[nsp] Default syslog source-interface

John Kristoff jtk at northwestern.edu
Thu Jan 22 14:04:47 EST 2004


On Thu, 22 Jan 2004 13:35:20 -0500
Peter Gutierrez <peterg at nic.umass.edu> wrote:

> I can't verify since we always use `logging source-interface Loopback0` 
> in the config, but I think the egress interface for the packets going 
> to the syslog host is used.

Multiple people told me this privately also and that is what I would
have thought, however...

I ran into a case where syslog messages were not showing up on a
remote server.  After some toying with the config, I specifically
set 'logging interface vlan XYZ' where XYZ is a VLAN with the subnet
of the directly attached log server.  Setting source-interface to
the directly connected vlan fixed the problem (verified multiple
times by doing a 'no logging source-interface'.

There is a secondary IP and a HSRP virtual IP on this interface also,
but even if it used one of those IPs I would expect the messages to
get through.  There are also ingress and egress ACLs on the interface,
but if I recall, those should not interfere with packets source from
the router.  It doesn't appear that anything on the server would be
preventing messages from arriving either.

John


More information about the cisco-nsp mailing list