Monday, July 1, 2019

Cisco IP SLA with EEM Email Alerts on NX-OS

IP SLAs on Cisco routers can be used for a lot of reasons. I like to use them for dual ISP configurations, together with tracking objects and an EEM script to send email alerts whenever a failover has occurred. When I tried to carry over my basic config to NX-OS, I ran into a few issues, main one being that NX-OS does not support EEM "mail server". After a bit of research I discovered that you will need call a Python script to handle the email portion.

For this example, I'm going to be using the EEM script to remove some static routes on a Nexus 7k and 9k as part of a site-to-site failover mechanism between an VPN tunnel and a MPLS link that connect the two together. The static routes override the dynamically learned routes to DC2 over the MPLS by pointing traffic to the 

1.  Enables the IP SLAs operation feature

    feature sla sender

2.  Create two IP SLAs, I'll be using two internal IPs for testing

    ip sla 10
     icmp-echo 192.168.20.1 source-ip 192.168.10.1
     frequency 10
    ip sla schedule 10 life forever start-time now
    !
    ip sla 20
     icmp-echo 192.168.21.1 source-ip 192.168.10.1
     frequency 10
    ip sla schedule 20 life forever start-time now

3. Since I want the IP SLAs to test connectivity between the two locations using the VPN tunnel as the primary link, I'll create a static route pointing them to the VPN link

    ip route 192.168.20.1 255.255.255.255 192.168.10.254 permanent name SLA_Tracking
    ip route 192.168.21.1 255.255.255.255 192.168.10.254 permanent name SLA_Tracking

4. Now that our IP SLAs are testing our connection, lets setup some tracking objects to track the status of the IP SLAs. These two tracking objects will track their respective IP SLA and transition to a down state after the IP SLA has failed for over 30 seconds. This will help prevent route flapping and general network chaos.

    track 1 ip sla 10 reachability
     delay down 30
    !
    track 2 ip sla 20 reachability
     delay down 30

5. To ensure that the VPN link has truly failed, I bundled the two individual tracking objects into one overall tracking object. This tracking object will only transition to a down state if BOTH tracking objects fail. This is handled by a Boolean OR and prevents primary/backup ISP failover if just one IP SLA is failing.

    track 10 list boolean or
     object 1
     object 2

6. Setup an EEM script that sends an email whenever Track 10 changes its state UP or DOWN

    -Nexus 7k-
    event manager applet TRACK_SLA_10_DOWN
     event track 10 state down
      action 1 event-default
      action 2 cli command source N7K_EEM_TRACK_SLA_10_DOWN.py
    !
    event manager applet TRACK_SLA_10_UP
     event track 10 state up
      action 1 event-default
      action 2 cli command source N7K_EEM_TRACK_SLA_10_UP.py


    -Nexus 9k-
    event manager applet TRACK_SLA_10_DOWN
     event track 10 state down
      action 1 event-default
      action 2 cli command source N9K_EEM_TRACK_SLA_10_DOWN.py
    !
    event manager applet TRACK_SLA_10_UP
     event track 10 state up
      action 1 event-default
      action 2 cli command source N9K_EEM_TRACK_SLA_10_UP.py


7. Create the following Python (.py) files and upload them to the switch's bootflash:, the customizable parts are in italics

    -N7K_EEM_TRACK_SLA_10_DOWN.py-
    #!/bin/env python
    import smtplib
    import cisco
    from email.mime.multipart import MIMEMultipart
    from email.mime.text import MIMEText
    # set_vrf('default')
    # me == my email address
    # you == recipient's email address
    me = "eem-alerts@company.com"
    you = "noc@company.com"
    # Create message container - the correct MIME type is multipart/alternative.
    msg = MIMEMultipart('alternative')
    msg['Subject'] = "DC Interconnect Switching to MPLS"
    msg['From'] = me
    msg['To'] = you
    # Create the body of the message (a plain-text and an HTML version).
    hostname = cli('show hostname').rstrip()
    track = cli('show track brief')
    text = hostname + " IP SLA Tracking Object 10 is DOWN, switching to MPLS for DC Interconnectivity.\n\n" + track
    # Record the MIME types of both parts - text/plain and text/html.
    part1 = MIMEText(text, 'plain')
    # Attach parts into message container.
    # According to RFC 2046, the last part of a multipart message, in this case
    # the HTML message, is best and preferred.
    msg.attach(part1)
    # Send the message via local SMTP server.
    s = smtplib.SMTP('192.168.10.125', 25)
    # sendmail function takes 3 arguments: sender's address, recipient's address
    # and message to send - here it is sent as one string.
    s.sendmail(me, you, msg.as_string())
    s.quit()

