ON THIS PAGE
Example: Changing the Interface Configuration in Response to an Event
It might be necessary to modify the configuration in response to a particular event. Starting in Junos OS Release 12.1, you can configure an event policy to make and commit configuration changes when the event policy is triggered by one or more specific events.
This example uses a real-time performance monitoring (RPM) probe to generate PING_TEST_FAILED events for a given interface. Upon receipt of the first instance of three PING_TEST_FAILED events within a 60-second period from the configured RPM probe, the event policy executes a change configuration event policy action that modifies the configuration to administratively disable the specified interface. This type of action might be necessary if you have an unstable, flapping interface that is consistently affecting network performance.
Requirements
Routing, switching, or security device running Junos OS Release 12.1 or later.
Overview
This example creates an event policy named disable-interface-on-ping-failure. The event policy is configured so that the eventd process listens for PING_TEST_FAILED events generated by a specific RPM probe and associated with the ge-0/3/1 interface. If three PING_TEST_FAILED events occur for the given interface within a 60-second interval, the event policy executes a change configuration action. The event policy configuration commands administratively disable the interface.
To test the event policy, the example configures an RPM probe
that pings the IP address associated with the ge-0/3/1 interface.
In this example, the ge-0/3/1.0 interface is configured with the IPv4
address 10.1.4.1/26. By default, one probe is sent per test, and the
example uses a 5-second pause between tests. After three successive
probe losses, the RPM probe generates a PING_TEST_FAILED event. Because
multiple RPM tests could be running simultaneously, the event policy
matches the owner-name and test-name attributes of the received PING_TEST_FAILED
events to the RPM probe owner name and test name. When the RPM probe
generates three PING_TEST_FAILED events in a 60-second interval, it
triggers the event policy, which disables the interface.
This event policy also demonstrates how to restrict the execution
of the same configuration change multiple times because of occurrences
of the same event or correlated events. In this example, the within 60 trigger on 3 statement specifies that the configuration
change is only triggered on the third occurrence of a PING_TEST_FAILED
event within a 60-second interval. The trigger until 4 statement
specifies that subsequent occurrences of the PING_TEST_FAILED event
should not cause the event policy to re-trigger.
If you only configure the trigger on 3 condition,
the commit operation might go into a loop. The combination of trigger on 3 and trigger until 4 prevents the event
policy from repeatedly making the same configuration change.
Configuration
Configuring the RPM Probe
CLI Quick Configuration
To quickly configure this section of the example, copy
the following commands, paste them into a text file, remove any line
breaks, change any details necessary to match your network configuration,
copy and paste the commands into the CLI at the [edit] hierarchy
level, and then enter commit from configuration mode.
set services rpm probe icmp-ping-probe test ping-probe-test probe-type icmp-ping set services rpm probe icmp-ping-probe test ping-probe-test target address 10.1.4.1 set services rpm probe icmp-ping-probe test ping-probe-test test-interval 5 set services rpm probe icmp-ping-probe test ping-probe-test thresholds successive-loss 3 set system syslog file syslog-event-daemon-info daemon info
Step-by-Step Procedure
To configure the RPM probe, which creates the PING_TEST_FAILED events for this example:
Create an RPM probe named ping-probe-test with owner icmp-ping-probe.
[edit services rpm] bsmith@R1# set probe icmp-ping-probe test ping-probe-test
Configure the RPM probe to send ICMP echo requests.
[edit services rpm probe icmp-ping-probe test ping-probe-test] bsmith@R1# set probe-type icmp-ping
Configure the RPM probe to send the ICMP echo requests to the ge-0/3/1 interface at IP address 10.1.4.1.
[edit services rpm probe icmp-ping-probe test ping-probe-test] bsmith@R1# set target address 10.1.4.1
Configure a 5-second pause between test windows.
[edit services rpm probe icmp-ping-probe test ping-probe-test] bsmith@R1# set test-interval 5
Configure the RPM probe threshold so that the PING_TEST_FAILED event is triggered after three successive probe losses.
[edit services rpm probe icmp-ping-probe test ping-probe-test] bsmith@R1# set thresholds successive-loss 3
Configure a new log file at the
[edit system syslog]hierarchy level to record syslog events of facilitydaemonand severityinfo.This captures the events sent during the probe tests.
[edit system syslog] bsmith@R1# set file syslog-event-daemon-info daemon info
Commit the configuration.
bsmith@R1# commit
Results
From configuration mode, confirm your configuration
by entering the show services and show system syslog commands. If the output does not display the intended configuration,
repeat the instructions in this example to correct the configuration.
