[j-nsp] srx event-options

Brian Johnson bjohnson at drtel.com
Mon Mar 18 09:28:12 EDT 2013 

Diogo,

I believe he is shutting down his external interface when a neighbor on the internal interface is down.

Alex: This script looks interesting and I'd like to see the final solution when you get it.

Thanks.

- Brian


> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-
> bounces at puck.nether.net] On Behalf Of Diogo Montagner
> Sent: Monday, March 18, 2013 7:25 AM
> To: Luca Salvatore
> Cc: juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] srx event-options
> 
> I think you need to review your logic. How do you expect the OSPF adjacency
> to come up if you have shutdown the interface ?
> 
> On Monday, 18 March 2013, Luca Salvatore wrote:
> 
> > I'm playing around with some event-options on a SRX.  I'm trying to make
> > the SRX shutdown an interface when a specific OSPF neighbour is detected
> as
> > down, then bring the interface back up once OSPF has re-established.
> >
> >
> > I have this:
> >
> > [edit event-options]
> > lsalvatore at FWL001# show
> > policy shutdown_internet_if_core_down {
> >     events rpd_ospf_nbrdown;
> >     attributes-match {
> >         rpd_ospf_nbrdown.neighbor-address matches 10.255.255.86;
> >     }
> >     then {
> >         execute-commands {
> >             commands {
> >                 "set interface ge-0/0/3 disable";
> >                 commit;
> >             }
> >         }
> >     }
> > }
> > policy bring_up_internet_when_core_is_back {
> >     events rpd_ospf_nbrup;
> >     attributes-match {
> >         rpd_ospf_nbrup.neighbor-address matches 10.255.255.86;
> >     }
> >     then {
> >         execute-commands {
> >             commands {
> >                 "delete interface ge-0/0/3 disable";
> >                 commit;
> >             }
> >         }
> >
> > Should this work?  I haven't been able to test it yet but it seems like it
> > may do what I need.
> > Luca
> >
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net <javascript:;>
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
> 
> 
> --
> ./diogo -montagner
> JNCIE-SP 0x41A
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list