[c-nsp] OSPF Dampening
Jeremiah Millay
jeremiah at rockriver.net
Fri Sep 29 11:33:52 EDT 2006
Much easier said than done! I've never used the embedded event manager
and it looks rather complex. I read this....
http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a008045578a.html#wp1082039
and it didn't provide me with the information I need to write something
like you are describing.
I would be basically grepping the syslog for a message like:
*Sep 28 17:05:55: %OSPF-5-ADJCHG: Process 1, Nbr X.X.X.X on
> FastEthernet0/0 from LOADING to FULL, Loading Done
and then apply an ACL to block ospf packets when this happens 4 times
within 5 minutes. Then I would have something that would take the ACL
off when the neighbor is pinging at 100% for 10 minutes.
If you could point me in the right direction to figure out how to write
this that would be great. The router is an 1841 running a 12.4 IOS which
supports this feature but writing a policy in EEM and tcl is way over my
head and honestly I think its one of the biggest kludges I've ever seen.
Haha. Honestly, do you have to now be an expert programmer just to get a
simple dampening mechanism in ospf to work?
Jeremiah
Rodney Dunn wrote:
> Oh I'm going to be saying this a lot. :)
>
>
> Look at EEM and write yourself a TCL policy that would monitor for
> flap rate of an OSPF message in the syslog and block that
> peer.
>
> ie: put an acl on the interface that blocks ospf packets coming
> in from it.
>
> Then start a script that pings the neighbor at a rate/time that you
> feel determines the neighbor is back stable and then have the script
> remove the ACL and let the neighbor come back up.
>
> And you can have the EEM policy email you all along the way telling
> you what it's doing. :)
>
>
> Rodney
>
>
>
More information about the cisco-nsp
mailing list