We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Solved
Cisco syslog Server Pt2
Posted on 2012-12-27
Hello Experts
Can someone please tell me why I'm able to send syslog messages to the syslog server shown in the diagram from R4 on interface e1/1 but not on e1/3 or fas 0/0. Also why I can send syslog messages from R1 on e1/3 but not on eth 1/1 or eth 1/2.
Please see configs
Cheers
Carlton
16-44-28--R1-127.0.0.1-.txt
16-44-31--R4-127.0.0.1-.txt
16-44-35--R2-127.0.0.1-.txt
16-44-38--R3-127.0.0.1-.txt
newscreen.png
Can someone please tell me why I'm able to send syslog messages to the syslog server shown in the diagram from R4 on interface e1/1 but not on e1/3 or fas 0/0. Also why I can send syslog messages from R1 on e1/3 but not on eth 1/1 or eth 1/2.
Please see configs
Cheers
Carlton
16-44-28--R1-127.0.0.1-.txt
16-44-31--R4-127.0.0.1-.txt
16-44-35--R2-127.0.0.1-.txt
16-44-38--R3-127.0.0.1-.txt
newscreen.png
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
4 Comments
Active today
As the syslog messages are usually sent via UDP, the source address shouldn't really matter ... out of curiosity, can you do a ping to the syslog server with the different interfaces as source? Also, what sort of syslog server are you using? I suppose there aren't any access rules or IP filters configured? Any chance of doing a tcpdump/wireshark capture on the syslog server?
Hello,
Routing table by syslog IP address tells router on which interface to send syslog messages.
So in your case for routers R1 and R4 to reach syslog server at 192.168.1.2, syslog packets will go out e1/3 on R1, and e1/1 on R4.
Normally, a syslog message contains the IP address of the interface it uses to leave the router. The logging source-interface command specifies that syslog packets contain the IP address of a particular interface, regardless of which interface the packet uses to exit the router.
So you can't force router to send syslog through particular interface (theoretically you can by setting static route or PBR, but I don't see any valid reason to do it), you can only set IP address in the syslog message by which you will identify router.
Regards!
Routing table by syslog IP address tells router on which interface to send syslog messages.
So in your case for routers R1 and R4 to reach syslog server at 192.168.1.2, syslog packets will go out e1/3 on R1, and e1/1 on R4.
Normally, a syslog message contains the IP address of the interface it uses to leave the router. The logging source-interface command specifies that syslog packets contain the IP address of a particular interface, regardless of which interface the packet uses to exit the router.
So you can't force router to send syslog through particular interface (theoretically you can by setting static route or PBR, but I don't see any valid reason to do it), you can only set IP address in the syslog message by which you will identify router.
Regards!
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month4 days, 15 hours left to enroll
670 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.