IPv6 VRF Aware
System Message Logging
The IPv6 VRF Aware System Message Logging feature enables a
device to send system logging (syslog) messages to an IPv6-enabled syslog
server connected through a VPN routing and forwarding (VRF) interface. You can
use the logging information for network monitoring and troubleshooting. This
feature extends this capability to network traffic connected through VRFs.
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Prerequisites for
IPv6 VRF Aware System Message Logging
You must configure a
VPN routing and forwarding (VRF) instance on a routing device and associate the
VRF with an interface before you can configure the IPv6 VRF Aware System
Message Logging feature.
Restrictions for
IPv6 VRF Aware System Message Logging
You cannot specify a source address for virtual routing and forwarding
(VRF) system logging messages. The IPv6 VRF Aware System Message Logging
feature uses the VRF interface address as the source address for all VRF aware
system logging messages.
Information About IPv6 VRF Aware System Message Logging
Benefits of VRF
Aware System Message Logging
A VPN routing and
forwarding (VRF) instance is an extension of IP routing that provides multiple
routing instances. A VRF provides a separate IP routing and forwarding table to
each VPN. You must configure a VRF on a routing device before you configure the
VRF Aware System Message Logging feature.
After you configure
the VRF Aware System Message Logging feature on a routing device, the device
can send system logging (syslog) messages to a syslog host through a VRF
interface. Then you can use logging messages to monitor and troubleshoot
network traffic connected through a VRF. If the VRF Aware System Message
Logging feature is not configured on a routing device, the routing device sends
syslog messages to the syslog host only through the global routing table.
You can receive
system logging messages through a VRF interface on any device configured with a
VRF, that is:
-
On a provider
edge (PE) device that is used with Multiprotocol Label Switching (MPLS) and
multiprotocol Border Gateway Protocol (BGP) to provide a Layer 3 MPLS VPN
network service.
-
On a customer
edge (CE) device that is configured for VRF-Lite, which is a VRF implementation
without multiprotocol BGP.
VRF Aware System
Message Logging on a Provider Edge Device in an MPLS VPN Network
You can configure
the VRF Aware System Message Logging feature on a provider edge (PE) device in
a Layer 3 Multiprotocol Label Switching (MPLS) VPN network. The PE device can
then send system logging (syslog) messages through a VPN routing and forwarding
(VRF) interface to a syslog server located in the VPN.
The figure below
shows an MPLS VPN network and the VRF Aware System Message Logging feature
configured on a PE device associated with VRF VPN1. The PE device sends log
messages through a VRF interface to a syslog server located in VPN1. You can
display the messages from the syslog server on a terminal.
Figure 1. MPLS VPN and VRF Aware
System Message Logging Configured on a Provider Edge Device
VRF Aware System
Message Logging on a Customer Edge Device with VRF-Lite Configured
You can configure
the VRF Aware System Message Logging feature on a customer edge (CE) device
configured with the VRF-Lite feature. The CE device can then send system
logging (syslog) messages through a VPN routing and forwarding (VRF) interface
to syslog servers in multiple VPNs. The CE device can be either a router or a
switch.
The figure below
shows the VRF Aware System Message Logging feature configured on a VRF-Lite CE
device. The CE device can send VRF syslog messages to syslog servers in the
VPN1 network or the VPN2 network or to servers in both VPN1 and VPN2 networks.
You can configure multiple VRFs on a VRF-Lite CE device, and the device can
serve many customers.
Figure 2. VRF Aware System Message
Logging Configured on a VRF-Lite Customer Edge Device
Message Levels for
Logging Commands
The table below
lists message levels for
logging
commands that you can use when you configure the VRF Aware System Message
Logging feature. Information provided in the table below includes keyword level
names and numbers, their description, and the associated syslog definitions.
You can use either the level name or the level number with the
logging trap
level and
logging buffered
severity-level commands.
Table 1 Message Levels for logging
Commands
Level Name
|
Level
Number
|
Description
|
Syslog
Definition
|
emergencies
|
0
|
System
unusable
|
LOG_EMERG
|
alerts
|
1
|
Immediate
action needed
|
LOG_ALERT
|
critical
|
2
|
Critical
conditions
|
LOG_CRIT
|
errors
|
3
|
Error
conditions
|
LOG_ERR
|
warnings
|
4
|
Warning
conditions
|
LOG_WARNING
|
notifications
|
5
|
Normal
but significant condition
|
LOG_NOTICE
|
informational
|
6
|
Informational messages only
|
LOG_INFO
|
debugging
|
7
|
Debugging
messages
|
LOG_DEBUG
|
How to Configure IPv6 VRF Aware System Message Logging
Configuring VRF on
a Routing Device
Configuring a VPN
routing and forwarding (VRF) instance on a routing device helps provide
customer connectivity to a VPN. The routing device can be a provider edge (PE)
device connected to a Multiprotocol Label Switching (MPLS) VPN network or a
customer edge (CE) device that is configured for VRF-Lite.
