Forum Discussion
AltocumulusSend syslog to host on non-zero route domain v11.1+
Some time ago, I asked this question for v10. Now in v11.1 onwards, the behaviour has changed.
How can I send syslog messages to an address on a route domain other than %0 ?
I know it can be done with the log command in an irule: log 10.1.1.1%1 local0. "blah", but I want to log locally as well as to a remote syslog server, so I need to either include two log statements in my rules, or use the syslog configuration from the shell.
Under v10 I used the special IPv6 address which gave access to the IPv4 address with route domain. This no longer works.
Nor does specifying the address with %route domain. Below is an example I have tried:
destination d_mylogging{
my custom local file
file(\"/var/log/local/mylog\" create_dirs(yes));
this is accepted but doesn't work:
udp(\"10.1.1.1%1\" port(514));
this is accepted but doesn't work (but did under 10.x):
udp6(\"2620:0:c10:f501:0:1:a01:101\" port(514));
};
Can anyone suggest how to get around this?
4 Replies
Syslog is not aware of the Route Domain syntax, and since v11.1, the conversion to IPv6 no longer works.
The solution is to create a dummy Virtual Server configured on the default route domain; with the syslog server as the pool member.
Here's an example:
root@(b16b)(cfg-sync Standalone)(Active)(/Common)(tmos) list sys syslog remote-servers sys syslog { remote-servers { remsys { host 10.1.1.117 } } } root@(b16b)(cfg-sync Standalone)(Active)(/Common)(tmos) list ltm virtual syslog_vip ltm virtual syslog_vip { destination 10.1.1.117:514 mask 255.255.255.255 pool syslog_pool profiles { fastL4 { } } snat automap vlans-disabled } root@(b16b)(cfg-sync Standalone)(Active)(/Common)(tmos) list ltm pool syslog_pool ltm pool syslog_pool { members { 172.28.4.187%1:514 { address 172.28.4.187%1 } } } root@(b16b)(cfg-sync Standalone)(Active)(/Common)(tmos) list net route-domain net route-domain 0 { description "Default Route Domain" id 0 strict disabled vlans { internal } } net route-domain rd1 { id 1 parent 0 strict disabled vlans { external } }
uniThanks Jason. I explored this option, but unfortunately I cannot turn off strict isolation.
Syslog is not aware of the Route Domain syntax, and since v11.1, the conversion to IPv6 no longer works.
The solution is to create a dummy Virtual Server configured on the default route domain; with the syslog server as the pool member.
Here's an example:
root@(b16b)(cfg-sync Standalone)(Active)(/Common)(tmos) list sys syslog remote-servers sys syslog { remote-servers { remsys { host 10.1.1.117 } } } root@(b16b)(cfg-sync Standalone)(Active)(/Common)(tmos) list ltm virtual syslog_vip ltm virtual syslog_vip { destination 10.1.1.117:514 mask 255.255.255.255 pool syslog_pool profiles { fastL4 { } } snat automap vlans-disabled } root@(b16b)(cfg-sync Standalone)(Active)(/Common)(tmos) list ltm pool syslog_pool ltm pool syslog_pool { members { 172.28.4.187%1:514 { address 172.28.4.187%1 } } } root@(b16b)(cfg-sync Standalone)(Active)(/Common)(tmos) list net route-domain net route-domain 0 { description "Default Route Domain" id 0 strict disabled vlans { internal } } net route-domain rd1 { id 1 parent 0 strict disabled vlans { external } }- uniThanks Jason. I explored this option, but unfortunately I cannot turn off strict isolation.