[edit]
services {
rpm {
probe icmp-ping-probe {
test ping-probe-test {
probe-type icmp-ping;
target address 10.1.4.1;
test-interval 5;
thresholds {
successive-loss 3;
}
}
}
}
}
system {
syslog {
file syslog-event-daemon-info {
daemon info;
}
}
}
Configuring the Event Policy
CLI Quick Configuration
To quickly configure this section of the example, copy
the following commands, paste them into a text file, remove any line
breaks, change any details necessary to match your network configuration,
copy and paste the commands into the CLI at the [edit] hierarchy
level, and then enter commit from configuration mode.
set event-options policy disable-on-ping-failure events ping_test_failed set event-options policy disable-on-ping-failure within 60 trigger on set event-options policy disable-on-ping-failure within 60 trigger 3 set event-options policy disable-on-ping-failure within 65 trigger until set event-options policy disable-on-ping-failure within 65 trigger 4 set event-options policy disable-on-ping-failure attributes-match ping_test_failed.test-owner matches icmp-ping-probe set event-options policy disable-on-ping-failure attributes-match ping_test_failed.test-name matches ping-probe-test set event-options policy disable-on-ping-failure then change-configuration commands "set interfaces ge-0/3/1 disable" set event-options policy disable-on-ping-failure then change-configuration user-name bsmith set event-options policy disable-on-ping-failure then change-configuration commit-options log "updating configuration from event policy disable-on-ping-failure"
Step-by-Step Procedure
Create and name the event-policy.
[edit] bsmith@R1# edit event-options policy disable-interface-on-ping-failure
Configure the event policy to match on the PING_TEST_FAILED event.
[edit event-options policy disable-interface-on-ping-failure] bsmith@R1# set events ping_test_failed
Configure the policy to trigger when three PING_TEST_FAILED events occur within 60 seconds.
[edit event-options policy disable-interface-on-ping-failure] bsmith@R1# set within 60 trigger on 3
Configure the
within 65 trigger until 4statement to prevent the policy from re-triggering if more than three PING_TEST_FAILED events occur.[edit event-options policy disable-interface-on-ping-failure] bsmith@R1# set within 65 trigger until 4
Configure the
attributes-matchstatement so that the event policy is only triggered by the PING_TEST_FAILED events generated by the associated RPM probe.[edit event-options policy disable-interface-on-ping-failure] bsmith@R1# set attributes-match ping_test_failed.test-owner matches icmp-ping-probe bsmith@R1# set attributes-match ping_test_failed.test-name matches ping-probe-test
Specify the configuration mode commands that are executed if the event policy is triggered.
Configure each command on a single line, enclose the command string in quotes, and specify the complete statement path.
[edit event-options policy disable-interface-on-ping-failure then change-configuration] bsmith@R1# set commands "set interfaces ge-0/3/1 disable"
Configure the
logoption with a comment describing the configuration changes.The comment is added to the commit logs after a successful commit operation is made through the associated event policy.
[edit event-options policy disable-interface-on-ping-failure then change-configuration] bsmith@R1# set commit-options log "updating configuration from event policy disable-interface-on-ping-failure"
(Optional) If you have dual Routing Engines, configure the
synchronizeoption to commit the configuration on both Routing Engines. Include theforceoption to force the commit on the other Routing Engine, ignoring any warnings. This example does not configure thesynchronizeandforceoptions.(Optional) Configure the username under whose privileges the configuration changes and commit are made.
If you do not specify a username, the action is executed as user
root.[edit event-options policy disable-interface-on-ping-failure then change-configuration] bsmith@R1# set user-name bsmith
Review the output of the
show interfaces ge-0/3/1operational mode command before the configuration change takes place.Note:The interface should be enabled.
bsmith@R1> show interfaces ge-0/3/1 Physical interface: ge-0/3/1, Enabled, Physical link is Up Interface index: 142, SNMP ifIndex: 531 ...
Commit the configuration.
bsmith@R1# commit
Results
From configuration mode, confirm your configuration
by entering the show event-options command. If the output
does not display the intended configuration, repeat the instructions
in this example to correct the configuration.
