Effective December 3, NetApp adopts Microsoft’s Business-to-Customer (B2C) identity management to simplify and provide secure access to NetApp resources.
For accounts that did not pre-register (prior to Dec 3), access to your NetApp data may take up to 1 hour as your legacy NSS ID is synchronized to the new B2C identity.
To learn more, read the FAQ and watch the video.
Need assistance? Complete this form and select “Registration Issue” as the Feedback Category.

ONTAP Discussions

Syslog Traffic not sending through 1 node of cluster

mwolosch

I have a 6 node cluster running 8.3.1P2 that has 1 node that is not able to send syslog traffic using udp 514 traffic through the firewall.  The other 5 nodes can send through with no problem.  I have configured the event destination show with the syslog destination server and also configured the event route add-destinations -messagename * -destinations allevents.

 

Ran a pktt trace with the following:

 

1) Start the packet trace:

sxvdicl01::> node run -node SXVDINO01 pktt start all -d /etc/crash

2) Run the following cluster commands:

::> date

::> network ping -node SXDINO01 -destination <syslog-destination-IP>

::> network traceroute -node SXVDINO01 -destination <syslog-destination-IP> -port 514

::> set d; event generate -messagename asup.general.create -values “Packet Trace Test”, 2

::> network ping -node SXVDINO01 -destination <syslog-destination-IP>

::> date

3) End the packet trace:

sxvdicl01::> node run -node SXVDINO01 pktt stop all

 

From the firewall side, they can see my icmp traffic going through the firewall and ping is successful.  They can also see the traceroute information failing since that is blocked on the firewall side.  They are just not able to see any UDP 514 traffic passing through or coming out of the node.  I logged onto the node directly and entered the username and password several times to generate the syslog traffic while the pktt trace was running and still no syslog traffic was being received on the firewall side.

 

Any other ideas on what I can troubleshot as to why only one node is not getting through the firewall?  I have also verified that the IP of the node mgmt is part of the firewall rule.

 

I can't upload the pktt trace since it contains IP addresses.

0 REPLIES 0
Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public