It has been over a year since this last post.  Has there been any change on the n5k to incorporate Reliable Static Routing using IP SLA?

N5K/N6K supports object tracking, but as of NX/OS 7.1, you still can't tie it into static routes and there's no IP SLA.

However, NX/OS 6.0(2)N2(1) did add EEM which can periodically run a python script that does what you want. Attached is RouteTrack.py. Place it in bootflash, run it manually from the CLI to test it out, and then create an EEM applet to run it every few seconds.

Usage:

RouteTrack.py <route> <route_nexthop> [route_vrf] [ping_host [ping_vrf]] [debug]

The simplest form is:

RouteTrack.py 192.168.3.0/24 10.0.0.1

This will add or remove the config command "ip route 192.168.3.0/24 10.0.0.1" based on whether or not 10.0.0.1 is pingable

The script produces syslog messages like these:

2013 Oct 16 19:22:12 DC2-N5K-2 %USER-3-SYSTEM_MSG: Removing route vrf management 1.0.0.0/8 to 172.31.51.1 (ping 10.89.169.5 failed) - RouteTrack.py

2013 Oct 16 19:22:31 DC2-N5K-2 %USER-3-SYSTEM_MSG: Adding route vrf management  1.0.0.0/8 to 172.31.51.1 (ping 10.89.169.5 success) - RouteTrack.py

Craig,

Do I have to modify the Python script in anyway before uploading it to flash?  I don't see any reference to an IP address in the routetrack.py file.

Also, can you help with the syntax of the EEM script itself?

From what I gather, it will look something like this.

event manager applet track-next-hop
 description "insert/withdraw a route based on whether an IP is pingable"
 event snmp oid 1.3.6.1.2.1.1.3.0 get-type exact entry-op ge entry-val 0 poll-interval 10
 action 1.0 cli python bootflash:RouteTrack.py 0.0.0.0 0.0.0.0 192.168.1.1

Is that all I would need to configure?  I want to ping 192.168.1.1 in this example and remove the default route if it becomes unavailable. 

Yup, that's all you should have to do. Use CIDR notation, though:

action 1.0 cli python bootflash:RouteTrack.py 0.0.0.0/0 192.168.1.1

You can test it by typing "python bootflash:RouteTrack.py 0.0.0.0/0 192.168.1.1 debug" into the CLI. The "debug" switch provides more detail on what's being done.

Unfortunately, NX/OS 7.0 and 7.1 both have open bug CSCuj69824 ("Python script is not working when called using the python script_name command."). You can help get this bug fixed by opening a TAC case.

But, until that bug is fixed, python you'll need to use one of the NX/OS 6.0 releases.

I have found that once the script is in the correct directory, you can run it using the command "source RouteTrack.py" .

The problem I have, though, is that the modules seem to be different in 7.x.

Once I figured out the correct directory for the script and the new syntax to run it, I started to get the following:

source RouteTrack.py 10.6.0.0/16 10.8.1.2
Traceback (most recent call last):
  File "/bootflash/scripts/RouteTrack.py", line 122, in <module>
    routecli = docmd("show ip route " + rv1 + route + " static ")
  File "/bootflash/scripts/RouteTrack.py", line 90, in docmd
    results = " ".join(cisco.CLI(cmd, 0).get_output())
AttributeError: 'module' object has no attribute 'CLI'

I changed the case for the cli call, and now I get the following:

source RouteTrack.py 4.2.2.32/32 4.2.2.254
Traceback (most recent call last):
  File "/bootflash/scripts/RouteTrack.py", line 122, in <module>
    routecli = docmd("show ip route " + rv1 + route + " static ")
  File "/bootflash/scripts/RouteTrack.py", line 90, in docmd
    results = " ".join(cisco.cli(cmd, 0).get_output())
cisco.cli_syntax_error: % Invalid command at '===>' marker: ===>

Any Assistance would be greatly appreciated!

Cisco and their lovely ever-changing API's...

Attached is a version that works on N5K/6K with NX/OS 7.x.

It also works on N7K with 6.2.x and 7.2.x, and it should work on N9K as well.

I am looking to do this for 5 routes. What would I need to do to get this to work? Do I need to load these to both 5K or just on one? 

This would be on a pair of 5k and 3k. running the following code

5K1 and 5K2 with HSRP = 6.0(2)N2(4)

all routes are static

Core at data center 1

5 routes 

3K1 and 3K2 with HSRP = 6.0(2)A1(1d)

all routes are static

Core ate data center 2

2 routes

A Nexus VPC pair requires that all Layer-3 be perfectly in sync so you'd need to run the script on both switches.