    -N7K_EEM_TRACK_SLA_10_UP.py-
    #!/bin/env python
    import smtplib
    import cisco
    from email.mime.multipart import MIMEMultipart
    from email.mime.text import MIMEText
    # set_vrf('default')
    # me == my email address
    # you == recipient's email address
    me = "eem-alerts@company.com"
    you = "noc@company.com"
    # Create message container - the correct MIME type is multipart/alternative.
    msg = MIMEMultipart('alternative')
    msg['Subject'] = "DC Interconnect Switching to VPN"
    msg['From'] = me
    msg['To'] = you
    # Create the body of the message (a plain-text and an HTML version).
    hostname = cli('show hostname').rstrip()
    track = cli('show track brief')
    text = hostname + " IP SLA Tracking Object 10 is UP, switching to VPN for DC Interconnectivity.\n\n" + track
    # Record the MIME types of both parts - text/plain and text/html.
    part1 = MIMEText(text, 'plain')
    # Attach parts into message container.
    # According to RFC 2046, the last part of a multipart message, in this case
    # the HTML message, is best and preferred.
    msg.attach(part1)
    # Send the message via local SMTP server.
    s = smtplib.SMTP('192.168.10.125', 25)
    # sendmail function takes 3 arguments: sender's address, recipient's address
    # and message to send - here it is sent as one string.
    s.sendmail(me, you, msg.as_string())
    s.quit()

    -N9K_EEM_TRACK_SLA_10_DOWN.py-
    #!/bin/env python
    import smtplib
    import cisco
    from cli import cli
    from email.mime.multipart import MIMEMultipart
    from email.mime.text import MIMEText
    # set_vrf('default')
    # me == my email address
    # you == recipient's email address
    me = "eem-alerts@company.com"
    you = "noc@company.com"
    # Create message container - the correct MIME type is multipart/alternative.
    msg = MIMEMultipart('alternative')
    msg['Subject'] = "DC Interconnect Switching to MPLS"
    msg['From'] = me
    msg['To'] = you
    # Create the body of the message (a plain-text and an HTML version).
    hostname = cli('show hostname').rstrip()
    track = cli('show track brief')
    text = hostname + " IP SLA Tracking Object 10 is DOWN, switching to MPLS for DC Interconnectivity.\n\n" + track
    # Record the MIME types of both parts - text/plain and text/html.
    part1 = MIMEText(text, 'plain')
    # Attach parts into message container.
    # According to RFC 2046, the last part of a multipart message, in this case
    # the HTML message, is best and preferred.
    msg.attach(part1)
    # Send the message via local SMTP server.
    s = smtplib.SMTP('192.168.10.125', 25)
    # sendmail function takes 3 arguments: sender's address, recipient's address
    # and message to send - here it is sent as one string.
    s.sendmail(me, you, msg.as_string())
    s.quit()

