Using EEM to change external IP addresses remotely

Have you ever had to remotely change the external IP address of router? How about a router that can’t be easily replaced?

It’s a bit of challenge, and hard to do without someone there to help you, or an out-of-band connection. Once you change the IP address itself  or no-out the default gateway, your connection drops.  If you’ve got an assistant, you can give them login credentials, and walk them through the rest (though this gets problematic, depending on the assistant).

Aside from an intriguing technical challenge, there’s significant business value in solving the problem also. In my case, this router was located in a border city in Mexico, and shipping a newly configured router really wasn’t an option. If we shipped a second router, the original invoice (not a copy), matched to the new routers’ serial number had to go with it, else it would be confiscated. Additionally, the original router would be held for three weeks before being returned to our field office. Re-configuring the original router would save the company roughly 5 days of site downtime while the second router was in transit, as well as the additional hardware and paperwork expense.

Our field technicians are general experienced in electrical engineering, not IT. If possible, I’d rather avoid putting them on the command line. So, in my search for better solution, I discovered the Cisco EEM (Embedded Event Manager). Of course, the EEM can do all sorts of magic as an embedded scripting engine on routers, but this little script was all it took to got the job done:

event manager applet AddressChange
 event syslog occurs 1 pattern "%SYS-5-RESTART: System restarted"
 action 001 cli command "enable"
 action 002 cli command "config terminal"
 action 003 cli command "int f4"
 action 004 cli command "ip add dhcp"
 action 005 cli command "exit"
 action 006 cli command "no ip route x.x.x.x"
 action 007 cli command "no ip default-gateway x.x.x.x"

Happily, it even works. There are a couple of caveats though:

First, you’ve got the reload the router to invoke the EEM applet. It’s the syslog  message  “%SYS-5-RESTART: System restarted” that triggers the applet. Second, it’s best if you can reach the router before running the applet, to gather the correct ip route and ip default-gateway value. Not sure if a router will pass traffic correctly with two default routes (though it’s a good future experiment).

The applet can also be tuned to run by calling the applet manually.  Just replace

 event syslog occurs 1 pattern "%SYS-5-RESTART: System restarted"


 event none

and call the applet from the cmdline:

event manager run AddressChange

In this case, the power of the applet is that it runs internally, and continues to execute even if called from a TTY session, and that TTY gets disconneted.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s