Monday, January 19, 2015

A NX-OS logging default vrf tip

If your having problems with the SYSLOG logging, you need to be  made aware that the interface used is always the "management vrf" be default .

Just by configuring the "source" interface for SYSLOG  with in the NX-OS configuration, will NOT cause the SYSLOG to work using that interface that's defined if it's not part of the management vrf.

My local interface for logging as defined in the logging configuration;

logging source-interface Vlan200

Where is clearly not  defined in any vrf so it's in the "default" vrf table.

interface Vlan200
  no shutdown
  mtu 1500
  ip address

So if you look closely  in my logging configuration screenshot  you will see the issue on how you correct this;

Notice you have to get the logging server defined to use "default" vrs "management"

And now a simple tshark dump using syslog for the display filter , will shows my log messages are actually be sent and received;

Just a quick tip if your ever  wondering why your  syslog does not work. You can also validate using the following show command "show logging server"

Ken Felix
NSE ( Network Security Expert) and Route/Switching Engineer.
kfelix  -----a----t---- socpuppets ---dot---com

    ^     ^
=(  *  * )=
       /  \

No comments:

Post a Comment