cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
402
Views
0
Helpful
1
Replies

CSS not working

shibindong
Level 1
Level 1

still facing some problem and need someone help me find out where the problems are:

please see the attached diagram: 2 syslog servers have DG to 10.122.70.15, which is the VIP in CSS, CSS use layer 3 approach, and configure default route point to 10.122.70.1 which is router. two CSSs are running ASR redundancy:

CSS1:

!*************************** GLOBAL ***************************

flow-state flow-disable timeout 10

flow-state 514 udp flow-disable nat-enable

ip route 0.0.0.0 0.0.0.0 10.122.70.1 1

ip route 10.122.56.0 255.255.255.0 10.122.25.1 1

!************************* INTERFACE *************************

interface 1/1

trunk

vlan 25

vlan 70

interface 1/2

isc-port-one

interface 2/1

trunk

vlan 25

vlan 70

!************************** CIRCUIT **************************

circuit VLAN25

description "Management VLAN 25"

ip address 10.122.25.36 255.255.255.0

circuit VLAN70

ip address 10.122.70.30 255.255.255.0

ip virtual-router 1 priority 101

ip redundant-vip 1 10.122.70.15

!************************** SERVICE *************************

service Server13

ip address 10.122.70.13

port 514

protocol udp

redundant-index 1

active

service Server14

ip address 10.122.70.14

port 514

protocol udp

redundant-index 2

active

!*************************** OWNER ***************************

owner L3_Owner

content L3_Rule_syslog

redundant-index 3

add service Server13

add service Server14

vip address 10.122.70.15

protocol udp

port 514

balance srcip

active

CSS2:

!*************************** GLOBAL ***************************

flow-state flow-disable timeout 10

flow-state 514 udp flow-disable nat-enable

ip route 0.0.0.0 0.0.0.0 10.122.70.1 1

ip route 10.122.56.0 255.255.255.0 10.122.25.1 1

!************************* INTERFACE *************************

interface 1/1

trunk

vlan 25

vlan 70

interface 1/2

isc-port-one

interface 2/1

trunk

vlan 25

vlan 70

!************************** CIRCUIT **************************

circuit VLAN25

description "Management VLAN 25"

ip address 10.122.25.37 255.255.255.0

circuit VLAN70

ip address 10.122.70.31 255.255.255.0

ip virtual-router 1

ip redundant-vip 1 10.122.70.15

!************************** SERVICE *************************

service Server13

ip address 10.122.70.13

port 514

protocol udp

redundant-index 1

active

service Server14

ip address 10.122.70.14

port 514

protocol udp

redundant-index 2

active

!*************************** OWNER ***************************

owner L3_Owner

content L3_Rule_syslog

redundant-index 3

add service Server13

add service Server14

vip address 10.122.70.15

protocol udp

port 514

balance srcip

active

i have 2 client throw syslog traffic to 10.122.70.15, i but i can find only 1 server been logged into server13, cannot find the other client syslog in any of servers. can someone help me to find out where is the problem?

another question is: I should set the default gateway of server to VIP of CSS, right or not?

1 Reply 1

shibindong
Level 1
Level 1

please find the attachment

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: