This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Network Management & Authentication
- ExtremeCloud IQ- Site Engine Management Center
- What does this script most likely do?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
What does this script most likely do?
What does this script most likely do?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
03-30-2017 10:47 AM
Hello, everybody!
I have a script on all my switches:
create upm profile blackhole1set var portb 0
set var portb $TCL(string range ${EVENT.LOG_PARAM_0} 36 39)
disable port $portb
create log entry "Port $portb blocked by UPM"
delete var portb
Do you have any idea what could it do? Blocks a port? For what reason?
Many thanks in advance,
Ilya
I have a script on all my switches:
create upm profile blackhole1set var portb 0
set var portb $TCL(string range ${EVENT.LOG_PARAM_0} 36 39)
disable port $portb
create log entry "Port $portb blocked by UPM"
delete var portb
Do you have any idea what could it do? Blocks a port? For what reason?
Many thanks in advance,
Ilya
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
03-31-2017 03:30 AM
Yes, this script is to disable a port.
As Hagemann already mentioned, there should be a configuration under "ems" section that will triger this UPM profile.
If you could provide ems configuration, then we could know the reason.
"set var portb $TCL(string range ${EVENT.LOG_PARAM_0} 36 39)"
With above line, the port number to block (disable) would be extracted from the log message, and then, the port is disabled by "disable port $portb" line.
Lastly, this UPM generates system log message as a result of above behavior by:
"create log entry "Port $portb blocked by UPM"
If this UPM is executed successfully, then there should be log message in the switch with string "Port blocked by UPM".
As Hagemann already mentioned, there should be a configuration under "ems" section that will triger this UPM profile.
If you could provide ems configuration, then we could know the reason.
"set var portb $TCL(string range ${EVENT.LOG_PARAM_0} 36 39)"
With above line, the port number to block (disable) would be extracted from the log message, and then, the port is disabled by "disable port $portb" line.
Lastly, this UPM generates system log message as a result of above behavior by:
"create log entry "Port $portb blocked by UPM"
If this UPM is executed successfully, then there should be log message in the switch with string "Port blocked by UPM".
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
03-31-2017 03:30 AM
Hi Ilya,
When I look at the "ems" configuration you pasted here and above UPM configuration you replied to Michal post, it looks like there are two UPM profiles in the switch. The "blackhole1" is UPM profile for FDB blackhole and the "mac_move" is UPM profile for MAC-tracking.
For the "blackhole1" UPM profile, I assume there may be a configuration related with FDB blackhole feature in the switch (e.g. making blackhole MAC addresses when exceeding MAC-limit configured). So if there is those kind of event related FDB blackhole so that "FDB.FdbNotice" log with string "blackholed" is logged, then the "blackhole1" UPM is triggered and executed. The action of this UPM profile is "disabling the port" as I told already.
For the "mac_move" UPM profile, when mac movement is detected by the "MAC tracking" feature in EXOS, then "FDB.MACTracking.MACMove" system log will be logged with port number where the MAC move is detected. Then, the "mac_move" UPM will be executed and follow the actions specified in the UPM profile (disable port 1, port 2 and generate log message).
Following is sample log of MACMove:
MM-A: The MAC address on VLAN "PC_125" has moved from port 6:1 to port 1:38
When I look at the "ems" configuration you pasted here and above UPM configuration you replied to Michal post, it looks like there are two UPM profiles in the switch. The "blackhole1" is UPM profile for FDB blackhole and the "mac_move" is UPM profile for MAC-tracking.
For the "blackhole1" UPM profile, I assume there may be a configuration related with FDB blackhole feature in the switch (e.g. making blackhole MAC addresses when exceeding MAC-limit configured). So if there is those kind of event related FDB blackhole so that "FDB.FdbNotice" log with string "blackholed" is logged, then the "blackhole1" UPM is triggered and executed. The action of this UPM profile is "disabling the port" as I told already.
For the "mac_move" UPM profile, when mac movement is detected by the "MAC tracking" feature in EXOS, then "FDB.MACTracking.MACMove" system log will be logged with port number where the MAC move is detected. Then, the "mac_move" UPM will be executed and follow the actions specified in the UPM profile (disable port 1, port 2 and generate log message).
