思科路由交換自動化運維（1）--SLA+EEM自動化管理默認路由

0.實驗概述

本實驗使用GNS3模擬器，版本V2.1.16。

路由器使用IOS版本Version 15.2(4)M7。

實驗拓撲如下：

實驗拓撲介紹：

R6模擬用戶設備，R7、R8模擬用戶邊界網絡設備，R9模擬ISP設備。R7、R8、R9配置OSPF協議，R6配置靜態路由協議。

實驗目的：

0.1 測試SLA+track維護雙路由

R6上配置2條默認路由，配置不同AD值。當R9路由器g3/0端口down，使用SL+track使R6上AD=50路由不可用，自動切換到備份路由。

0.2 測試SLA+EEM管理備份浮動路由

R6和R9的fa0/0直連。2條默認路由狀態正常時，R6的fa0/0 shutdown；默認路由異常時，R6的fa0/0 up，R6自動添加1條從fa0/0到R9的輔路默認路由。

1.協議介紹

SLA：Service-Level Agreement的縮寫，意思是服務等級協議。本實驗利用SLA協議跟蹤R9的g3/0和g4/0端口。

EEM：Embedded Event Manager (EEM) 嵌入式事件管理器，能夠實現進程級的自動策略控制。本實驗利用EEM管理器實現自動添加、刪除浮動靜態路由條目。

2.路由器基本配置

R6配置靜態路由：

ip route 0.0.0.0 0.0.0.0 67.1.1.7 50 #添加AD值50的默認路由，跟蹤track-1，值爲1則生效，否則失效

ip route 0.0.0.0 0.0.0.0 68.1.1.8 100

ip route 79.1.1.0 255.255.255.0 67.1.1.7

ip route 89.1.1.0 255.255.255.0 68.1.1.8

R7配置OSPF路由協議：

R7(config)#do sh run | sec ospf

router ospf 1

router-id 7.7.7.7

network 7.7.7.7 0.0.0.0 area 0

network 67.1.1.7 0.0.0.0 area 0

network 79.1.1.7 0.0.0.0 area 0

R8配置OSPF路由協議：

router ospf 1

network 0.0.0.0 255.255.255.255 area 0

R9配置OSPF路由協議：

R9(config)#do sh run | sec ospf

router ospf 1

network 0.0.0.0 255.255.255.255 area 0

檢查及測試：

R6#sh ip route

S* 0.0.0.0/0 [50/0] via 67.1.1.7

6.0.0.0/32 is subnetted, 1 subnets

C 6.6.6.6 is directly connected, Loopback0

67.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C 67.1.1.0/24 is directly connected, Serial1/0

L 67.1.1.6/32 is directly connected, Serial1/0

68.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C 68.1.1.0/24 is directly connected, Serial1/1

L 68.1.1.6/32 is directly connected, Serial1/1

79.0.0.0/24 is subnetted, 1 subnets

S 79.1.1.0 [1/0] via 67.1.1.7

89.0.0.0/24 is subnetted, 1 subnets

S 89.1.1.0 [1/0] via 68.1.1.8

R6#traceroute 9.9.9.9

1 67.1.1.7 20 msec 32 msec 20 msec

2 79.1.1.9 56 msec 60 msec 60 msec

3.測試SLA+track維護雙路由

R9路由器shutdown端口g3/0，R6上AD值50的路由已經不通，但仍在路由表：

R9(config-if)#int gi 3/0

R9(config-if)#shu

R6(config)#do sh ip route

S* 0.0.0.0/0 [50/0] via 67.1.1.7

6.0.0.0/32 is subnetted, 1 subnets

R6(config)#do ping 9.9.9.9

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 9.9.9.9, timeout is 2 seconds:

UUUUU

Success rate is 0 percent (0/5)

