Forum Discussion
11.4.1 syslog default local IP?
I think there are two issues here.
The first is that the source address that gets used for syslog will default to the self-ip or mgmt address on the outbound interface, but can be overridden with the local-ip parameter on a per-remote-server basis:
Example:
tmsh modify sys syslog remote-servers add { syslogservername { local-ip 1.2.3.4 host 5.5.5.5 remote-port 514 } }
In the GUI, this is under system / logs / configuration / remote-logging
The second issue is that the interface selected to reach the syslog server will follow the ip route table. tmm routes are copied into the linux routing table, so if you have a tmm default route (network / routes), and the syslog server is not directly connected, then this route will be used, and the self-ip on the outbound interface will be the source address.
In many cases, customers desire the management address to be used, so big-ip provides a management-route command, which I believe can only be configured via the tmsh commandline, and this creates routes in the linux routing table. You would typically create a route for the subnet of your syslog servers, and set the gateway to the IP of the router on your management network.
For more information, please see SOL13284
Help guide the future of your DevCentral Community!
What tools do you use to collaborate? (1min - anonymous)Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com