Following is sample log of MACMove:
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
03-31-2017 03:30 AM
Hello, David,
please, take a look at the output:
* Slot-1 sw-514-1.6 # sh conf "ems"
#
# Module ems configuration.
#
create log filter blackhole
create log filter cfg_save
create log filter mac_move
configure log filter DefaultFilter add events All severity warning
configure log filter DefaultFilter add events FDB.FdbNotice
configure log filter DefaultFilter add events Kern.Info
configure log filter DefaultFilter add events FDB.MACTracking.MACMove
configure log filter DefaultFilter add exclude events FDB.FdbNotice match string "Failed to flush FDB for VPIF"
configure log filter DefaultFilter add exclude events vlan.ack.warn match string "No ack returned"
configure log filter DefaultFilter add exclude events vlan.msgs.portLinkStateDown
configure log filter DefaultFilter add exclude events vlan.msgs.portLinkStateUp
configure log filter DefaultFilter add exclude events HAL.IPv4Adj.Warning match string "# L3 hash table entries already 0."
configure log filter blackhole add events FDB.FdbNotice match string "blackholed"
configure log filter cfg_save add events cli.logRemoteCmd match string "save"
configure log filter mac_move add events FDB.MACTracking.MACMove
enable log target console
configure syslog add 192.168.251.1:514 vr VR-Default local7
enable log target syslog 192.168.251.1:514 vr VR-Default local7
configure log target syslog 192.168.251.1:514 vr VR-Default local7 filter DefaultFilter severity Info
configure log target syslog 192.168.251.1:514 vr VR-Default local7 match Any
configure log target syslog 192.168.251.1:514 vr VR-Default local7 format timestamp hundredths date dd-mm-yyyy event-name none host-name
create log target upm blackhole1
enable log target upm blackhole1
configure log target upm blackhole1 filter blackhole severity Notice only
create log target upm tftp-save
enable log target upm tftp-save
configure log target upm tftp-save filter cfg_save severity Info
create log target upm mac_move
enable log target upm mac_move
configure log target upm mac_move filter mac_move severity Notice only
please, take a look at the output:
* Slot-1 sw-514-1.6 # sh conf "ems"
#
# Module ems configuration.
#
create log filter blackhole
create log filter cfg_save
create log filter mac_move
configure log filter DefaultFilter add events All severity warning
configure log filter DefaultFilter add events FDB.FdbNotice
configure log filter DefaultFilter add events Kern.Info
configure log filter DefaultFilter add events FDB.MACTracking.MACMove
configure log filter DefaultFilter add exclude events FDB.FdbNotice match string "Failed to flush FDB for VPIF"
configure log filter DefaultFilter add exclude events vlan.ack.warn match string "No ack returned"
configure log filter DefaultFilter add exclude events vlan.msgs.portLinkStateDown
configure log filter DefaultFilter add exclude events vlan.msgs.portLinkStateUp
configure log filter DefaultFilter add exclude events HAL.IPv4Adj.Warning match string "# L3 hash table entries already 0."
configure log filter blackhole add events FDB.FdbNotice match string "blackholed"
configure log filter cfg_save add events cli.logRemoteCmd match string "save"
configure log filter mac_move add events FDB.MACTracking.MACMove
enable log target console
configure syslog add 192.168.251.1:514 vr VR-Default local7
enable log target syslog 192.168.251.1:514 vr VR-Default local7
configure log target syslog 192.168.251.1:514 vr VR-Default local7 filter DefaultFilter severity Info
configure log target syslog 192.168.251.1:514 vr VR-Default local7 match Any
configure log target syslog 192.168.251.1:514 vr VR-Default local7 format timestamp hundredths date dd-mm-yyyy event-name none host-name
create log target upm blackhole1
enable log target upm blackhole1
configure log target upm blackhole1 filter blackhole severity Notice only
create log target upm tftp-save
enable log target upm tftp-save
configure log target upm tftp-save filter cfg_save severity Info
create log target upm mac_move
enable log target upm mac_move
configure log target upm mac_move filter mac_move severity Notice only
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
03-30-2017 12:02 PM
It blocks a port. The port number is delivered through a TCL script out of an event log entry. What is missing is the trigger for the script which regularly is an event filter.
Before we added the feature in ELRP to disable a port once a loop is detected, we could just create log entries that a loop is detected. Hence there were a lot of customers who triggered a script by this log entry and disabled the port. Just an idea.
Before we added the feature in ELRP to disable a port once a loop is detected, we could just create log entries that a loop is detected. Hence there were a lot of customers who triggered a script by this log entry and disabled the port. Just an idea.