[edit event-options]
policy disable-interface-on-ping-failure {
events ping_test_failed;
within 60 {
trigger on 3;
}
within 65 {
trigger until 4;
}
attributes-match {
ping_test_failed.test-owner matches icmp-ping-probe;
ping_test_failed.test-name matches ping-probe-test;
}
then {
change-configuration {
commands {
"set interfaces ge-0/3/1 disable";
}
user-name bsmith;
commit-options {
log "updating configuration from event policy disable-interface-on-ping-failure";
}
}
}
}
Verification
Confirm that the configuration is working properly.
- Verifying the Events
- Verifying the Commit
- Verifying the Configuration Changes
- Verifying the Status of the Interface
Verifying the Events
Purpose
To manually test the event policy, take the ge-0/3/1 interface offline until three PING_TEST_FAILED events are generated.
Action
Review the configured syslog file. Verify that the RPM probe generates a PING_TEST_FAILED event after successive lost probes.
bsmith@R1> show log syslog-event-daemon-info Oct 7 15:48:54 R1 rmopd[1345]: PING_TEST_COMPLETED: pingCtlOwnerIndex = icmp-ping-probe, pingCtlTestName = ping-probe-test Oct 7 15:49:54 R1 rmopd[1345]: PING_TEST_COMPLETED: pingCtlOwnerIndex = icmp-ping-probe, pingCtlTestName = ping-probe-test ... Oct 7 15:52:54 R1 rmopd[1345]: RMOPD_ICMP_SENDMSG_FAILURE: sendmsg(ICMP): No route to host Oct 7 15:52:54 R1 rmopd[1345]: PING_PROBE_FAILED: pingCtlOwnerIndex = icmp-ping-probe, pingCtlTestName = ping-probe-test Oct 7 15:52:54 R1 rmopd[1345]: PING_TEST_FAILED: pingCtlOwnerIndex = icmp-ping-probe, pingCtlTestName = ping-probe-test Oct 7 15:52:57 R1 rmopd[1345]: PING_TEST_FAILED: pingCtlOwnerIndex = icmp-ping-probe, pingCtlTestName = ping-probe-test Oct 7 15:53:00 R1 rmopd[1345]: PING_TEST_FAILED: pingCtlOwnerIndex = icmp-ping-probe, pingCtlTestName = ping-probe-test
Verifying the Commit
Purpose
Verify that the event policy commit operation was successful by reviewing the commit log and the messages log file.
Action
Issue the show system commit operational
mode command to view the commit log.
bsmith@R1> show system commit
0 2011-10-07 15:53:00 PDT by bsmith via junoscript
updating configuration from event policy disable-interface-on-ping-failure
1 2011-09-02 14:16:44 PDT by admin via netconf
2 2011-07-08 14:33:46 PDT by root via other
Review the messages log file.
bsmith@R1> show log messages | last 20 Oct 7 15:52:54 R1 rmopd[1345]: RMOPD_ICMP_SENDMSG_FAILURE: sendmsg(ICMP): No route to host Oct 7 15:53:00 R1 file[9972]: UI_COMMIT: User 'bsmith' requested 'commit' operation (comment: updating configuration from event policy disable-interface-on-ping-failure) Oct 7 15:53:02 R1 eventd: EVENTD_CONFIG_CHANGE_SUCCESS: Configuration change successful: while executing policy disable-interface-on-ping-failure with user bsmith privileges
Meaning
The output from the show system commit operational
mode command and the messages log
file verify that Junos OS executed the configured event policy action
to modify and commit the configuration. The commit operation, which
was made through the event policy under the privileges of the user
bsmith at the given date and time, was successful. The show system
commit output and messages log
file reference the commit comment specified in the log statement
at the [edit event-options policy disable-interface-on-ping-failure then change-configuration
commit-options] hierarchy level.
Verifying the Configuration Changes
Purpose
Verify the configuration changes by reviewing the [edit interfaces ge-0/3/1] hierarchy level of the configuration.
Action
bsmith@R1> show configuration interfaces ge-0/3/1
disable;
unit 0 {
family inet {
address 10.1.4.1/26;
}
}
Meaning
The ge-0/3/1 configuration hierarchy was modified through
the event policy to add the disable statement.
Verifying the Status of the Interface
Purpose
Review the output of the show interfaces ge-0/3/1 operational mode command after the configuration change takes place.
Action
Issue the show interfaces ge-0/3/1 operational
mode command. After the event policy configuration change action disables
the interface, the status changes from "Enabled" to "Administratively
down".
bsmith@R1> show interfaces ge-0/3/1 Physical interface: ge-0/3/1, Administratively down, Physical link is Down Interface index: 142, SNMP ifIndex: 531