Configuration of logging message on a syslog server in VRF environnement

Unanswered Question
Aug 4th, 2010
User Badges:

Hello,


I have a problem with the configuration of logging on a VRF environnement.


The switch is a Ctalyst 3750 (version 12.2.53(SE2)).


The configuration is the following


version 12.2
no service pad
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
service sequence-numbers
!
hostname test
!
boot-start-marker
boot-end-marker
!
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login nolog none
!
!
!
aaa session-id common
clock timezone FR-HIVER 1
clock summer-time FR-ETE recurring last Sun Mar 2:00 last Sun Oct 3:00
switch 1 provision ws-c3750g-24ts
system mtu routing 1500
authentication mac-move permit
udld aggressive


ip subnet-zero
ip routing
!
!
ip vrf SRV
!
ip vrf TOIP
!
ip vrf USR
!
!
!
!
port-channel load-balance src-dst-ip
!
spanning-tree mode rapid-pvst
spanning-tree portfast bpduguard default
spanning-tree portfast bpdufilter default
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
spanning-tree vlan 1-1000 priority 4096
!
vlan internal allocation policy ascending
!
!
!
!
interface GigabitEthernet1/0/1
switchport access vlan 3
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/3
switchport access vlan 2
switchport mode access
spanning-tree portfast


!
interface GigabitEthernet1/0/4
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/5
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/6
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/7
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/8
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/9
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/10
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/11
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/12
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/13
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/14
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/15
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/16
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/17
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/18
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/19
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/20
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/21
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/22
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/23
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/24
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/25
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/26
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/27
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/28
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface Vlan2
description VLAN User
ip vrf forwarding USR
ip address 192.168.2.254 255.255.255.0
!
interface Vlan3
description VLAN SERVEUR
ip vrf forwarding SRV
ip address 192.168.3.254 255.255.255.0
!
ip classless
ip http server
ip http secure-server
!
!
!
ip sla enable reaction-alerts
logging trap
logging facility local7
logging host 192.168.3.1 vrf SRV
!
!
line con 0
password system
login authentication nolog
line vty 0 4
exec-timeout 60 0
privilege level 15
password system
logging synchronous
line vty 5 15
privilege level 15
password system
!
end


I have connected my syslog server on the port 3 (vlan 3 in VRF SRV) and I don't receive any syslog message.


I have tried with a default configuration (without VRF) and it's OK...


So, could you explain to me if I do a mistake on my configuration?


Regards.


Laurent.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Wed, 08/04/2010 - 06:41
User Badges:
  • Purple, 4500 points or more

Laurent-


We wanted to setup a management VRF and ran into the issue. TAC confirmed that you can't source logging from a VRF, it can only come from global.


Hope it helps.

r.laurent Wed, 08/04/2010 - 07:09
User Badges:

Hi Collin,


Thank your response.


I found this document (version 12.2SR) on the web (http://www.cisco.com/en/US/docs/ios/12_2sr/12_2sra/feature/guide/srvrfslg.html#wp1067039). This document explain the procedure to configure a syslog server in a VRF environnement. Is it obsolete?


On the userguide of the version of my catalyst 3750 (12.2.53(SE2)), we can find the following procedure :


User Interface for Syslog
Step 1configure terminal
Enter global configuration mode.
Step 1 : logging on
Enable or temporarily disable logging of storage router event message.
Step 2 : logging host ip address vrf vrf name
Specify the host address of the syslog server where logging messages are to be sent.
Step 3 : logging buffered logging buffered size debugging
Log messages to an internal buffer.
Step 4 : logging trap debugging
Limit the logging messages sent to the syslog server.
Step 5 : logging facility facility
Send system logging messages to a logging facility.


So, this procedure doesn't work?

Could you create a new version to issue this problem?



Regards.


Laurent.

Collin Clark Wed, 08/04/2010 - 07:22
User Badges:
  • Purple, 4500 points or more

We only tried to log from the VRF on routers. I do have a spare 3750X so maybe I'll lab it up and see if it works.


Could you create a new version to issue this problem?

I'm not sure what you mean by this, can you clarify?

r.laurent Wed, 08/04/2010 - 07:28
User Badges:

Could you create a new version to issue this problem?

I'm not sure what you mean by this, can you clarify?


I wanted to know if Cisco will developp on the Ctalyst 3750 a new version enable to log message in a VRF environnement.


Regards.


Laurent.

Collin Clark Wed, 08/04/2010 - 07:31
User Badges:
  • Purple, 4500 points or more

That would have to be a feature request that you send up through your local Cisco SE.

Actions

This Discussion