applet)#action 3.0 cli command "no ip route 8.8.8.8 255.255.255.255 10.1.24.4"
R2(config-applet)#action 4.0 cli command "ip route 8.8.8.8 255.255.255.255 10.1.23.3"
Let’s verify IP SLA:

R2#show ip sla statistics


IPSLAs Latest Operation Statistics

IPSLA operation id: 1


Latest RTT: 2 milliseconds
Latest operation start time: 11:21:14 EET Sat Oct 24 2020
Latest operation return code: OK
Number of successes: 83
Number of failures: 0
Operation time to live: Forever
We need to check route from R1 to the prefix 8.8.8.8/32:

3
Download PNETLab Platform
PNETLAB Store
PNETLab.com

R1#traceroute 8.8.8.8
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 10.1.12.2 2 msec 1 msec 0 msec
2 10.1.23.3 1 msec 3 msec *
So, it is running via R3. I ‘ll shutdown interface e0/0 of R3 in order to simulate a failure. Now, we
enable EEM debugging:

R2#debug event manager action cli


Debug EEM action cli debugging is on
Now we will shutdown the interface e0/0 on R3:

R3(config)#interface ethernet 0/0


R3(config-if)#shutdown
Here’s what happens on R1:

R2#
*Oct 24 09:29:01.127: %TRACK-6-STATE: 1 ip sla 1 reachability Up -> Down
*Oct 24 09:29:01.128: %HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : CTL : cli_open called.
*Oct 24 09:29:01.134: %HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : OUT : R2>
*Oct 24 09:29:01.134: %HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : IN : R2>enable
*Oct 24 09:29:01.261: %HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : OUT : R2#
*Oct 24 09:29:01.261: %HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : IN : R2#conf t
*Oct 24 09:29:01.379: %HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : OUT : Enter
configuration commands, one per line. End with CNTL/Z.
*Oct 24 09:29:01.379: %HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : OUT : R2(config)#
*Oct 24 09:29:01.379:
R2#%HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : IN : R2(config)#ip route 8.8.8.8
255.255.255.255 10.1.24.4
*Oct 24 09:29:01.604: %HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : OUT : R2(config)#
*Oct 24 09:29:01.604: %HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : IN : R2(config)#no ip
route 8.8.8.8 255.255.255.255 10.1.23.3
*Oct 24 09:29:01.827: %HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : OUT : R2(config)#
*Oct 24 09:29:01.827: %HA_EM-6-LOG: TRACK_DOWN : DEBUG(cli_lib) : : CTL : cli_close called.
*Oct 24 09:29:01.828:
*Oct 24 09:29:01.828: tty is now going through its death sequence
You can see that EEM is working. Let’s traceroute from R1 again:

R1#traceroute 8.8.8.8
Type escape sequence to abort.
4
Download PNETLab Platform
PNETLAB Store
PNETLab.com

Tracing the route to 8.8.8.8


VRF info: (vrf in name/id, vrf out name/id)
1 10.1.12.2 3 msec 2 msec 2 msec
2 10.1.24.4 3 msec 1 msec *
Now, R1 reach to 8.8.8.8/32 via R4. I will enable R3 again and see what happens:

*Oct 24 09:34:16.371: %TRACK-6-STATE: 1 ip sla 1 reachability Down -> Up


*Oct 24 09:34:16.371: %HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : CTL : cli_open called.
*Oct 24 09:34:16.376: %HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : OUT : R2>
*Oct 24 09:34:16.376: %HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : IN : R2>enable
*Oct 24 09:34:16.487: %HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : OUT : R2#
*Oct 24 09:34:16.487: %HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : IN : R2#conf t
*Oct 24 09:34:16.606: %HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : OUT : Enter
configuration commands, one per line. End with CNTL/Z.
*Oct 24 09:34:16.606: %HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : OUT : R2(config)#
*Oct 24 09:34:16.606:
R2#%HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : IN : R2(config)#no ip route 8.8.8.8
255.255.255.255 10.1.24.4
*Oct 24 09:34:16.918: %HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : OUT : R2(config)#
*Oct 24 09:34:16.918: %HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : IN : R2(config)#ip route
8.8.8.8 255.255.255.255 10.1.23.3
*Oct 24 09:34:17.139: %HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : OUT : R2(config)#
*Oct 24 09:34:17.139: %HA_EM-6-LOG: TRACK_UP : DEBUG(cli_lib) : : CTL : cli_close called.
*Oct 24 09:34:17.139:
*Oct 24 09:34:17.139: tty is now going through its death sequence
EEM is working again. We can check traceroute again:

R1#traceroute 8.8.8.8
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 10.1.12.2 0 msec 1 msec 1 msec
2 10.1.23.3 1 msec 2 msec *
Now, it go via R3. That’s great!

You might also like