BGP peer(s) down-cisco-nxos

BGP peer(s) down-cisco-nxos

Vendor: cisco

OS: nxos

Description:
Indeni will alert one or more BGP peers isn’t communicating well.

Remediation Steps:
Review the cause for the peers being down.
|
|1. Get information for all BGP neighbors by running the “show bgp vrf all sessions” NX-OS command
|2. Get a summary list of BGP neighbors and statistics by executing the “show ip bgp vrf all summary” NX-OS command
|3. Get detailed information from a BGP neighbor by running the “show ip bgp neighbors X.X.X.X” NX-OS command
|4. Check global BGP process information with the “show bgp process” NX-OS command
|5. Review the logs for relevant findings
|6. For more information please review  following CISCO BGP troubleshooting flow chart:
|https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/22166-bgp-trouble-main.html#anc6

How does this work?
This script logs in to the Cisco Nexus switch using SSH and retrieves the BGP neigborship state using the “show ip bgp summary” command. The output includes a complete report of the per-neighbor BGP state.

Why is this important?
Check if BGP neighbors are up. If a neighbor is not in an established state, an alert will be triggered.

Without Indeni how would you find this?
The administrator would have to log in to the device and use the “show ip bgp summary” command to identify the operational status for all the configured BGP neighbors.

nexus-show-ip-bgp-summary

name: nexus-show-ip-bgp-summary
description: Nexus show ip route direct
type: monitoring
monitoring_interval: 1 minute
requires:
    vendor: cisco
    os.name: nxos
    bgp: 'true'
comments:
    bgp-state:
        why: |
            Check if BGP neighbors are up. If a neighbor is not in an established state, an alert will be triggered.
        how: |
            This script logs in to the Cisco Nexus switch using SSH and retrieves the BGP neigborship state using the "show ip bgp summary" command. The output includes a complete report of the per-neighbor BGP state.
        without-indeni: |
            The administrator would have to log in to the device and use the "show ip bgp summary" command to identify the operational status for all the configured BGP neighbors.
        can-with-snmp: true
        can-with-syslog: true
    bgp-received-routes:
        why: |
            Check if a BGP neighbor's received routes changed in a substantial way. If the received routes changed by +/- 20% an alert will be raised.
        how: |
            This script logs in to the Cisco Nexus switch using SSH and retrieves the BGP neighborship state using the "show ip bgp summary" command. The output includes a complete report of the per-neighbor BGP state.
        without-indeni: |
            The administrator would have to log in to the device and use the "show ip bgp summary" command to identify the total number of prefixes received from the BGP neighbors.    can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: SSH
        command: show ip bgp summary
    parse:
        type: AWK
        file: show_ip_bgp_summary.parser.1.awk

cross_vendor_bgp_peer_down

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.crossvendor

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.StateDownTemplateRule
import com.indeni.server.rules.RemediationStepCondition

/**
  *
  */
case class cross_vendor_bgp_peer_down() extends StateDownTemplateRule(
  ruleName = "cross_vendor_bgp_peer_down",
  ruleFriendlyName = "All Devices: BGP peer(s) down",
  ruleDescription = "Indeni will alert one or more BGP peers isn't communicating well.",
  metricName = "bgp-state",
  applicableMetricTag = "name",
  alertItemsHeader = "Peers Affected",
  alertDescription = "One or more BGP peers are down.",
  baseRemediationText = "Review the cause for the peers being down.")(
  RemediationStepCondition.VENDOR_CP -> "Consider reading Tobias Lachmann's blog on BGP: https://blog.lachmann.org/?p=1771",
  RemediationStepCondition.VENDOR_PANOS -> "Consider starting at https://live.paloaltonetworks.com/t5/Configuration-Articles/BGP-Routes-are-not-Injected-into-the-Routing-Table/ta-p/54938 . You can also log into the device over SSH and run \"less mp-log routed.log\".",
  RemediationStepCondition.VENDOR_CISCO ->
    """|
      |1. Get information for all BGP neighbors by running the "show bgp vrf all sessions" NX-OS command
      |2. Get a summary list of BGP neighbors and statistics by executing the "show ip bgp vrf all summary" NX-OS command
      |3. Get detailed information from a BGP neighbor by running the "show ip bgp neighbors X.X.X.X" NX-OS command
      |4. Check global BGP process information with the "show bgp process" NX-OS command
      |5. Review the logs for relevant findings
      |6. For more information please review  following CISCO BGP troubleshooting flow chart:
      |https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/22166-bgp-trouble-main.html#anc6""".stripMargin
)
{
  override def deviceCondition(context: RuleContext) = generateDevicePassiveAndPassiveLinkStateCondition(context.tsDao)
}