    -N9K_EEM_TRACK_SLA_10_UP.py-
    #!/bin/env python
    import smtplib
    import cisco
    from cli import cli
    from email.mime.multipart import MIMEMultipart
    from email.mime.text import MIMEText
    # set_vrf('default')
    # me == my email address
    # you == recipient's email address
    me = "eem-alerts@company.com"
    you = "noc@company.com"
    # Create message container - the correct MIME type is multipart/alternative.
    msg = MIMEMultipart('alternative')
    msg['Subject'] = "DC Interconnect Switching to VPN"
    msg['From'] = me
    msg['To'] = you
    # Create the body of the message (a plain-text and an HTML version).
    hostname = cli('show hostname').rstrip()
    track = cli('show track brief')
    text = hostname + " IP SLA Tracking Object 10 is UP, switching to VPN for DC Interconnectivity.\n\n" + track
    # Record the MIME types of both parts - text/plain and text/html.
    part1 = MIMEText(text, 'plain')
    # Attach parts into message container.
    # According to RFC 2046, the last part of a multipart message, in this case
    # the HTML message, is best and preferred.
    msg.attach(part1)
    # Send the message via local SMTP server.
    s = smtplib.SMTP('192.168.10.125', 25)
    # sendmail function takes 3 arguments: sender's address, recipient's address
    # and message to send - here it is sent as one string.
    s.sendmail(me, you, msg.as_string())
    s.quit()

Once the Python scripts have been uploaded to the bootflash: on the switch, you can test the script by running the following command from the CLI:

    source N7K_EEM_TRACK_SLA_10_DOWN.py
    source N7K_EEM_TRACK_SLA_10_UP.py

    source N9K_EEM_TRACK_SLA_10_DOWN.py
    source N9K_EEM_TRACK_SLA_10_UP.py


This should trigger the email to be sent from the respective script.

8. Finally, associate the tracking objects to the two static routes pointing DC2 traffic out the VPN link. If these are removed, routes to DC2 will be learned dynamically through a routing protocol used by the MPLS router to advertise these routes to the core switch.

    ip route 192.168.20.0 255.255.255.0 192.168.10.254 track 10
    ip route 192.168.21.0 255.255.255.0 192.168.10.254 track 10 

Wednesday, April 10, 2019

Land Rover LR4 H7 to H8 Battery Upgrade

I recently replaced my battery after receiving a few low battery warnings and decided to upgrade to an H8 from the factory H7 size. Overall this is a simple battery swap, but I wanted to include the steps to update the Car Configuration File (CCF) and reset the Battery Management System (BMS), along with resetting the power windows and sunroof.

Batteries
  • (old) CarQuest Gold 94RH7 CCA 800 CA 1000 RC 140 (LxWxH) 12.5" x 6.8" x 7.4"
  • (new) Bosch Premium 49-850BAGM CCA 900 CA 1080 RC 185 (LxWxH) 14" x 6.87" x 7.43"

Tools
  • Ratchet (1/4 or 3/8)
  • Ratchet Extension
  • 8mm Socket (battery clamp bolts)
  • 10mm Socket (battery terminal nuts)
  • (optional) IIDTool

Torque

  • Battery clamp 5Nm (4 lb.ft)
  • Battery terminals 5Nm (4 lb.ft)

Steps


1. (Optional) Fully charge the new battery, mine took around 24hrs with a 12V 1.25A charger


2. Remove battery cover and battery clamp



3. Disconnect battery vent




4. Disconnect battery terminals and remove battery




5. Install new battery, reconnect vent, terminals and clamp




6. (optional) Update the battery type in the CCF using IIDTool


    Car Config >  BCM-Body Control > Battery Type (H8HD 90Ah 950 cold cranking ampere)




7. (optional) Reset the BMS


    Service/Test > BCM-Body Control > Battery Replacement




8. (optional) Reset automatic power windows (auto up) and sunroof, I also had to reset the date, time, and temperature settings (C/F).




Friday, March 15, 2019

Land Rover LR4 (2013) LED/Halogen/Xenon Light Bulb Refresh DIY

Decided to replace all the interior light bulbs with LEDs recently and ended up just replacing all the lights bulbs on my 2013 LR4. Took a while to figure out what type and number of bulbs I would need, along with what could be upgraded to LED. So, I decided to share this info with anyone else who may be interested.

Overall, this is an easy DIY, took a couple of hours, but I think it was worth it in the end. I went with LEDs wherever possible for color, consistency and longevity. For the bulbs that could not be switched to LED, I just replaced with an upgraded version of the original standard bulb. For all the W5W/T10 bulbs, I think any brand would work, but I went with Philips since they had good reviews and bulbs for almost all the replacement, plus I didn’t want some cheap LED burning out and starting a fire in my dome lights. Also, the Philips bulbs are bright enough without being blinding like some other brands.



