- Preface
- Product Overview
- Configuring the Router for the First Time
- Configuring a Supervisor Engine 720
- Configuring a Route Switch Processor 720
- Configuring NSF with SSO Supervisor Engine Redundancy
- ISSU and eFSU on Cisco 7600 Series Routers
- Configuring RPR and RPR+ Supervisor Engine Redundancy
- Configuring Interfaces
- Configuring a Supervisor Engine 32
- Configuring LAN Ports for Layer 2 Switching
- Configuring Flex Links
- Configuring EtherChannels
- Configuring VTP
- Configuring VLANs
- Configuring Private VLANs
- Configuring Cisco IP Phone Support
- Configuring IEEE 802.1Q Tunneling
- Configuring Layer 2 Protocol Tunneling
- Configuring L2TPv3
- Configuring STP and MST
- Configuring Optional STP Features
- Configuring Layer 3 Interfaces
- Configuring GTP-SLB IPV6 Support
- IP Subscriber Awareness over Ethernet
- Configuring UDE and UDLR
- Configuring Multiprotocol Label Switching on the PFC
- Configuring IPv4 Multicast VPN Support
- Configuring Multicast VPN Extranet Support
- Configuring IP Unicast Layer 3 Switching
- Configuring IPv6 Multicast PFC3 and DFC3 Layer 3 Switching
- Configuring IPv4 Multicast Layer 3 Switching
- Configuring MLDv2 Snooping for IPv6 Multicast Traffic
- Configuring IGMP Snooping for IPv4 Multicast Traffic
- Configuring PIM Snooping
- Configuring Network Security
- Understanding Cisco IOS ACL Support
- Configuring VRF aware 6RD Tunnels
- Configuring VLAN ACLs
- Private Hosts (Using PACLs)
- Configuring IPv6 PACL
- IPv6 First-Hop Security Features
- Configuring Online Diagnostics
- Configuring Denial of Service Protection
- Configuring DHCP Snooping
- Configuring Dynamic ARP Inspection
- Configuring Traffic Storm Control
- Unknown Unicast Flood Blocking
- Configuring PFC QoS
- Configuring PFC QoS Statistics Data Export
- Configuring MPLS QoS on the PFC
- Configuring LSM MLDP based MVPN Support
- Configuring IEEE 802.1X Port-Based Authentication
- Configuring IEEE 802.1ad
- Configuring Port Security
- Configuring UDLD
- Configuring NetFlow and NDE
- Configuring Local SPAN, RSPAN, and ERSPAN
- Configuring SNMP IfIndex Persistence
- Power Management and Environmental Monitoring
- Configuring Web Cache Services Using WCCP
- Using the Top N Utility
- Using the Layer 2 Traceroute Utility
- Configuring Bidirectional Forwarding and Detection over Switched Virtual Interface
- Configuring Call Home
- Configuring IPv6 Policy Based Routing
- Using the Mini Protocol Analyzer
- Configuring Resilient Ethernet Protocol
- Configuring Synchronous Ethernet
- Configuring Link State Tracking
- Configuring BGP PIC Edge and Core for IP and MPLS
- Configuring VRF aware IPv6 tunnels over IPv4 transport
- ISIS IPv4 Loop Free Alternate Fast Reroute (LFA FRR)
- Multicast Service Reflection
- Y.1731 Performance Monitoring
- Online Diagnostic Tests
- Acronyms
- Cisco IOS Release 15S Software Images
- Index
- Understanding Call Home
- Configuring Call Home
- Displaying Call Home Configuration Information
- Default Settings
- Alert Group Trigger Events and Commands
- Message Contents
Configuring Call Home
This chapter describes how to configure the Call Home feature in Cisco IOS Software Release 12.2SX.
Note For complete syntax and usage information for the commands used in this chapter, see the Cisco 7600 Series Router Cisco IOS Command Reference at this URL: http://www.cisco.com/en/US/products/ps6922/prod_command_reference_list.html
Understanding Call Home
Call Home provides e-mail-based and web-based notification of critical system events. A versatile range of message formats are available for optimal compatibility with pager services, standard e-mail, or XML-based automated parsing applications. Common uses of this feature may include direct paging of a network support engineer, e-mail notification to a Network Operations Center, XML delivery to a support website, and utilization of Cisco Smart Call Home services for direct case generation with the Cisco Systems Technical Assistance Center (TAC).
