Archive

标签为 ‘IOX’的文章

EVPN Summary

EVPN

L2VPN中,我们常见的是VPLS,EoMPLS,AoTM等,这些技术主要利用伪线技术(Kompella/Martini)构造虚拟专网或专线,并由MPLS承载。虽然已经可以通过BGP自动发现并创建伪线,但基于伪线技术的L2VPN有很多缺陷,所以需要一个技术可以通过BGP来替代原来的伪线技术,因此才有了EVPN,EVPN带来最大的不同就是通过BGP控制平面来进行MAC学习,而不是数据平面。2015年提出的PBB-EVPN也是属于EVPN的一种。

EVPN带着替换伪线技术的使命而来,同之前一样,主要涉及点到点、点到多点,下图包含了我们常见的几种EVPN(我暂时没有把ETREE列出来),此篇文章主要以几类Route Type为例,展开整理EVPN的内容,以备以后复习

完整阅读

Do action by EEM+TCL after the log happen X Times in Y LC/RSP at ASR9k

Problem:

We can do more automated action by EEM + TCL on Cisco router, and have more trigger way for syslog pattern trigger, OID trigger, CPU Threshold trigger and so on. That will match IOS platform, no any issue. But in XR platform, each LC/RSP have separate alarm, we maybe have special requirement, e.g:

Some alarms frequency happen, I want to restart the process (base on pid) if the alarm happen 3 times in 5min on each LC, how to do that?

0/3/cpu0: alarm report "C", Pid = zzz
0/1/cpu0: alarm report "A", Pid = xxx
0/2/cpu0: alarm report "B", pid = yyy
0/3/cpu0: alarm report "C", pid = zzz
0/1/cpu0: alarm report "A", pid = xxx
0/1/cpu0: alarm report "A", pid = xxx

Solution:

We can do interactive script by TCL I/O, create a file in Harddisk/disk which has the history/count of syslog for Lcs. We can read this file using the script whenever the syslog is observed. Based on the number of syslogs the script can take the required action.

The steps will be like this, please check attachment and script flow chart for detail script, in my example, I only dump arp process for testing, please change script base on your requirement, in order to test script, you can add flag to test that, e.g “action_syslog priority info msg “a””: 完整阅读

ASR9k EEM + TCL Interactive Scripting

Requirement:
1. Capture interface tunnel port each 5 minutes, if traffics > X, will capture other information.
2. Store those information to disk0/harddisk.

In fact, the requirement is very easy by Python + CRT, but customer couldn’t find a PC to continue to run python script, so only use EEM + TCL on ASR9k. And in TCL script, I use two function: foreach and scan.

Follow CLI need config before do script, if you change any variable or script, you need re-config “event manager policy tac_te.tcl username cisco”:

aaa authorization eventmanager default local
event manager environment _cron_entry1 */5 * * * *
event manager directory user policy disk0:
event manager policy tac_te.tcl username cisco persist-time 3600 type user

完整阅读

ASR9k EEM+TCL General custom SNMP Trap

If customer want to focus a alarm on their NMS by SNMP Trap, they can config “snmp-server traps syslog”. But if customer no filter feature on NMS, they couldn’t find special alarm in all syslog, now we can use EEM + TCL to match customer requirement.

Follow TCL Script:

::cisco::eem::event_register_syslog pattern $_error_log occurs $_number period $_times maxrun 300
namespace import ::cisco::eem::*
namespace import ::cisco::lib::*

set alarm "***OOB_ERROR Happened!***"

sys_reqinfo_snmp_trapvar var temp oid 1.1.1.1.1.1.1.1 string $alarm
sys_reqinfo_snmp_trap enterprise_oid 1.3.6.1 generic_trapnum 6 specific_trapnum 2 trap_oid 1.1.1.1.1.1.1.1.1.1.1.1.1 trap_var temp

完整阅读

How to sniffer Dummy VLAN on L2VPN ?

什么是dummy vlan?

由于EVC平台在入端口可以通过rewrite命令剥离VLAN tag,这样导致在PW中没有任何tag,在Type 4时会有问题,两边VLAN的QOS无法传递给对端,所以就有了这个所谓的dummy vlan,它不是一个真正的VLAN,他只是传递一些QOS字段并且占一个位。那么dummy VLAN长什么样?其实大鹏之前的文章里已经详细介绍了EVC的各种行为,我这里只是介绍抓dummy VLAN的“心路历程”以及dummy VLAN的“样子”~

测试Topology:

起始测试环境为VPLS BGP auto discovery + LDP Sig,在76的入向抓包
dummy-vlan-topology

测试步骤

1. 默认Type 5,在CE1 ping 带cos 5,ASR9k-1在AC上不配置rewrite,透传的VLAN是否带着802.1p?根据抓包信息,正常带着802.1p,详细看“bgp-ldp-vlan-cos5.pcapng”;另外有个疑问,既然type 5支持VLAN透传,为什么还要Type 4?答案请看文章结束部分
完整阅读

blonde teen swallows load.xxx videos