SUMMARY STEPS1.
enable
2.
configure terminal
3.
vrf definition
vrf-name
4.
address-family ipv6
5.
end
DETAILED STEPS | Command or Action | Purpose |
---|
Step 1 | enable
Example:
Device> enable
|
Enables
privileged EXEC mode.
- Enter your password if
prompted.
|
Step 2 | configure terminal
Example:
Device# configure terminal
|
Enters global
configuration mode.
|
Step 3 | vrf definition
vrf-name
Example:
Device (config)# vrf definition vpn1
|
Defines a VRF
instance and enters VRF configuration mode.
|
Step 4 | address-family ipv6
Example:
Device(config-vrf)# address-family ipv6
|
Enables IPv6
address-family for the defined VRF and enters address family configuration
mode.
|
Step 5 | end
Example:
Device(config-vrf-af)# end
|
Exits address
family configuration mode and returns to privileged EXEC mode.
|
Associating a VRF
with an Interface
After configuring
the VPN routing and forwarding (VRF) instance and associating it with an
interface, you can configure the VRF Aware System Message Logging feature on
the routing device.
 Note |
You cannot
configure a source address for VRF system logging messages. The VRF Aware
System Message Logging feature uses the VRF interface address as the source
address for all VRF-aware system logging messages.
|
Before You Begin
A VRF must be
associated with an interface before you can forward VPN traffic.
SUMMARY STEPS1.
enable
2.
configure terminal
3.
interface
type
number
4.
vrf forwarding
vrf-name
5.
no ipv6 address
6.
ipv6 address
address.prefix
7.
end
DETAILED STEPS | Command or Action | Purpose |
---|
Step 1 | enable
Example:
Device> enable
|
Enables
privileged EXEC mode.
- Enter your password if
prompted.
|
Step 2 | configure terminal
Example:
Device# configure terminal
|
Enters global
configuration mode.
|
Step 3 | interface
type
number
Example:
Device (config)# interface FastEthernet 0/0/0
|
Configures an
interface type and enters interface configuration mode.
-
The
type argument
is the type of interface to be configured.
-
The
number
argument is the port, connector, or interface card number. The numbers are
assigned at the factory at the time of installation or when the port,
connector, or interface card is added to a system. Use the
show
interfaces command in privileged EXEC mode to view the available
interfaces.
|
Step 4 | vrf forwarding
vrf-name
Example:
Device(config-if)# vrf forwarding vpn1
|
Associates a
VRF with an interface or subinterface.
|
Step 5 | no ipv6 address
Example:
Device(config-if)# no ipv6 address
|
Removes the
existing IPv6 address set for an interface.
|
Step 6 | ipv6 address
address.prefix
Example:
Device(config-if)# ipv6 address 2001:DB8::1/32
|
Assigns an
IPv6 address for the interface.
|
Step 7 | end
Example:
Device(config-if)# end
|
Exits
interface configuration mode and returns to privileged EXEC mode.
|
Configuring VRF as
a Source Interface for Logging on a Routing Device
Before You Begin
You must perform
the following tasks before you perform this task:
SUMMARY STEPS1.
enable
2.
configure terminal
3.
logging source-interface
interface-type
interface-number
vrf
vrf-name
4.
logging host ipv6
ipv6-address
vrf
vrf-name
5.
end
DETAILED STEPS | Command or Action | Purpose |
---|
Step 1 | enable
Example:
Device> enable
|
Enables privileged EXEC mode.
- Enter your password if
prompted.
|
Step 2 | configure terminal
Example:
Device# configure terminal
|
Enters global configuration mode.
|
Step 3 | logging source-interface
interface-type
interface-number
vrf
vrf-name
Example:
Device (config)# logging source-interface FastEthernet 0/0/0 vrf vpn1
|
Configures the VRF interface as the source interface for logging.
|
Step 4 | logging host ipv6
ipv6-address
vrf
vrf-name
Example:
Device(config)# logging host ipv6 2001:DB8:: vrf vpn1
|
Configures and associates the IPv6-enabled logging host with the
VRF.
|
Step 5 | end
Example:
Device(config)# end
|
Exits global configuration mode and returns to privileged EXEC
mode.
|
Verifying IPv6 VRF
Aware System Message Logging
SUMMARY STEPS1.
enable
2.
show running-config | include logging
3.
show logging
DETAILED STEPS
Step 1
| enable
Enables privileged EXEC mode.