The Call Home feature can deliver alert messages containing information on configuration, diagnostics, environmental conditions, inventory, and syslog events.
The Call Home feature can deliver alerts to multiple recipients, referred to as Call Home destination profiles , each with configurable message formats and content categories. A predefined destination profile is provided for sending alerts to the Cisco TAC, and you also can define your own destination profiles.
Flexible message delivery and format options make it easy to integrate specific support requirements.
The Call Home feature offers the following advantages:
– Short Text—Suitable for pagers or printed reports.
– Plain Text—Full formatted message information suitable for human reading.
– XML—Matching readable format using Extensible Markup Language (XML) and Adaptive Markup Language (AML) document type definitions (DTDs). The XML format enables communication with the Cisco TAC.
- Multiple concurrent message destinations.
- Multiple message categories including configuration, diagnostics, environmental conditions, inventory, and syslog events.
- Filtering of messages by severity and pattern matching.
- Scheduling of periodic message sending.
Obtaining Smart Call Home
If you have a service contract directly with Cisco Systems, you can register your devices for the Smart Call Home service. Smart Call Home provides fast resolution of system problems by analyzing Call Home messages sent from your devices and providing background information and recommendations. For issues that can be identified as known, particularly GOLD diagnostics failures, Automatic Service Requests will be generated with the Cisco TAC.
Smart Call Home offers the following features:
- Continuous device health monitoring and real-time diagnostics alerts.
- Analysis of call home messages from your device and, where appropriate, Automatic Service Request generation, routed to the appropriate TAC team, including detailed diagnostic information to speed problem resolution.
- Secure message transport directly from your device or through a downloadable Transport Gateway (TG) aggregation point. You can use a TG aggregation point in cases requiring support for multiple devices or in cases where security requirements mandate that your devices may not be connected directly to the Internet.
- Web-based access to Call Home messages and recommendations, inventory and configuration information for all Call Home devices. Provides access to associated Field Notices, Security Advisories and End-of-Life Information.
You need the following items to register:
For detailed information on Smart Call Home, see the Smart Call Home page at this location:
Configuring Call Home
How you configure Call Home depends on how you intend to use the feature. Some information to consider before you configure Call Home includes:
- At least one destination profile (predefined or user-defined) must be configured. The destination profile(s) used depends on whether the receiving entity is a pager, e-mail, or automated service such as Cisco Smart Call Home.
– If the destination profile uses e-mail message delivery, you must specify a Simple Mail Transfer Protocol (SMTP) server.
– If the destination profile uses secure HTTP (HTTPS) message transport, you must configure a trustpoint certificate authority (CA).
- The contact e-mail, phone, and street address information should be configured so that the receiver can determine the origin of messages received.
- The router must have IP connectivity to an e-mail server or the destination HTTP server.
- If Cisco Smart Call Home is used, an active service contract must cover the device being configured.
To configure Call Home, follow these steps:
Step 1 Configure your site’s contact information.
Step 2 Configure destination profiles for each of your intended recipients.
Step 3 Subscribe each destination profile to one or more alert groups, and set alert options.
Step 4 Configure e-mail settings or HTTPS settings (including CA certificate), depending on the transport method.
Step 5 Enable the Call Home feature.
Step 6 Test Call Home messages.
Tip From the Smart Call Home web application, you can download a basic configuration script to assist you in the configuration of the Call Home feature for use with Smart Call Home and the Cisco TAC. The script will also assist in configuring the trustpoint CA for secure communications with the Smart Call Home service. The script, provided on an as-is basis, can be downloaded from this URL: http://www.cisco.com/go/smartcall/
Configuring Contact Information
Each router must include a contact e-mail address. You can optionally include a phone number, street address, contract ID, customer ID, and site ID.
To assign the contact information, perform this task:
This example shows the configuration of contact information:
Router(cfg-call-home)# contact- email-addr username@example.com
Router(cfg-call-home)# phone-number +1-800-555-4567
Router(cfg-call-home)# street-address “1234 Picaboo Street, Any city, Any state, 12345”
Router(cfg-call-home)# customer-id Customer1234
Router(cfg-call-home)# site-id Site1ManhattanNY
Configuring Destination Profiles
A destination profile contains the required delivery information for an alert notification. At least one destination profile is required. You can configure multiple destination profiles of one or more types.
