Tag Archives: Cisco

Monitor changes in network configuration files.

Controlling your configuration files is a very important task nowadays, as many engineers are working on the environment and you must monitor what they are doing.

Sometimes, you need to revert to the previous configuration file before the last change. You need to maintain a backup of your network devices configuration files, also you need to be alerted whenever there is a change in configuration.

There are many software that can do that, but here I will show you how you let Cisco router sends you an email containing the configuration file, whenever there is a change in configuration file.

All you have to do is to save it in a secure location, so you can get back to it when you needed.

change

——————————————————————————–

event manager applet CONF_CHANGE
event syslog pattern “.*%SYS-5-CONFIG_I.*” 
action 1.0 cli command “enable”
action 2.0 cli command “terminal monitor”
action 3.0 syslog msg “New config file, maybe same as old one, please refer to NOC engineer”
action 4.0 cli command “terminal length 0”
action 5.0 cli command “show run”
action 6.0 mail server “mail.itexpert.com” from “Router11@itexpert.com” to “Network@itexpert.com” cc “Netmanager@itexpert.com” subject “New configuration file for below device” body “$_cli_result”

The tale of CISCO priority command

Sometimes, I am thinking that Cisco wants us to be confused. I don’t know why they use the priority command every time differently. Sometimes, they said higher priority is better, sometimes lower is better.

Frustrated

This is so confusing….

That is why I was thinking to create this table to make it easier for us to memorize, wish it could be helpful.

Technology

Preferred priority

Spanning tree protocol (STP)

Lower

LACP etherchannel

Lower

Open shortest path first (OSPF) DR/BDR election 

Higher

Protocol Independent Multicast(PIM) DR election

Higher

I wish Cisco will take a decision, higher or lower is better.

Monitor BGP peers using EEM

A well-known problem in monitoring is when you have a fiber link connected to a modem, this modem is connected to your router via Ethernet cable, you cannot monitor this fiber link.

Because you are monitoring the router using your great monitoring tool, not the modem.  Some modems doesn’t support SNMP or even you don’t have full administration of it. And if the fiber link is down, the router will not feel anything because the Ethernet link will be always up.

So one of the solutions of this problem – if you are using BGP on this link between you and your service provider– is to monitor the BGP peer. Knowing the fact that Cisco IOS generates a SYSLOG message when a BGP peer status is changed:

%BGP-5-ADJCHANGE: neighbor 1.1.1.1 Down BGP Notification sent

%BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up

You can use this event to let the router itself alerts you whenever there is a change in BGP peer status using an embedded feature in the IOS called EEM (embedded event manager).

Here are an example for the configuration you can use to let the router sends you an email whenever there is a change in BGP neighbor status:

Configure terminal

event manager applet BGP
event syslog pattern “.*%BGP-5-ADJCHANGE:.*” 
action 1.0 cli command “enable”
action 2.0 cli command “sh ip bgp nei | in BGP nei|BGP state|Desc”
action 3.0 mail server “mail.ITexpert.com” from “Router11@ITexpert.com” to “Network@ITexpert.com” subject “Router11 BGP peer status Modified” body “$_cli_result”

—————————————————

You will receive an e mail like this if the peer is down:

 

BGP neighbor is 1.1.1.1,  remote AS 65323, external link

Description: AT&T

BGP state = Closing

R11#

 

And like this when the peer is up again:

 

BGP neighbor is 1.1.1.1,  remote AS 65323, external link

Description: AT&T

BGP state = Established, up for 00:00:00