- Enter your password
if prompted.
Example:
Device> enable
|
Step 2
| show running-config | include logging
Displays the logging configuration for the device and the logging
host for a virtual routing and forwarding (VRF) instance.
This example shows the configuration of a syslog server in VRF
syslog with a server host address of 2001:DB8::1.
Example:
Device# show running-config | include logging
logging source-interface Ethernet0/1 vrf syslog
logging host ipv6 2001::DB8:1 vrf syslog
|
Step 3
| show logging
Displays the state of syslog.
Example:
Device# show logging
Trap logging: level informational, 138 message lines logged
Logging to 2001:DB8::1 (v6) (udp port 514, audit disabled,
link up),
24 message lines logged,
0 message lines rate-limited,
0 message lines dropped-by-MD,
xml disabled, sequence number disabled
filtering disabled
Logging to 2001:DB8::1 (syslog) (udp port 514,
audit disabled,
link up),
4 message lines logged,
0 message lines rate-limited,
0 message lines dropped-by-MD,
xml disabled, sequence number disabled
filtering disabled
Logging Source-Interface: VRF Name:
GigabitEthernet0/0/0 syslog
|
Configuration Examples for IPv6 VRF Aware System Message Logging
Example:
Configuring VRF on a Routing Device
Device> enable
Device# configure terminal
Device(config)# vrf definition syslog_v6
Device(config-vrf)# address-family ipv6
Device(config-vrf-af)# end
Example:
Associating a VRF with an Interface
Device> enable
Device# configure terminal
Device(config)# interface FastEthernet 0/0/0
Device(config-if)# vrf forwarding vpn1
Device(config-if)# no ipv6 address
Device(config-if)# ipv6 address 2001:DB8::1/32
Device(config-if)# end
Example:
Configuring VRF as a Source Interface for Logging on a Routing Device
Device> enable
Device# configure terminal
Device(config)# logging source-interface FastEthernet 0/0/0 vrf vpn1
Device(config)# logging host ipv6 address 2001:DB8::1 vrf vpn1
Device(config)# end
Additional
References for IPv6 VRF Aware System Message Logging
Related
Documents
Related
Topic
|
Document Title
|
Cisco
IOS commands
|
Cisco IOS Master Commands
List, All Releases
|
MPLS and
MPLS applications commands
|
Cisco IOS
Multiprotocol Label Switching Command Reference
|
Concepts
and tasks for configuring VRF-lite on a Catalyst 4500 switch
|
“Configuring VRF-lite” chapter in the
Catalyst 4500 Series Switch Cisco IOS Software Configuration
Guide
|
Concepts
and tasks for configuring VRF Lite on ML-Series Ethernet cards
|
“Configuring VRF-lite” chapter in the
Ethernet Card Software Feature and Configuration Guide for
the Cisco ONS 15454 SDH, ONS 15454, and ONS 15327
|
Technical
Assistance
Description
|
Link
|
The
Cisco Support website provides extensive online resources, including
documentation and tools for troubleshooting and resolving technical issues with
Cisco products and technologies.
To
receive security and technical information about your products, you can
subscribe to various services, such as the Product Alert Tool (accessed from
Field Notices), the Cisco Technical Services Newsletter, and Really Simple
Syndication (RSS) Feeds.
Access
to most tools on the Cisco Support website requires a Cisco.com user ID and
password.
|
http://www.cisco.com/cisco/web/support/index.html
|
Feature
Information for IPv6 VRF Aware System Message Logging
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 2 Feature
Information for IPv6 VRF Aware System Message Logging
Feature Name
|
Releases
|
Feature
Information
|
IPv6 VRF
Aware System Message Logging
|
|
The IPv6 VRF Aware System Message Logging feature enables a
device to send system logging (syslog) messages to an IPv6-enabled syslog
server connected through a VPN routing and forwarding (VRF) interface. You can
use the logging information for network monitoring and troubleshooting. This
feature extends this capability to network traffic connected through VRFs.
The
following commands were modified:
logging
source-interface and
logging host.
|