Types

W5W/T10/12961/194 – Side Corners Front/Rear, Side Repeaters, License, Puddle, All Interior
D3S - Xenon Headlight - High/Low Beam
H11 - Halogen Fog
H7 - Halogen Headlight - High Beam
P21W/1156 – Reverse and Rear Fog
T5/74 - Vanity Mirrors
HP24WA - Front Turn Signals




Quantities

W5W/T10/12961/194 - 18 White (interior, license plate, front corners, rear corners)
W5W/T10/12961/194 - 4 White (door puddle)
W5W/T10/12961/194 - 2 Amber (side repeaters)
D3S - 2
H11 - 2
H7 - 2
P21W/1156 - 4
T5/74 - 4
HP24WA - 2


Brands

W5W/T10/12961/194 - Philips 194 Ultinon LED Bulb (White) [Amazon]
W5W/T10/12961/194 – LASFIT 194 (White) Can-Bus Error Free (Door puddle/courtesy lights) [Amazon]
W5W/T10/12961/194 - Philips 194 Ultinon LED Bulb (Amber) [Amazon]
D3S - Philips D3S X-tremeVision Gen2 42403XV2C1 [Amazon]
H11 - Philips H11 CrystalVision Halogen / Philips 12794UNIX2 X-tremeUltinon LED [Amazon]
H7 - Philips H7 CrystalVision [Amazon]
P21W/1156 - Philips 1156 Ultinon LED Bulb [Amazon]
T5/74 - YITAMOTOR T5 Hat 5050 Tri-Cell 1-SMD LED Dashboard Gauge Instrument Panel White Light Bulb Lamp 37 58 70 73 74 12V [Amazon]
HP24WA – Land Rover LR014111, Renault 262610001R, Valeo HP24WA


Locations Used

Headlights
(2) D3S Xenon, high/low beams
(2) W5W White, corner lamps
(2) H7, high beams
(2) HP24WA, Front Turn Signals

Side Repeaters
(2) W5W Amber

Rear Lights
(2) W5W White, rear corner lamps
(4) P21W/1156, reverse and rear fogs

License Plate
(2) W5W White

Interior
(2) W5W White, footwells
(1) W5W White, glove box
(6) W5W White, front and 2nd row map/courtesy/dome
(2) W5W White, 3rd row courtesy
(1) W5W White, rear load space/tailgate
(4) W5W White or LED Fixture, door puddle/courtesy


Install Notes
  • PrecisionLED has a great YouTube walkthrough of the interior, license, and rear light LED installations
  • For polarized LEDs, you may need to reverse the connection if they don’t come on initially
  • The glove box bulb is a pain, but not impossible, I just used a tiny flat blade screwdriver to pop it out.
  • Front turn signal bulbs are odd, uncommon and expensive, so I didn’t bother replacing them
  • Front fog light LEDs are expensive, and I rarely use them, so I just upgraded the existing halogens
  • Replaced beat up front fog light fixtures, Valeo part #88899 [Amazon]
  • Vanity mirror LEDs are thicker and longer than the standard bulbs, so they require a bit of light force to install.
  • Front door puddle/courtesy LEDs are the only ones that did not work with the Philips 194LED bulbs. The rear doors worked fine with the Philips bulbs, but I replaced all four for consistency. The fronts are hit-or-miss, I would recommend CANBUS Error Free bulbs or LED fixtures by PowerfulUK or PMLIT [eBay]. When you replace the bulb, regardless of halogen or led, you’ll need to close and open the door before it will work again.
  • If the interior lights, such as the vanity or dome stop working, then you probably blew fuse #57. Just replace it with a 10A mini fuse and you should be back in business or better yet, just remove it until all interior lights have been replaced. I ended up replacing it 3 times, twice just for the vanity mirrors.