You can use the predefined destination profile or define a desired profile. If you define a new destination profile, you must assign a profile name.
Note If you use the Cisco Smart Call Home service, the destination profile must use the XML message format.
You can configure the following attributes for a destination profile:
- Profile name—A string that uniquely identifies each user-defined destination profile. The profile name is limited to 31 characters and is not case-sensitive. You cannot use all as a profile name.
- Transport method—The transport mechanism, either e-mail or HTTP (including HTTPS), for delivery of alerts.
– For user-defined destination profiles, e-mail is the default, and you can enable either or both transport mechanisms. If you disable both methods, e-mail will be enabled.
– For the predefined Cisco TAC profile, you can enable either transport method but not both.
- Destination address—The actual address related to the transport method to which the alert should be sent.
- Message formatting—The message format used for sending the alert.
– The format options for a user-defined destination profile are long-text, short-text, or XML. The default is XML.
– For the predefined Cisco TAC profile, only XML is allowed.
- Message size—The maximum destination message size. The valid range is 50 to 3,145,728 bytes and the default is 3,145,728 bytes.
To create and configure a destination profile, perform this task:
Copying a Destination Profile
To create a new destination profile by copying an existing profile, perform this task:
Subscribing to Alert Groups
An alert group is a predefined subset of Call Home alerts supported in all routers. Different types of Call Home alerts are grouped into different alert groups depending on their type. These alert groups are available:
The triggering events for each alert group are listed in the “Alert Group Trigger Events and Commands” section, and the contents of the alert group messages are listed in the “Message Contents” section.
You can select one or more alert groups to be received by a destination profile.
Note A Call Home alert is only sent to destination profiles that have subscribed to the alert group containing that Call Home alert. In addition, the alert group must be enabled.
To subscribe a destination profile to an alert group, perform this task:
Router(cfg-call-home)#
alert-group
{
all
|
configuration
|
diagnostic
| |
Enables the specified alert group. Use the keyword all to enable all alert groups. By default, all alert groups are enabled. |
|
Router(cfg-call-home)#
no alert-group
{
all
|
configuration
|
diagnostic
| |
Disables the specified alert group. Use the keyword all to disable all alert groups. |
|
Enters the Call Home destination profile configuration submode for the specified destination profile. |
||
Router(cfg-call-home-profile)#
subscribe-to-alert-group configuration |
Subscribes this destination profile to the Configuration alert group. The Configuration alert group can be configured for periodic notification, as described in the “Configuring Periodic Notification” section. |
|
Router(cfg-call-home-profile)# |
Unsubscribes to the specified alert group. Use the keyword all to unsubscribe to all alert groups. |
|
Router(cfg-call-home-profile)#
subscribe-to-alert-group diagnostic |
Subscribes this destination profile to the Diagnostic alert group. The Diagnostic alert group can be configured to filter messages based on severity, as described in the “Configuring Message Severity Threshold” section. |
|
Router(cfg-call-home-profile)#
subscribe-to-alert-group environment |
Subscribes this destination profile to the Environment alert group. The Environment alert group can be configured to filter messages based on severity, as described in the “Configuring Message Severity Threshold” section. |
|
Router(cfg-call-home-profile)#
subscribe-to-alert-group inventory
|
Subscribes this destination profile to the Inventory alert group. The Inventory alert group can be configured for periodic notification, as described in the “Configuring Periodic Notification” section. |
|
Router(cfg-call-home-profile)#
subscribe-to-alert-group syslog |
Subscribes this destination profile to the Syslog alert group. The Syslog alert group can be configured to filter messages based on severity, as described in the “Configuring Message Severity Threshold” section. You can specify a pattern to be matched in the syslog message. If the pattern contains spaces, you must enclose it in quotes (“”). |
|
Router(cfg-call-home-profile)# subscribe-to-alert-group crash |
Subscribes this destination profile to the Crash alert group. |
|
Exits the Call Home destination profile configuration submode. |
Configuring Periodic Notification
When you subscribe a destination profile to either the Configuration or the Inventory alert group, you can choose to receive the alert group messages asynchronously or periodically at a specified time. The sending period can be one of the following:
- Daily—Specify the time of day to send, using an hour:minute format hh:mm, with a 24-hour clock (for example, 14:30).
- Weekly—Specify the day of the week and time of day in the format day hh:mm, where the day of the week is spelled out (for example, monday).
- Monthly—Specify the numeric date, from 1 to 31, and the time of day, in the format date hh:mm.
Configuring Message Severity Threshold
When you subscribe a destination profile to the Diagnostic, Environment, or Syslog alert group, you can set a threshold for the sending of alert group messages based on the message’s level of severity. Any message with a value lower than the destination profile’s specified threshold is not sent to the destination.
The severity threshold is configured using the keywords in Table 64-1 , and ranges from catastrophic (level 9, highest level of urgency) to debugging (level 0, lowest level of urgency). If no severity threshold is configured, the default is normal (level 1).
Note Call Home severity levels are not the same as system message logging severity levels.
Configuring Syslog Pattern Matching
When you subscribe a destination profile to the Syslog alert group, you can optionally specify a text pattern to be matched within each syslog message. If you configure a pattern, a Syslog alert group message will be sent only if it contains the specified pattern and meets the severity threshold. If the pattern contains spaces, you must enclose it in quotes (“”) when configuring it. You can specify up to five patterns for each destination profile.
Configuring General E-Mail Options
To use the e-mail message transport service, you must configure at least one Simple Mail Transfer Protocol (SMTP) e-mail server address. You can configure these options:
- From and reply-to e-mail addresses, and up to four backup e-mail servers.
- Set a rate limit on e-mail or HTTP messages and specify the VPN routing or forwarding(VRF) instance name to send call-home e-mail messages.
- vrf and source-interface (or source-ip-address ) to send e-mail messages. To configure the above options to send http(s) messages, use the ip http client source-interface interface-name command in global configuration mode, where the source-interface can be associated with the VRF you would like to set.
Complete these steps to configure general e-mail options:
The following notes apply when configuring general e-mail options:
- Backup e-mail servers can be defined by repeating the mail-server command using different priority numbers.
- The mail-server priority number parameter can be configured from 1 to 100. The server with the highest priority (lowest priority number) will be tried first.
This example shows the configuration of general e-mail parameters, including a primary and secondary e-mail server:
Router(cfg-call-home)# mail-server smtp.example.com priority 1
Router(cfg-call-home)# mail-server 192.168.0.1 priority 2
Router(cfg-call-home)# sender from username@example.com
Testing Call Home Communications
You can test Call Home communications by sending messages manually using two command types. To send a user-defined Call Home test message, use the call-home test command. To send a specific alert group message, use the call-home send command.
Sending a Call Home Test Message Manually
To manually send a Call Home test message, perform this task:
Sending a Call Home Alert Group Message Manually
To manually trigger a Call Home alert group message, perform this task:
When manually sending Call Home alert group messages, note the following guidelines:
- Only the configuration, diagnostic, and inventory alert groups can be sent manually.
- When you manually trigger a configuration, diagnostic, or inventory alert group message and you specify a destination profile name, a message is sent to the destination profile regardless of the profile’s active status, subscription status, or severity setting.
- When you manually trigger a configuration or inventory alert group message and do not specify a destination profile name, a message is sent to all active profiles that have either a normal or periodic subscription to the specified alert group.
- When you manually trigger a diagnostic alert group message and do not specify a destination profile name, the command will cause the following actions:
– For any active profile that subscribes to diagnostic events with a severity level of less than minor, a message is sent regardless of whether the module or interface has observed a diagnostic event.
– For any active profile that subscribes to diagnostic events with a severity level of minor or higher, a message is sent only if the specified module or interface has observed a diagnostic event of at least the subscribed severity level; otherwise, no diagnostic message is sent to the destination profile.
Sending a Request for an Analysis and Report
You can use the call-home request command to submit information about your system, to receive information such as security alerts, known bugs, best practices, and command references.
