Supposed you have a router that connects to two location or routers or ISPs. The primary link is se0/1, the secondary link is se0/2, the secondary link will not be used unless primary link has failed.
There are many ways to accomplish link failover task, you can choose to use PBR, BGP or EEM, in this post I am demonstrating the use of EEM an acronym for Embedded Event Manager. The usefulness of EEM is not limited to this demonstration only, it can be used for many events, if you are good in TCL scripting you can further leverage the advantages of EEM.
Router 2651-1:
Se0/1 is the primary link connecting to 1841-1
Se0/2 is the secondary link connecting to 1841-2
EEM configuration
2651-1#sh run | s event
event manager applet link-fo1
event syslog pattern “200 rtr 200 reachability Up->Down”
action 0.0 cli command “enable”
action 1.0 cli command “configure terminal”
action 2.0 cli command “no ip route 0.0.0.0 0.0.0.0 se0/1”
action 3.0 cli command “ip route 0.0.0.0 0.0.0.0 se0/2”
event manager applet link-fo2
event syslog pattern “200 rtr 200 reachability Down->Up”
action 0.0 cli command “enable”
action 1.0 cli command “configure terminal”
action 2.0 cli command “no ip route 0.0.0.0 0.0.0.0 se0/2”
action 3.0 cli command “ip route 0.0.0.0 0.0.0.0 se0/1”
Note: Quotation is required. Also your cli command should start with enable command if you intend to use commands available only in privilege exec mode, the cli commands here are executed via vty0. If you do not include enable command in the event manager, your event will not work even if it is triggered!
IP SLA and track configuration
2651-1#sh run | s ip sla
ip sla monitor 200
type echo protocol ipIcmpEcho 200.10.10.1
frequency 5
ip sla monitor schedule 200 life forever start-time now
2651-1#sh run | i track
track 200 rtr 200 reachability
In my event manager, the trigger is through syslog message “200 rtr 200 reachability Up->Down” this is a syslog message for IP sla tracker.
Test the EEM
Before se0/1 has failed:
2651-1#sh ip route | b Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
C 200.20.20.0/24 is directly connected, Serial0/2
C 192.168.1.0/24 is directly connected, FastEthernet0/1
C 200.10.10.0/24 is directly connected, Serial0/1
S* 0.0.0.0/0 is directly connected, Serial0/1
After se0/1 failed:
2651-1#sh ip route | b Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
C 200.20.20.0/24 is directly connected, Serial0/2
C 192.168.1.0/24 is directly connected, FastEthernet0/1
S* 0.0.0.0/0 is directly connected, Serial0/2
Syslog messages
When se0/1 failed:
*Sep 20 10:00:15.441: %LINK-3-UPDOWN: Interface Serial0/1, changed state to up
*Sep 20 10:00:16.443: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
2651-1#
*Sep 20 10:00:16.848: %SYS-5-CONFIG_I: Configured from console by console
2651-1#
*Sep 20 10:00:21.227: %TRACKING-5-STATE: 200 rtr 200 reachability Down->Up
*Sep 20 10:00:21.327: %SYS-5-CONFIG_I: Configured from console by vty0
When se0/1 is restored:
2651-1#
*Sep 20 10:02:40.864: %SYS-5-CONFIG_I: Configured from console by console
2651-1#
*Sep 20 10:02:42.314: %LINK-3-UPDOWN: Interface Serial0/1, changed state to up
*Sep 20 10:02:43.316: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
2651-1#
*Sep 20 10:02:46.233: %TRACKING-5-STATE: 200 rtr 200 reachability Down->Up
*Sep 20 10:02:46.333: %SYS-5-CONFIG_I: Configured from console by vty0
cyruslab 