Archive

标签为 ‘ASR9k’的文章

Do action by EEM+TCL after the log happen X Times in Y LC/RSP at ASR9k

Problem:

We can do more automated action by EEM + TCL on Cisco router, and have more trigger way for syslog pattern trigger, OID trigger, CPU Threshold trigger and so on. That will match IOS platform, no any issue. But in XR platform, each LC/RSP have separate alarm, we maybe have special requirement, e.g:

Some alarms frequency happen, I want to restart the process (base on pid) if the alarm happen 3 times in 5min on each LC, how to do that?

0/3/cpu0: alarm report "C", Pid = zzz
0/1/cpu0: alarm report "A", Pid = xxx
0/2/cpu0: alarm report "B", pid = yyy
0/3/cpu0: alarm report "C", pid = zzz
0/1/cpu0: alarm report "A", pid = xxx
0/1/cpu0: alarm report "A", pid = xxx

Solution:

We can do interactive script by TCL I/O, create a file in Harddisk/disk which has the history/count of syslog for Lcs. We can read this file using the script whenever the syslog is observed. Based on the number of syslogs the script can take the required action.

The steps will be like this, please check attachment and script flow chart for detail script, in my example, I only dump arp process for testing, please change script base on your requirement, in order to test script, you can add flag to test that, e.g “action_syslog priority info msg “a””: 完整阅读

ASR9k EEM + TCL Interactive Scripting

Requirement:
1. Capture interface tunnel port each 5 minutes, if traffics > X, will capture other information.
2. Store those information to disk0/harddisk.

In fact, the requirement is very easy by Python + CRT, but customer couldn’t find a PC to continue to run python script, so only use EEM + TCL on ASR9k. And in TCL script, I use two function: foreach and scan.

Follow CLI need config before do script, if you change any variable or script, you need re-config “event manager policy tac_te.tcl username cisco”:

aaa authorization eventmanager default local
event manager environment _cron_entry1 */5 * * * *
event manager directory user policy disk0:
event manager policy tac_te.tcl username cisco persist-time 3600 type user

完整阅读

ASR9k EEM+TCL General custom SNMP Trap

If customer want to focus a alarm on their NMS by SNMP Trap, they can config “snmp-server traps syslog”. But if customer no filter feature on NMS, they couldn’t find special alarm in all syslog, now we can use EEM + TCL to match customer requirement.

Follow TCL Script:

::cisco::eem::event_register_syslog pattern $_error_log occurs $_number period $_times maxrun 300
namespace import ::cisco::eem::*
namespace import ::cisco::lib::*

set alarm "***OOB_ERROR Happened!***"

sys_reqinfo_snmp_trapvar var temp oid 1.1.1.1.1.1.1.1 string $alarm
sys_reqinfo_snmp_trap enterprise_oid 1.3.6.1 generic_trapnum 6 specific_trapnum 2 trap_oid 1.1.1.1.1.1.1.1.1.1.1.1.1 trap_var temp

完整阅读

How to sniffer Dummy VLAN on L2VPN ?

什么是dummy vlan?

由于EVC平台在入端口可以通过rewrite命令剥离VLAN tag,这样导致在PW中没有任何tag,在Type 4时会有问题,两边VLAN的QOS无法传递给对端,所以就有了这个所谓的dummy vlan,它不是一个真正的VLAN,他只是传递一些QOS字段并且占一个位。那么dummy VLAN长什么样?其实大鹏之前的文章里已经详细介绍了EVC的各种行为,我这里只是介绍抓dummy VLAN的“心路历程”以及dummy VLAN的“样子”~

测试Topology:

起始测试环境为VPLS BGP auto discovery + LDP Sig,在76的入向抓包
dummy-vlan-topology

测试步骤

1. 默认Type 5,在CE1 ping 带cos 5,ASR9k-1在AC上不配置rewrite,透传的VLAN是否带着802.1p?根据抓包信息,正常带着802.1p,详细看“bgp-ldp-vlan-cos5.pcapng”;另外有个疑问,既然type 5支持VLAN透传,为什么还要Type 4?答案请看文章结束部分
完整阅读

ASR9k load balance issue under L2VPN(VPLS/Eompls/ATOM)

很多客户在部署VPLS时,当核心有负载链路或者Bundle时,常常会碰到负载不均的现象,为什么会发生这种问题?首先看下常规ASR9k在不同场景下是用什么元素去做Hash的:
9k-load-share-01

A: src-ip, dst-ip, src-port, dst-port, router_id
B: bottom_most_label, router_id
C: 4th_label, router_id

Ok,我们可以看到在L2VPN中,用的是bottom label来做的负载均衡,这是因为系统无法跳过L2VPN中的MAC头,去读L3的IP头。在这里拿Bundle端口举例,说说不同场景下bundle的HASH方法(在9k上,所有HASH动作都是在进口NP上做的,这个HASH结果会直接被出口NP调用):
完整阅读