Routetrack can only add/remove one route. You could run the script five times, or use a dummy recursive next hop (see 10.99.99.99 below)

I'm going to assume that N5K#1 has the primary link to N3K#1 carrying vlan 100, and N5K#2 has the backup link to N3K#2 carrying vlan 101. Vlans 101 & 102 are trunked across all four switches (using a non-VPC trunk within each DC since you shouldn't put those on the VPC peer link).     this may not describe your environment, but hopefully you can adapt.

Here is a sample config:

N5k #1 & #2
int vlan 100
 description primary link to DC #2 (via N5K #1)
 ip address 10.0.1.1/24      ! .2 on N5K #2,  .3 & .4 at other DC
int vlan 101
 description backup link to DC #2 (via N5K #2)
 ip address 10.0.2.1/24      ! .2 on N5K #2,  .3 & .4 at other DC

ip route 10.99.99.99/32 10.0.2.4 200 name floating-backup-via-n5k-2
ip route DC2-ROUTE1/24 10.99.99.99
ip route DC2-ROUTE2/24 10.99.99.99
ip route DC2-ETC... 10.99.99.99

event manager applet track-next-hop
 event snmp oid 1.3.6.1.2.1.1.3.0 get-type exact entry-op ge entry-val 0 poll-interval 10
 description install primary route via n5k-1
 action 1.0 cli python bootflash:RouteTrack.py 10.99.99.99/32 10.0.1.3

N3K #1 & #2
int vlan 100
 description primary link to DC #1 (via N3K #1)
 ip address 10.0.1.3/24      ! .4 on N3K #2,   .1 & .2 at other DC
int vlan 101
 description backup link to DC #1 (via N3K #2)
 ip address 10.0.2.3/24      ! .4 on N3K #2,   .1 & .2 at other DC

ip route 10.99.99.99/32 10.0.2.2 200 name floating-backup-via-n3k-2
ip route DC1-ROUTE1/24 10.99.99.99
ip route DC1-ROUTE2/24 10.99.99.99
ip route DC1-ETC... 10.99.99.99

event manager applet track-next-hop
 event snmp oid 1.3.6.1.2.1.1.3.0 get-type exact entry-op ge entry-val 0 poll-interval 10
 description install primary route to DC#1 via n3k-1
 action 1.0 cli python bootflash:RouteTrack.py 10.99.99.99/32 10.0.1.1

It's a messy config and I haven't tested it, but the logic is sound.

You will need to use the attached version of RouteTrack.py -- this one handles floating static routes properly.

I need to use this script to send internet traffic out our secondary link in case our primary link fails.  Below is the scenario.

Nexus 5596 with default gateway of 10.1.1.1 sends traffic out our primary link.  If this link fails, I need to have a script that automatically changes the default gateway of the 5596 to 10.2.2.1.

Do I need to modify the actual contents of the script, or is it the action command where I identify what needs to happen?

Bump.

I also need this running in NX-OS 7.3

but it is not working ....

maybe someone of you have it running ?

Very important !

Cisco supportforums is definitely not a good method for software distribution... :)

I've attached the latest version of the routetrack.py script from March, 2017. it was tested with Nexus 5548 running X/OS  7.3, Nexus 9000, etc.

(I've also removed the older code in the messages above)

2019 update

I've attached a new routetrack 1.4 to this post

• added: support for interfaces without next hop (e.g., "null0")
• added: "invert" arg to reverse the ping logic (e.g., add route on ping fail)
• fixed: changed internal command syntax to support NX/OS 9.x. This change should be backward compatible.
• added: static routes managed by routetrack are now named. (e.g., "ip route x.x.x.x name routetrack.py")

Is it possible for the script to only remove the static route if it exists in running config?
Syslog looks like the "no ip route" command is run every time the event is run and next-hop is not reachable.

Cheers.

EDIT: 

Figured it out :p Route was being removed every cycle because I had a fallback route installed (different next hop with high metric). Updating routecli variable to this fixed it.

routecli = docmd("show ip route " + route + " static" + (" next-hop " + route_nexthop) if route_nexthop else "" + rv1)

Attached script also adds ability to tag routes.

ie: python bootflash:routetrack-1.5.py 0.0.0.0/0 192.168.0.254 tag=100

Tested on N9k 9.3(1) in GNS3.