R6配置SLA+track：

R6(config)#do sh run | sec sla

ip sla auto discovery #啓用sla自動發現功能

ip sla 67 #配置sla實例67

icmp-echo 79.1.1.9 source-interface Serial1/0 #指定協議icmp-echo，指定目的地址，指定ping的源端口

frequency 10 #指定ping測試周期

ip sla schedule 67 life forever start-time now #指定sla-67永久有效，立即生效

ip sla 68

icmp-echo 89.1.1.9 source-interface Serial1/1

frequency 10

ip sla schedule 68 life forever start-time now

track 1 ip sla 67 reachability #track1跟蹤sla-67，若ping通則返回1，否則返回0

track 2 ip sla 68 reachability

R6修改靜態路由：

no ip route 0.0.0.0 0.0.0.0 67.1.1.7 50

no ip route 0.0.0.0 0.0.0.0 68.1.1.8 100

ip route 0.0.0.0 0.0.0.0 67.1.1.7 50 track 1 #添加AD值50的默認路由，跟蹤track-1，值爲1則生效，否則失效

ip route 0.0.0.0 0.0.0.0 68.1.1.8 100 track 2

再次驗證：

R9(config)#int gi3/0

R9(config-if)#shu

R6(config)#

*Jun 19 18:52:19.919: %TRACKING-5-STATE: 1 ip sla 67 reachability Up->Down

R6(config)#do sh ip route

S* 0.0.0.0/0 [100/0] via 68.1.1.8

6.0.0.0/32 is subnetted, 1 subnets

R6(config)# do trac 9.9.9.9

1 68.1.1.8 44 msec 32 msec 28 msec

2 89.1.1.9 64 msec 60 msec 56 msec

可以看出，R6去往R9的路由已經從R6R7R9切換到R6R8R9，實驗目的得到驗證。

4. 測試SLA+EEM管理備份浮動路由

4.1 針對2條默認路由分別配置：單獨的track狀態觸發EEM執行自動添加/刪除操作

針對主路由，主路由down後添加輔路由:

event manager applet route3

event track 1 state down#跟蹤的track 1 down

action 1.0 cli command "enable"

action 2.0 cli command "conf t"

action 3.0 cli command "int fa0/0" #啓用端口fa0/0

action 4.0 cli command "no shu"

action 5.0 cli command "ip route 0.0.0.0 0.0.0.0 69.1.1.9 200" #添加輔路默認路由

action 5.5 syslog msg "------Main ROUTE fail down,auxiliary route up-----" #自定義日誌

action 6.0 cli command "do wr"

主路由up後，刪除輔路由:

event manager applet no-route3

event track 1 state up

action 1.0 cli command "ena"

action 2.0 cli command "conf t"

action 3.0 cli command "int fa0/0"

action 4.0 cli command "shut"

action 5.0 cli command "no ip route 0.0.0.0 0.0.0.0 69.1.1.9 200"

action 6.0 syslog msg "------------Main route up,auxiliary route deleted---------"

action 7.0 cli command "do wr"

針對備路由，備路由down後添加輔路由：

event manager applet back3

event track 2 state down

action 1.0 cli command "enable"

action 2.0 cli command "conf t"

action 3.0 cli command "int fa0/0"

action 4.0 cli command "no shu"

action 5.0 cli command "ip route 0.0.0.0 0.0.0.0 69.1.1.9 200"

action 5.5 syslog msg "----------------Back ROUTE fail down,auxiliary route up---------------"

action 6.0 cli command "do wr"

備路由恢復後，刪除輔路由:

event manager applet no-back3

event track 2 state up

action 1.0 cli command "ena"

action 2.0 cli command "conf t"

action 3.0 cli command "int fa0/0"

action 4.0 cli command "shut"

action 5.0 cli command "no ip route 0.0.0.0 0.0.0.0 69.1.1.9 200"

action 6.0 syslog msg "---------Back route up,auxiliary route deleted---------"

action 7.0 cli command "do wr"

缺陷：如果R9兩個端口都down，然後up恢復了一個，則R6會shutdown Fa0/0並刪除第3路默認路由，路由表只有1條默認路由，不符合路由備份原則。

單獨配置方法，網上有很多相關資料，有興趣的朋友請自行驗證

4.2 針對2條默認路由綜合配置，同時檢測兩個track狀態：有1個track down即觸發EEM添加輔路由，兩個track都up，才觸發EEM刪除輔路由。

自動添加輔路由配置:

event manager applet route3

event tag 1.0 track 1 state down #定於tag 1.0檢測track 1狀態

event tag 2.0 track 2 state down

trigger occurs 1 #設置觸發條件

correlate event 1.0 or event 2.0 #邏輯“或”關聯track狀態

attribute tag 1.0 occurs 1

attribute tag 2.0 occurs 1

action 1.0 cli command "ena"/

action 2.0 cli command "conf t"

action 3.0 cli command "int fa0/0"

action 4.0 cli command "no shu"

action 5.0 cli command " ip route 0.0.0.0 0.0.0.0 69.1.1.9 200"

action 5.5 syslog msg "--------Main or Back route is down,auxiliary route added-------"

ction 6.0 cli command "do wr"

自動刪除輔路由配置；

event manager applet no3

event tag 1.0 track 1 state up

event tag 2.0 track 2 state up

trigger occurs 1

correlate event 1.0 and event 2.0#邏輯“與”關聯track狀態

attribute tag 1.0 occurs 1

attribute tag 2.0 occurs 1

action 1.0 cli command "ena"/

action 2.0 cli command "conf t"

action 3.0 cli command "int fa0/0"

action 4.0 cli command "shu"

action 5.0 cli command "no ip route 0.0.0.0 0.0.0.0 69.1.1.9 200"

action 5.5 syslog msg "--------Main and Back route are up,auxiliary route deleted-------"

action 6.0 cli command "do wr"

