Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1515
Views
0
Helpful
5
Replies

Configuration of logging message on a syslog server in VRF environnement

r.laurent
Level 1
Level 1

‎08-04-2010 05:40 AM - edited ‎03-06-2019 12:18 PM

Hello,

I have a problem with the configuration of logging on a VRF environnement.

The switch is a Ctalyst 3750 (version 12.2.53(SE2)).

The configuration is the following

version 12.2
no service pad
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
service sequence-numbers
!
hostname test
!
boot-start-marker
boot-end-marker
!
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login nolog none
!
!
!
aaa session-id common
clock timezone FR-HIVER 1
clock summer-time FR-ETE recurring last Sun Mar 2:00 last Sun Oct 3:00
switch 1 provision ws-c3750g-24ts
system mtu routing 1500
authentication mac-move permit
udld aggressive

ip subnet-zero
ip routing
!
!
ip vrf SRV
!
ip vrf TOIP
!
ip vrf USR
!
!
!
!
port-channel load-balance src-dst-ip
!
spanning-tree mode rapid-pvst
spanning-tree portfast bpduguard default
spanning-tree portfast bpdufilter default
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
spanning-tree vlan 1-1000 priority 4096
!
vlan internal allocation policy ascending
!
!
!
!
interface GigabitEthernet1/0/1
switchport access vlan 3
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/3
switchport access vlan 2
switchport mode access
spanning-tree portfast

!
interface GigabitEthernet1/0/4
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/5
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/6
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/7
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/8
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/9
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/10
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/11
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/12
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/13
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/14
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/15
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/16
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/17
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/18
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/19
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/20
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/21
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/22
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/23
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/24
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/25
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/26
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/27
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/28
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface Vlan2
description VLAN User
ip vrf forwarding USR
ip address 192.168.2.254 255.255.255.0
!
interface Vlan3
description VLAN SERVEUR
ip vrf forwarding SRV
ip address 192.168.3.254 255.255.255.0
!
ip classless
ip http server
ip http secure-server
!
!
!
ip sla enable reaction-alerts
logging trap
logging facility local7
logging host 192.168.3.1 vrf SRV
!
!
line con 0
password system
login authentication nolog
line vty 0 4
exec-timeout 60 0
privilege level 15
password system
logging synchronous
line vty 5 15
privilege level 15
password system
!
end

I have connected my syslog server on the port 3 (vlan 3 in VRF SRV) and I don't receive any syslog message.

I have tried with a default configuration (without VRF) and it's OK...

So, could you explain to me if I do a mistake on my configuration?

Regards.

Laurent.

Labels:
0 Helpful
5 Replies 5

Collin Clark
VIP Alumni
VIP Alumni

‎08-04-2010 06:41 AM

Laurent-

We wanted to setup a management VRF and ran into the issue. TAC confirmed that you can't source logging from a VRF, it can only come from global.

Hope it helps.

0 Helpful

r.laurent
Level 1
Level 1
In response to Collin Clark

‎08-04-2010 07:09 AM

Hi Collin,

Thank your response.

I found this document (version 12.2SR) on the web (http://www.cisco.com/en/US/docs/ios/12_2sr/12_2sra/feature/guide/srvrfslg.html#wp1067039). This document explain the procedure to configure a syslog server in a VRF environnement. Is it obsolete?

On the userguide of the version of my catalyst 3750 (12.2.53(SE2)), we can find the following procedure :

User Interface for Syslog
Step 1configure terminal
Enter global configuration mode.
Step 1 : logging on
Enable or temporarily disable logging of storage router event message.
Step 2 : logging host ip address vrf vrf name
Specify the host address of the syslog server where logging messages are to be sent.
Step 3 : logging buffered logging buffered size debugging
Log messages to an internal buffer.
Step 4 : logging trap debugging
Limit the logging messages sent to the syslog server.
Step 5 : logging facility facility
Send system logging messages to a logging facility.

So, this procedure doesn't work?

Could you create a new version to issue this problem?

Regards.

Laurent.

0 Helpful

Collin Clark
VIP Alumni
VIP Alumni
In response to r.laurent

‎08-04-2010 07:22 AM

We only tried to log from the VRF on routers. I do have a spare 3750X so maybe I'll lab it up and see if it works.

Could you create a new version to issue this problem?

I'm not sure what you mean by this, can you clarify?

0 Helpful

r.laurent
Level 1
Level 1
In response to Collin Clark

‎08-04-2010 07:28 AM

Could you create a new version to issue this problem?

I'm not sure what you mean by this, can you clarify?

I wanted to know if Cisco will developp on the Ctalyst 3750 a new version enable to log message in a VRF environnement.

Regards.

Laurent.

0 Helpful

Collin Clark
VIP Alumni
VIP Alumni
In response to r.laurent

‎08-04-2010 07:31 AM

That would have to be a feature request that you send up through your local Cisco SE.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card