Complete these steps to request report and analysis information from the Cisco Output Interpreter (COI) tool:
Follow these guidelines when manually sending a Call Home report and analysis request:
- If you specify a profile name , the request is sent to the profile, else the request is sent to the Cisco TAC profile. You need not enable the recipient profile for the call-home request . The profileis programmed to specify email address where the transport gateway is configured so that the request message is forwarded to the Cisco TAC and you receive the reply from the Smart Call Home service.
- The ccoid user-id is the registered identifier of the Smart Call Home user. If you specify the user-id, the response is sent to the email address of the registered user, else the response is sent to the contact email address of the device.
- Based on the keyword that specifies the report type requested, this information is returned:
– config-sanity —Information on best practices as related to the current running configuration.
– bugs-list —Known bugs in the running version and in the currently configured features.
– command-reference —Reference links to all commands in the running configuration.
– product-advisory —Product Security Incident Response Team (PSIRT) notices, End of Life (EOL) or End of Sales (EOS) notices, or field notices (FN) that may affect devices in your network.
This example shows a request for analysis of a user-specified show command:
Information About Crash Dump Reporting
The main feature of Call Home version 2 is crash dump reporting, which helps in troubleshooting. In the event of a crash, the necessary crash-related information is collected and stored in the crashinfo file in the router. The information is also collated into a Call Home message that the router forwards, either to the Smart Call Home backend server, or to users.
Crash dump reporting generates crash reports for the following:
- Active Supervisor crashes
- Standby Supervisor crashes
- Crashes of all line cards and service modules that run on IOS, and are supported on the 7600 chassis
The feature also helps collect tracebacks in real time for events such as nonfatal assertion failures, abnormal executions, and memory allocation failures. Crash dump reports are generated when the router configuration includes the email address of the customer.
If an email address is included, Cisco sends an email to the customer along with a generated HTTPS link (with an embedded token) at:
Note The remote command is not supported on the Cisco 7600 SIP-200 and Cisco 7600 SIP-400 line cards.
Prerequisites for Crash Dump Reporting
- Users must select the option to actively authorize the forwarding of information to Cisco.
- When configuring the router, users must opt for the crash dump feature.
- Preinstalled certificate authorities for IOS must be provided.
- Instead of connecting the networking equipment directly to the Internet, a gateway or HTTP proxy must be used.
- HTTP to HTTPS translation, using a gateway or proxy, must be enabled to support noncrypto images.
- A proxy or transport gateway must be used to provide an isolation layer between the customer network and the Internet.
- The router must be connected to an email server or the destination HTTP.
- The PI code is a prerequisite for the 7600 Series platform code to work.
- At least one Simple Mail Transfer Protocol (SMTP) email server address must be configured.
Note To get crash dump reports, a destination profile must be subscribed to the alert group, crash. For the procedure to do this, see “Subscribing to Alert Groups” section.
Configuring and Enabling Smart Call Home
For application and configuration information of the Cisco Smart Call Home service, see the “FastStart” section of the Smart Call Home User Guide at this location:
http://www.cisco.com/go/smartcall/
The user guide includes configuration examples for sending Smart Call Home messages directly from your device or through a transport gateway (TG) aggregation point. You can use a TG aggregation point in cases requiring support for multiple devices or in cases where security requirements mandate that your devices may not be connected directly to the Internet.
Because the Smart Call Home service uses HTTPS as the transport method, you must also configure its CA as a trustpoint, as described in the Smart Call Home User Guide .
Displaying Call Home Configuration Information
To display the configured Call Home information, perform this task:
Examples 55-2 to 55-8 show the results when using different options of the show call-home command.
Example 64-1 Configured Call Home Information
Example 64-2 Configured Call Home Information in Detail
Example 64-3 Available Call Home Alert Groups
Example 64-4 E-Mail Server Status Information
Example 64-5 Information for All Destination Profiles (Predefined and User-Defined)
Example 64-6 Information for a User-Defined Destination Profile
Default Settings
Table 64-2 lists the default Call Home settings.
Alert Group Trigger Events and Commands
Call Home trigger events are grouped into alert groups, with each alert group assigned CLI commands to execute when an event occurs. The CLI command output is included in the transmitted message. Table 64-3 lists the trigger events included in each alert group, including the severity level of each event and the executed CLI commands for the alert group.