4.3 驗證綜合配置方法實現浮動路由管理

R9端口正常時，R6有2條手動添加的默認路由：

R9(config)#do sh ip int b | ex una

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 69.1.1.9 YES NVRAM up up

GigabitEthernet3/0 79.1.1.9 YES NVRAM up up

GigabitEthernet4/0 89.1.1.9 YES NVRAM up up

R6(config)#do sh run | s ip route

ip route 0.0.0.0 0.0.0.0 67.1.1.7 50 track 1#啓用

ip route 0.0.0.0 0.0.0.0 68.1.1.8 100 track 2#有效

ip route 79.1.1.0 255.255.255.0 67.1.1.7 #R6沒有AD值200的默認路由

R6(config)#do sh ip route

S* 0.0.0.0/0 [50/0] via 67.1.1.7********

6.0.0.0/32 is subnetted, 1 subnets

shutdown R9的g3/0，R6自動添加1條默認路由：

R9(config)#int gi 3/0

R9(config-if)#shu

R6(config)#

*Jun 19 20:08:45.619: %TRACKING-5-STATE: 1 ip sla 67 reachability Up->Down

*Jun 19 20:08:45.939: %HA_EM-6-LOG: route3: ------------Main or Back route is down,auxiliary route added---------

*Jun 19 20:08:47.763: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up

*Jun 19 20:08:48.763: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

R6(config)#do sh run | s ip route

ip route 0.0.0.0 0.0.0.0 67.1.1.7 50 track 1 #該路由已失效

ip route 0.0.0.0 0.0.0.0 68.1.1.8 100 track 2

ip route 0.0.0.0 0.0.0.0 69.1.1.9 200 #自動添加默認路由

R6(config)#do sh ip route

S* 0.0.0.0/0 [100/0] via 68.1.1.8 #AD值100的路由啓用

6.0.0.0/32 is subnetted, 1 subnets

shutdown R9的g4/0，R6路由表使用AD值200的路由：

R9(config-if)#int gi 4/0

R9(config-if)#shu

R6(config)#

*Jun 19 20:11:55.631: %TRACKING-5-STATE: 2 ip sla 68 reachability Up->Down

*Jun 19 20:11:55.867: %HA_EM-6-LOG: route3: ------------Main or Back route is down,auxiliary route added---------

R6(config)#do sh run | s ip route

ip route 0.0.0.0 0.0.0.0 67.1.1.7 50 track 1 #失效

ip route 0.0.0.0 0.0.0.0 68.1.1.8 100 track 2 #失效

ip route 0.0.0.0 0.0.0.0 69.1.1.9 200#啓用

R6(config)#do sh ip route

S* 0.0.0.0/0 [200/0] via 69.1.1.9 ********

6.0.0.0/32 is subnetted, 1 subnets

no shutdown R9的g4/0，R6路由啓用AD值100的路由：

R9(config-if)#int gi 4/0

R9(config-if)#no sh

R6(config)#

*Jun 19 20:13:30.639: %TRACKING-5-STATE: 2 ip sla 68 reachability Down->Up

R6(config)#do sh run | s ip route

ip route 0.0.0.0 0.0.0.0 67.1.1.7 50 track 1 #失效

ip route 0.0.0.0 0.0.0.0 68.1.1.8 100 track 2 #啓用

ip route 0.0.0.0 0.0.0.0 69.1.1.9 200#有效

R6(config)#do sh ip route

S* 0.0.0.0/0 [100/0] via 68.1.1.8 ********

6.0.0.0/32 is subnetted, 1 subnets

no shutdown R9的g3/0，R6路由啓用AD值50的路由：

R9(config-if)#int gi 3/0

R9(config-if)#no sh

R6(config)#

*Jun 19 20:17:40.643: %TRACKING-5-STATE: 1 ip sla 67 reachability Down->Up

*Jun 19 20:17:40.983: %HA_EM-6-LOG: no3: --------Main and Back route are up,auxiliary route deleted-------

*Jun 19 20:17:42.759: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down

*Jun 19 20:17:43.759: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down

R6(config)#do sh run | s ip route

ip route 0.0.0.0 0.0.0.0 67.1.1.7 50 track 1 #啓用

ip route 0.0.0.0 0.0.0.0 68.1.1.8 100 track 2#有效

ip route 79.1.1.0 255.255.255.0 67.1.1.7#自動刪除輔路由

R6(config)#do sh ip route

S* 0.0.0.0/0 [50/0] via 67.1.1.7

6.0.0.0/32 is subnetted, 1 subnets ********

4.4 總結

網絡資料多見針對單獨默認路由的EEM配置，個人做了綜合性的優化配置並驗證成功。該驗證只針對本實驗環境，歡迎各位朋友用其他環境進行驗證，如有謬誤，歡迎留言指正！！！

思科路由交換自動化運維（1）--SLA+EEM自動化管理默認路由

開源高性能結構化日誌模塊NanoLog

【簡寫Mybatis-02】註冊機的實現以及SqlSession處理

手繪二維碼

.NET藉助虛擬網卡實現一個簡單異地組網工具

思科路由交換自動化運維（1）--SLA+EEM自動化管理默認路由

Mac下配置sublime實現LaTeX

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結

思科 路由交換 自動化運維（1）--SLA+EEM自動化管理默認路由

思科路由交換自動化運維（1）--SLA+EEM自動化管理默認路由