Does your equipment support:
cdp log adjacency changes
No, "cdp log adjacency changes" is not supported
If the link is still up, wouldn't CDP still show the neighbour?
What is shown in the log of the device? If something is logged, you could forward that to the Syslog Viewer and create an alert of that.
Problem is that the provider equipment is still up in both ends but they broke the tunnel between the two interfaces on their two devices due to human error.
So my two devices can't see each other.
1 of 1 people found this helpful
There's a complex Cisco CDP MIB available to SNMP, but unfortunately I get "OID not supported" when I try to query most of the interesting entries with the Solarwinds UnDP tool.
I think your best bet would be to try writing an EEM policy to send a syslog message when the CDP table changes, then alert on that syslog message. Here's a page that shows the basic idea:
I don't have a switch handy to test it, but your policy would look something like this:
event manager applet cdp-send-syslog
event neighbor-discovery interface x/x cdp update
action 1.0 syslog msg "CDP state change!"
You'll need pretty recent code to make this work.
I made a setup using your hint and a few other tips, so I had a handful of mails in my inbox this morning from one of my switches.
Thank you for sending me in the right direction.
rschroeder, this should get you started.
It requires an email server that allows you to send emails without authentication.
As you can see in the reply from jswan above, you could use syslog instead.
event manager environment email_server 192.168.0.25
event manager environment email_to email@example.com
event manager session cli username "eemuser"
event manager applet cdp-neighbor-down
description track device down from cdp event
event neighbor-discovery interface regexp Ethernet cdp delete
action 1.0 info type routername
action 2.0 mail server "$email_server" to "$email_to" from "eem@$_info_routername" subject "$_nd_cdp_entry_name Down" body "$_event_pub_time: $_nd_cdp_entry_name Down at $_nd_local_intf_name"
action 3.0 syslog msg "$_nd_cdp_entry_name down at $_nd_local_intf_name"
event manager applet cdp-neighbor-up
description track device up from cdp event
event neighbor-discovery interface regexp Ethernet cdp add
action 1.0 info type routername
action 2.0 mail server "$email_server" to "$email_to" from "eem@$_info_routername" subject "$_nd_cdp_entry_name Up" body "$_event_pub_time: $_nd_cdp_entry_name Up at $_nd_local_intf_name"
action 3.0 syslog msg "$_nd_cdp_entry_name up at $_nd_local_intf_name"
Uffda! That's not the solution I was expecting. But my environment isn't relying on CDP through a provider, it's all internal L2 and L3.
I'll keep looking for a solution appropriate for LAN instead of WAN, but thanks for the response and info!
what about going up over layer 2 and use netpath or ipsla ?
Should be easy to alert if the path/tunnel is not available?
Thanks for your suggestion but layer 3 works fine through the connection that was configured correct. Problem was that the provider two times misconfigured one of the two layer 2 connections. That was only detected when the correctly configured link went down.
And since the provider did not have proper monitoring of configuration changes, I wanted to monitor that the reduncancy that we pay for is actually there before the primary link goes down.
The two layer 2 connections bridge between the same vlan in both ends.
We are also monitoring on layer 3 but a failure here should normally mean that BOTH links are down.
so cron job?
that ask and expects the same mac ?
I don't expect that Cisco cope to support L2 ping
hope that helps...