Message Contents
The following tables display the content formats of alert group messages:
- Table 64-4 describes the content fields of a short text message.
- Table 64-5 describes the content fields that are common to all long text and XML messages. The fields specific to a particular alert group message are inserted at a point between the common fields. The insertion point is identified in the table.
- Table 64-6 describes the inserted content fields for reactive messages (system failures that require a TAC case) and proactive messages (issues that might result in degraded system performance).
- Table 64-7 describes the inserted content fields for an inventory message.
Name of message. Specific event names are listed in the “Alert Group Trigger Events and Commands” section. |
||
Severity level of message (see Table 64-1). |
||
Unique device identifier (UDI) for end device generating message. This field should be empty if the message is nonspecific to a fabric switch. The format is type @ Sid @ seria l. |
||
Optional user-configurable field used for contract information or other ID by any support service. |
||
Optional user-configurable field used for contract information or other ID by any support service. |
||
Optional user-configurable field used for Cisco-supplied site ID or other data meaningful to alternate support service. |
||
If the message is generated from the fabric switch, this is the unique device identifier (UDI) of the switch. The format is type @ Sid @ seria l. |
||
Node that experienced the event. This is the host name of the device. |
||
Name of person to contact for issues associated with the node experiencing the event. |
||
E-mail address of person identified as contact for this unit. |
||
Phone number of the person identified as the contact for this unit. |
||
Optional field containing street address for RMA part shipments associated with this unit. |
||
Model name of the switch. This is the specific model as part of a product family name. |
||
|
The following fields may be repeated if multiple CLI commands are executed for this alert group. |
||
Output of command automatically executed (see Table 64-3). |
||
CallHome/Device/Cisco_Chassis/Cisco_Card/SoftwareIdentity/VersionString |
||
CallHome/Device/Cisco_Chassis/Cisco_Card/SoftwareIdentity/VersionString |
Sample Syslog Alert Notification in Long-Text Format
Sample Syslog Alert Notification in XML Format
<aml-session:Session xmlns:aml-session="http://www.example.com/2004/01/aml-session" soap-env:mustUnderstand="true" soap-env:role="http://www.w3.org/2003/05/soap-envelope/role/next">
<ch:MessageDescription>03:29:29: %CLEAR-5-COUNTERS: Clear counter on all interfaces by console</ch:MessageDescription>
Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)
Cisco IOS Software, s72033_rp Software (s72033_rp-ADVENTERPRISEK9_DBG-VM), Experimental Version 12.2(20070421:012711)
00:03:07: %C6K_PLATFORM-SP-4-CONFREG_BREAK_ENABLED: The default factory setting for config register is 0x2102.It is advisable to retain 1 in 0x2102 as it prevents returning to ROMMON when break is issued.
Cisco IOS Software, s72033_sp Software (s72033_sp-ADVENTERPRISEK9_DBG-VM), Experimental Version 12.2(20070421:012711)
00:03:18: %C6KPWR-SP-4-PSREDUNDANTBOTHSUPPLY: in power-redundancy mode, system is operating on both power supplies.
00:03:22: %C6KPWR-SP-4-PSNOREDUNDANCY: Power supplies are not in full redundancy, power usage exceeds lower capacity supply
00:01:51: %MFIB_CONST_RP-6-REPLICATION_MODE_CHANGE: Replication Mode Change Detected. Current system replication mode is Ingress
00:04:01: %OIR-SP-6-DOWNGRADE: Fabric capable module 3 not at an appropriate hardware revision level, and can only run in flowthrough mode
00:05:31: %SPAN-SP-6-SPAN_EGRESS_REPLICATION_MODE_CHANGE: Span Egress HW Replication Mode Change Detected. Current replication mode for unused asic session 0 is Centralized
00:05:31: %SPAN-SP-6-SPAN_EGRESS_REPLICATION_MODE_CHANGE: Span Egress HW Replication Mode Change Detected. Current replication mode for unused asic session 1 is Centralized
00:04:30: %XDR-6-XDRIPCNOTIFY: Message not sent to slot 4/0 (4) because of IPC error timeout. Disabling linecard. (Expected during linecard OIR)
Feedback