There are use cases where Syslog and SNMP running at same destination server. By default workflow generated configuration won't achieve this working setup. there are no discrepancies if destination servers are installed at separate machines configured with unique IP addresses.


Please do the following modification to make SNMP and syslog working with same destination server.
 
  1. Configure syslog from workflow and modify the paired TVI subnet to any routable IP which you can configure and advertise towards Syslog and SNMP servers. For example, I have used 192.168.11.2/31.
  2. While enabling syslog from workflow template it will also add a NAT pool and rule configuration. Please remove the NAT configuration as it is not needed. We will be advertising these paired TVI prefixes to remote servers.
  3. Configure SNMP from workflow template and then modify the SNMP target source as paired tvi interface IP which is part of global instance. You would have to modify the target source from device template configuration under SNMP agent section.
  4. Remove the destination server IP and local LAN interface(VNI) from VNF-manager configuration. When you deploy SNMP configuration from workflow it would automatically add local interface and SNMP server address into vnf-manager however please delete that configuration from device template configuration.
  5. Commit the template and verify the changes.
 
tvi-0/2626    n/a                up     up     -       -
tvi-0/2626.0  n/a                up     up     3       Tenant-1-LAN-VR        192.168.11.2/31
tvi-0/2627    n/a                up     up     -       -
tvi-0/2627.0  n/a                up     up     3       global                 192.168.11.3/31
tvi-0/3       n/a                up     up     -       -
 
 
set system syslog server 172.16.25.2 enabled
set system syslog server 172.16.25.2 selector 1 negate false
set system syslog server 172.16.25.2 selector 1 level all
set system syslog server 172.16.25.2 selector 1 facility-list [ all ]
 
 
set snmp agent enabled
set snmp agent ip 127.0.0.1
set snmp agent udp-port 161
set snmp agent extra-listen ::1 161
set snmp agent version v2c
set snmp agent max-message-size 50000
set snmp system name Gateway-2
set snmp system location india
set snmp community versa sec-name versa
set snmp target v2_172.16.25.2 ip 172.16.25.2
set snmp target v2_172.16.25.2 udp-port 162
set snmp target v2_172.16.25.2 tag [ std_v2_inform std_v2_trap ]
set snmp target v2_172.16.25.2 timeout 1500
set snmp target v2_172.16.25.2 retries 3
set snmp target v2_172.16.25.2 v2c sec-name versa
set snmp notify std_v1_trap tag std_v1_trap
set snmp notify std_v1_trap type trap
set snmp notify std_v2_inform tag std_v2_inform
set snmp notify std_v2_inform type inform
set snmp notify std_v2_trap tag std_v2_trap
set snmp notify std_v2_trap type trap
set snmp notify std_v3_inform tag std_v3_inform
set snmp notify std_v3_inform type inform
set snmp notify std_v3_trap tag std_v3_trap
set snmp notify std_v3_trap type trap
set snmp target-source 192.168.11.3               <<<<<<<<<<<This is paired tvi interface IP which is part of global instance.
set snmp vacm group access-v2c-public-internet member versa sec-model [ v2c ]
set snmp vacm group access-v2c-public-internet access v2c no-auth-no-priv read-view internet
set snmp vacm group access-v2c-public-internet access v2c no-auth-no-priv notify-view internet
set snmp vacm view internet subtree 1.2 included
set snmp vacm view internet subtree 1.3 included
set snmp vacm view internet subtree 1.3.6.1 included
 
 
admin@Gateway-2-cli> show route routing-instance global
 
Routes for Routing instance : global  AFI: ipv4  SAFI: unicast
 
Codes: E1 - OSPF external type 1, E2 - OSPF external type 2
IA - inter area, iA - intra area,
L1 - IS-IS level-1, L2 - IS-IS level-2
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
RTI - Learnt from another routing-instance
+ - Active Route
 
Prot   Type  Dest Address/Mask   Next-hop        Age      Interface name
----   ----  -----------------   --------        ---      --------------
local  N/A  +10.0.0.10/32        0.0.0.0         16:43:59 directly connected
conn   N/A  +169.254.254.0/24    0.0.0.0         16:43:43 Indirect
local  N/A  +169.254.254.254/32  0.0.0.0         16:43:43 directly connected
static N/A  +172.16.25.2/32      192.168.11.2    00:12:06 tvi-0/2627.0
SDWAN  N/A  +192.168.10.1/32     0.0.0.0         16:43:59 Indirect
conn   N/A  +192.168.11.2/31     0.0.0.0         00:12:06 tvi-0/2627.0
local  N/A  +192.168.11.3/32     0.0.0.0         00:12:06 directly connected
 
 
 
SNMP Request/Response:
Gateway-2 confd[29562]: snmp get-request reqid=3580 172.16.25.2:61761 (TimeTicks sysUpTime)
 Gateway-2 confd[29562]: snmp get-response reqid=3580 172.16.25.2:61761 (TimeTicks sysUpTime=6008534)
 
 
Syslog:
admin@Gateway-1-cli> tcpdump vni-0/2 filter "port 514"
Starting capture on vni-0/2
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on _vni_0_2, link-type EN10MB (Ethernet), capture size 262144 bytes
19:57:50.244386 52:54:00:94:ba:02 > 52:54:00:79:c4:f5, ethertype IPv4 (0x0800), length 128: 192.168.11.3.57716 > 172.16.25.2.514: SYSLOG local4.debug, length: 86
19:57:50.244398 52:54:00:94:ba:02 > 52:54:00:79:c4:f5, ethertype IPv4 (0x0800), length 117: 192.168.11.3.57716 > 172.16.25.2.514: SYSLOG local4.debug, length: 75
19:57:50.244400 52:54:00:94:ba:02 > 52:54:00:79:c4:f5, ethertype IPv4 (0x0800), length 135: 192.168.11.3.57716 > 172.16.25.2.514: SYSLOG local4.debug, length: 93
19:57:50.244402 52:54:00:94:ba:02 > 52:54:00:79:c4:f5, ethertype IPv4 (0x0800), length 124: 192.168.11.3.57716 > 172.16.25.2.514: SYSLOG local4.debug, length: 82
19:57:50.244404 52:54:00:94:ba:02 > 52:54:00:79:c4:f5, ethertype IPv4 (0x0800), length 132: 192.168.11.3.57716 > 172.16.25.2.514: SYSLOG local4.debug, length: 90