Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Example: Changing the Interface Configuration in Response to an Event

 

It might be necessary to modify the configuration in response to a particular event. Starting in Junos OS Release 12.1, you can configure an event policy to make and commit configuration changes when the event policy is triggered by one or more specific events.

This example uses a real-time performance monitoring (RPM) probe to generate PING_TEST_FAILED events for a given interface. Upon receipt of the first instance of three PING_TEST_FAILED events within a 60-second period from the configured RPM probe, the event policy executes a change configuration event policy action that modifies the configuration to administratively disable the specified interface. This type of action might be necessary if you have an unstable, flapping interface that is consistently affecting network performance.

Requirements

  • Routing, switching, or security device running Junos OS Release 12.1 or later.

Overview

This example creates an event policy named disable-interface-on-ping-failure. The event policy is configured so that the eventd process listens for PING_TEST_FAILED events generated by a specific RPM probe and associated with the ge-0/3/1 interface. If three PING_TEST_FAILED events occur for the given interface within a 60-second interval, the event policy executes a change configuration action. The event policy configuration commands administratively disable the interface.

To test the event policy, the example configures an RPM probe that pings the IP address associated with the ge-0/3/1 interface. In this example, the ge-0/3/1.0 interface is configured with the IPv4 address 10.1.4.1/26. By default, one probe is sent per test, and the example uses a 5-second pause between tests. After three successive probe losses, the RPM probe generates a PING_TEST_FAILED event. Because multiple RPM tests could be running simultaneously, the event policy matches the owner-name and test-name attributes of the received PING_TEST_FAILED events to the RPM probe owner name and test name. When the RPM probe generates three PING_TEST_FAILED events in a 60-second interval, it triggers the event policy, which disables the interface.

This event policy also demonstrates how to restrict the execution of the same configuration change multiple times because of occurrences of the same event or correlated events. In this example, the within 60 trigger on 3 statement specifies that the configuration change is only triggered on the third occurrence of a PING_TEST_FAILED event within a 60-second interval. The trigger until 4 statement specifies that subsequent occurrences of the PING_TEST_FAILED event should not cause the event policy to re-trigger.

Note

If you only configure the trigger on 3 condition, the commit operation might go into a loop. The combination of trigger on 3 and trigger until 4 prevents the event policy from repeatedly making the same configuration change.

Configuration

Configuring the RPM Probe

CLI Quick Configuration

To quickly configure this section of the example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

Step-by-Step Procedure

To configure the RPM probe, which creates the PING_TEST_FAILED events for this example:

  1. Create an RPM probe named ping-probe-test with owner icmp-ping-probe.
  2. Configure the RPM probe to send ICMP echo requests.

    Configure the RPM probe to send the ICMP echo requests to the ge-0/3/1 interface at IP address 10.1.4.1.

  3. Configure a 5-second pause between test windows.
  4. Configure the RPM probe threshold so that the PING_TEST_FAILED event is triggered after three successive probe losses.
  5. Configure a new log file at the [edit system syslog] hierarchy level to record syslog events of facility daemon and severity info.

    This captures the events sent during the probe tests.

  6. Commit the configuration.

Results

From configuration mode, confirm your configuration by entering the show services and show system syslog commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Configuring the Event Policy

CLI Quick Configuration

To quickly configure this section of the example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

Step-by-Step Procedure

  1. Create and name the event-policy.
  2. Configure the event policy to match on the PING_TEST_FAILED event.
  3. Configure the policy to trigger when three PING_TEST_FAILED events occur within 60 seconds.
  4. Configure the within 65 trigger until 4 statement to prevent the policy from re-triggering if more than three PING_TEST_FAILED events occur.
  5. Configure the attributes-match statement so that the event policy is only triggered by the PING_TEST_FAILED events generated by the associated RPM probe.
  6. Specify the configuration mode commands that are executed if the event policy is triggered.

    Configure each command on a single line, enclose the command string in quotes, and specify the complete statement path.

  7. Configure the log option with a comment describing the configuration changes.

    The comment is added to the commit logs after a successful commit operation is made through the associated event policy.

  8. (Optional) If you have dual Routing Engines, configure the synchronize option to commit the configuration on both Routing Engines. Include the force option to force the commit on the other Routing Engine, ignoring any warnings. This example does not configure the synchronize and force options.
  9. (Optional) Configure the username under whose privileges the configuration changes and commit are made.

    If you do not specify a username, the action is executed as user root.

  10. Review the output of the show interfaces ge-0/3/1 operational mode command before the configuration change takes place. Note

    The interface should be enabled.

  11. Commit the configuration.

Results

From configuration mode, confirm your configuration by entering the show event-options command. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

Verification

Confirm that the configuration is working properly.

Verifying the Events

Purpose

To manually test the event policy, take the ge-0/3/1 interface offline until three PING_TEST_FAILED events are generated.

Action

Review the configured syslog file. Verify that the RPM probe generates a PING_TEST_FAILED event after successive lost probes.

bsmith@R1> show log syslog-event-daemon-info

Verifying the Commit

Purpose

Verify that the event policy commit operation was successful by reviewing the commit log and the messages log file.

Action

Issue the show system commit operational mode command to view the commit log.

bsmith@R1> show system commit

Review the messages log file.

bsmith@R1> show log messages | last 20

Meaning

The output from the show system commit operational mode command and the messages log file verify that Junos OS executed the configured event policy action to modify and commit the configuration. The commit operation, which was made through the event policy under the privileges of the user bsmith at the given date and time, was successful. The show system commit output and messages log file reference the commit comment specified in the log statement at the [edit event-options policy disable-interface-on-ping-failure then change-configuration commit-options] hierarchy level.

Verifying the Configuration Changes

Purpose

Verify the configuration changes by reviewing the [edit interfaces ge-0/3/1] hierarchy level of the configuration.

Action

Meaning

The ge-0/3/1 configuration hierarchy was modified through the event policy to add the disable statement.

Verifying the Status of the Interface

Purpose

Review the output of the show interfaces ge-0/3/1 operational mode command after the configuration change takes place.

Action

Issue the show interfaces ge-0/3/1 operational mode command. After the event policy configuration change action disables the interface, the status changes from "Enabled" to "Administratively down".