License Plate LED/Halogen

Interior LEDs


Wednesday, March 13, 2019

Cisco IP SLA with EEM Email Alerts on IOS

IP SLAs on Cisco routers can be used for a lot of reasons. I like to use them for dual ISP configurations, together with tracking objects and an EEM script to send email alerts whenever a failover has occurred. Below is a simple example demonstrating the overall configuration.

The easiest place to start is with creating a couple of IP SLAs. I prefer using more than one, just in case there is an issue effecting just the one IP.

1.  Create two IP SLAs, I'll be using Google and OpenDNS/Cisco's secondary public DNS servers

    ip sla 10
     icmp-echo 8.8.4.4 source-interface GigabitEthernet0/0/0
     frequency 10
    ip sla schedule 10 life forever start-time now
    !
    ip sla 20
     icmp-echo 208.67.220.220 source-interface GigabitEthernet0/0/0
     frequency 10
    ip sla schedule 20 life forever start-time now


2. Since I want the IP SLAs to test Internet connectivity for just the primary ISP, I'll create a static route pointing them to always go out the primary ISP

    ip route 208.67.220.220 255.255.255.255 12.13.178.25 permanent name SLA_Tracking
    ip route 8.8.4.4 255.255.255.255 12.13.178.25 permanent name SLA_Tracking


3. Now that our IP SLAs are testing our connection, lets setup some tracking objects to track the status of the IP SLAs. These two tracking objects will track their respective IP SLA and transition to a down state after the IP SLA has failed for over 30 seconds. This will help prevent route flapping and general network chaos.

    track 1 ip sla 10 reachability
     delay down 30
    !
    track 2 ip sla 20 reachability
     delay down 30


4. To ensure that the internet has truly failed, I bundled the two individual tracking objects into one overall tracking object. This tracking object will only transition to a down state if BOTH tracking objects fail. This is handled by a Boolean OR and prevents primary/backup ISP failover if just one IP SLA is failing.

    track 10 list boolean or
     object 1
     object 2

 
5. Almost there! Next, associate the tracking objects to two default static routes in the router configuration, one for the primary ISP and one for the backup ISP.

    ip route 0.0.0.0 0.0.0.0 12.63.178.25 name PrimaryISP track 10
    ip route 0.0.0.0 0.0.0.0 187.68.13.12 10 name BackupISP
 
       
6. Finally, setup an EEM script that sends an email whenever Track 10 changes its state UP or DOWN

    event manager applet TRACK_SLA_10_DOWN
     event track 10 state down
      action 1.0 info type routername
      action 2.0 mail server "smtp.email.com" to "noc@company.com.com" from “eem-alerts@company.com" subject "$_info_routername - Primary ISP is DOWN" body "Router is using backup ISP" source-interface Loopback0
    !
    event manager applet TRACK_SLA_10_UP
     event track 10 state up
      action 1.0 info type routername
      action 2.0 mail server "smtp.email.com" to "noc@company.com" from "eem-alerts@company.com" subject "$_info_routername - Primary ISP is UP" body "Router is using primary ISP" source-interface Loopback0



Tuesday, March 12, 2019

IKEA BEKANT Sit/Stand Desk (2019 Update)

I purchased an IKEA BEKANT Sit/Stand desk back in late 2014 as an update to my old GALANT desk and it has worked great over the last 5+ years. I've updated my desk a bit since then and wanted to post a quick update for 2019.

Current Setup:

  • IKEA BEKANT Sit/Stand (Black-Brown/White)
  • IKEA SIGNUM Cable Management
  • Mount-It! MI-776 Hex Monitor Mount NEW!
  • (6) Dell P2418D NEW!
  • Dell AE515 Professional Soundbar NEW!
  • APC Back-UPS 550
  • Apple Mac Pro NEW!



I've been using the Mac Pro for the last 2 years as my main work computer, it mainly runs Windows 10 under Boot Camp. I went this route for the small form factor and the ability to support 6 Display Port monitors natively. I've got a USB-to-HDMI adapter running the TV for a 7th screen, mainly for NOC duties.

Overall, I'm still pleased with the Bekant desk as it served it's purpose well. Eventually I'll upgrade to a Jarvis or other brand that has the automatic lift/lowering and memory settings.