[c-nsp] Cisco - TCL script document
Tassos Chatzithomaoglou
achatz at forthnet.gr
Sat Sep 9 18:42:10 EDT 2006
Correct me if i'm wrong, but i think what Rodney gave as an example is using EEM and not tcl.
EEM applet policies are much simpler to configure, but you can also use tcl scripts for policies if
you want (which is where the hard work comes).
We're using EEM for many automation things and it's very good that cisco keeps on improving it.
Tassos
Peter Salanki wrote on 10/9/2006 1:00 πμ:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I killed a SRA box by entering tclsh and typing quit or something
> like that two months ago.
>
> 9 sep 2006 kl. 23.43 skrev Mike Butash:
>
>> Yeah, but we'd also had to explicitly removed globally tclsh access
>> via
>> aaa authorization as a frisky engineer tried using it for something
>> fairly simple and killed a core 6509 once. After reading a buglist on
>> tclsh, we decided to stick with expect via ssh remote. Maybe it's
>> gotten better over 6 months ago, but I'd be hard pressed to put
>> money on
>> it in a critical environment, or my job for that matter. :)
>>
>> -mb
>>
>>
>> Rodney Dunn wrote:
>>> I just filed a bug where some new buffer configuration commands were
>>> not parsing on reload because we coded it wrong.
>>>
>>> I was able to use an EEM applet as a simple workaround that looked
>>> like this:
>>>
>>> Symptom:
>>>
>>> When tuning particle clone, F/S, and header pools after these were
>>> made
>>> configurable
>>> via CSCuk47328 the commands may be lost on a reload.
>>>
>>> Conditions:
>>>
>>> If the device is reloaded the commands are not parsed on a reload
>>> and this results
>>> in the defaults being active. This may result in traffic loss if
>>> the increased
>>> buffers
>>> were needed to enable greater forwarding performance for the
>>> specific network
>>> design.
>>>
>>> Workaround:
>>>
>>> To workaround the problem an applet can be configured to enter the
>>> buffer
>>> values again after a reload. A sample applet would be:
>>>
>>> event manager applet add-buffer
>>> event syslog occurs 1 pattern ".*%SYS-5-RESTART: System restarted
>>> --.*"
>>> action 1.0 cli command "enable"
>>> action 2.0 cli command "configure terminal"
>>> action 3.0 cli command "buffers particle-clone 16384"
>>> action 4.0 cli command "buffers header 4096"
>>> action 5.0 cli command "buffers fastswitching 8192"
>>> action 6.0 syslog msg "Reinstated buffers command"
>>>
>>>
>>> So on reload it would enter the configuration commands back for me.
>>>
>>> Take that Mr. Bug. :)
>>>
>>> Rodney
>>>
>>> On Fri, Sep 08, 2006 at 01:28:08PM -0400, Ed Ravin wrote:
>>>> On Fri, Sep 08, 2006 at 08:49:29AM -0400, Rodney Dunn wrote:
>>>>> And it gets much more powerful when you evaluate it in conjunction
>>>>> with EEM.
>>>>>
>>>>> It's amazing the corner case workaround and detection scnearios
>>>>> I see it being used for nowadays.
>>>>>
>>>>> ie: when a link comes up trigger a script to wait X seconds and
>>>>> check
>>>>> to see if it's a Cisco IP phone, if it is apply a specific
>>>>> QOS policy.
>>>> Ooh, but I need examples... How about this one:
>>>>
>>>> I need a script to work around a nasty bug in IOS - the script
>>>> should
>>>> wake up every minute (I think that can be done with "kron"), test
>>>> something
>>>> (either object tracking, a couple of pings, or check the status of a
>>>> couple of interfaces, or maybe look for the presence of a couple of
>>>> routes), and execute an IOS command ("like clear interface
>>>> fastethernet0")
>>>> if the test result is negative.
>>>>
>>>> If someone familiar with TCL scripting on IOS could post a
>>>> skeleton to
>>>> get me started, I would be very grateful.
>>>>
>>>> -- Ed
>>> _______________________________________________
>>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> Med va"nliga ha"lsningar
>
> Peter Salanki
> Na"tansvarig
> Bahnhof AB (AS8473)
> www.bahnhof.se
> Kontor: +46855577132
> Mobil: +46709174932
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2.2 (Darwin)
>
> iD8DBQFFAzmCiQKhdiFGiogRAlAGAJ0WEAv7o9yTMTQnZOFCL8ZzSQFregCcDCt4
> NLp23oonEST/VpKe5UlsJ6I=
> =cTvJ
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list