Guest

Preview Tool

Cisco Bug: CSCvt10990 - VSM does not send logs to a secondary reliable TCP server when primary one is not available

Last Modified

Oct 01, 2020

Products (1)

  • Cisco ASR 9000 Series Aggregation Services Routers

Known Affected Releases

5.3.4.MGBL

Description (partial)

Symptom:
Our customer is using two reliable external syslog servers to send CGN stats from one VSM module:  
service cgn FWNAT
 service-location preferred-active 0/2/CPU0
 service-type nat44 FWNAT44
  portlimit 1024
  dynamic-port-range start 32768
  alg pptpAlg
  inside-vrf mvno_nat
   map outsideServiceApp ServiceApp2 address-pool 93.32.128.0/17
   external-logging syslog
    server
     address 10.0.121.33 port 4515
      path-mtu 1280
      protocol tcp
     !
     address 26.0.128.14 port 4515
      path-mtu 1280
      protocol tcp
     !
    !
   !
   bulk-port-alloc size 1024
  !
  inside-vrf mvno_nat2
   map outsideServiceApp ServiceApp4 address-pool 93.33.0.0/17
   external-logging syslog
    server
     address 10.0.121.33 port 4515
      path-mtu 1280
      protocol tcp
     !
     address 26.0.128.14 port 4515
      path-mtu 1280
      protocol tcp
     !
    !
   !
   bulk-port-alloc size 1024
  !
  protocol udp
   session initial timeout 30
   session active timeout 60
  !
  protocol tcp
   session initial timeout 30
   session active timeout 1680
  !
  refresh-direction Outbound
 !
!
due to routing problems the server with IP 10.0.121.33 was unreachable. 
Server with 26.0.128.14 did not have any problem.

For some reason both the log communications went down.
We saw the device was trying to initialize only the connection with 10.0.121.33 only:


   PCB     VRF-ID     Recv-Q Send-Q Local Address          Foreign Address        State
0x11119144 0x60000000      0      0  10.102.31.217:52723    10.0.121.33:4515       SYNSENT

When they fixed the problem with 10.0.121.33, that both the session came up again:
   PCB     VRF-ID     Recv-Q Send-Q Local Address          Foreign Address        State
0x1114164c 0x60000000      0      0  10.102.29.226:41013    26.0.128.14:4515       ESTAB
0x11119144 0x60000000      0      0  10.102.31.217:48869    10.0.121.33:4515       ESTAB

Conditions:
Two reliable (TCP) syslog servers on one VSM module
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.