This document describes the process to implement an Embedded Event Manager (EEM) script where a Multiprotocol Label Switching (MPLS) traffic engineering tunnel flaps randomly (and the network adminstrator or the TAC engineer wishes to gather specific information while the flap occurs).
The audience must be familar with basic MPLS and traffic engineering concepts and configuration.
This EEM script captures required logs and debug messages when there is a random MPLS traffic engineering tunnel flap. This script can be extended in accordance with the user's needs.
Cisco recommends that you have knowledge of these topics:
- MPLS traffic-engineering concepts and configurations.
This EEM script requires version EEM version 3.0 or later or some functionality might not work as intended.
The information in this document is based on Cisco 7600 Series Routers platform.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
This document can also be used with these hardware and software versions:
- Cisco 7600 Series Routers running Release 15.3(2.19)S0.6
Refer to Cisco Technical Tips Conventions for information on document conventions.
In a service provider environment that runs multiple MPLS traffic engineering tunnels, occasionally a tunnel flaps and restores itself. It might take the network administrator several minutes to determine why the tunnels flapped. The information gathered when the problem occurs is very critical to determine the root-cause of the issue. The EEM script gives an example script that can be used to capture the information to help identify the potential cause of the problem. This script does not require any manual intervention when the problem happens. It is completely automated and triggers only when the problem occurs (based on the console log messages that occur during the tunnel flap).
The EEM script functionality:
- When the EEM sees a tunnel up/down log message, it sets the debugs.
- Capture the show outputs of various commands for 'n' times, and allow the script to wait for 'm' minutes to collect more debug and netdr outputs. All the outputs are logged into a file on a disk with the filename TAC.txt.
- Undebug and stop netdr captures: shut the four Traffic Engineering (TE) tunnels (which are flapping) in the router, and remove the EEM script (since the script continues to run if there are multiple flaps seen).
- You must modify the interface names to your connected interface to peer. Modify the tunnel interface numbers, the IP address of tunnel destination in show ip routecommand, and other places as necessary.
- The netdr capture functionality is built into the 7600/6500 platform where it captures all the packets punted to the CPU. It might not be available in other platforms.
event manager applet TUNNEL_FLAP
event syslog pattern "LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel" maxrun 36000
action 1.0 cli command "enable"
action 1.1 cli command "access-list 199 permit ip host 10.1.0.2 host 10.1.0.5"
action 1.2 cli command "debug mpls traffic-eng tunnels state detail 199"
action 1.3 cli command "debug mpls traffic-eng tunnel error detail"
action 1.4 cli command "debug mpls traffic-eng tunnels fast-reroute detail 199"
action 1.5 cli command "debug mpls traffic-eng tunnels signalling detail 199"
action 1.6 cli command "debug ip rsvp signalling"
action 1.7 cli command "debug ip rsvp message"
action 1.8 cli command "debug netdr capture interface port-channel 52"
action 1.9 set loop1 "0"
action 2.0 while $loop1 le 1
action 2.1 cli command "show mpls traffic-eng tunnel tunnel 505 | append disk0:TAC.txt"
action 2.2 cli command "show mpls traffic-eng tunnel tunnel 506 | append disk0:TAC.txt"
action 2.3 cli command "show mpls traffic-eng tunnel tunnel 507 | append disk0:TAC.txt"
action 2.4 cli command "show mpls traffic-eng tunnel tunnel 508 | append disk0:TAC.txt"
action 2.5 cli command "show netdr capture | append disk0:TAC.txt"
action 2.6 cli command "show ip rsvp neighbor | append disk0:TAC.txt"
action 2.7 cli command "show ip rsvp counter summary | append disk0:TAC.txt"
action 2.8 cli command "show ip rsvp counter state teardown | append disk0:TAC.txt"
action 2.9 cli command "show proc cpu sorted | append disk0:TAC.txt"
action 3.0 cli command "show proc cpu history | append disk0:TAC.txt"
action 3.1 cli command "show ip route 10.1.0.5 | append disk0:TAC.txt"
action 3.2 cli command "show ip cef 10.1.0.5 | append disk0:TAC.txt"
action 3.3 cli command "show logging | append disk0:TAC.txt"
action 3.4 increment loop1
action 3.5 end
action 3.6 wait 60
action 3.7 cli command "undebug all"
action 3.8 cli command "no debug netdr capture interface port-channel 52"
action 3.9 cli command " configure terminal"
action 4.0 cli command " no access-list 199 permit ip host 10.1.0.2 host 10.1.0.5"
action 4.1 cli command " inter range tunnel 505 - 508"
action 4.2 cli command " shutdown"
action 4.3 cli command "debug netdr clear-capture"
action 4.4 cli command "no event manager applet TUNNEL_FLAP"