• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

No remote syslog when binding to CARP interface?

General pfSense Questions
2
4
780
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • H
    haddock
    last edited by May 28, 2015, 7:06 AM May 27, 2015, 3:36 PM

    Running pfSense: 2.2.2-RELEASE (amd64)

    Remote Logging Options
    Source Address                (LAN-CARP)

    When tcpdumping port 514 on my syslog server I dont see anything coming in from my pfSense host.

    If I switch pfSense Source Address to normal LAN I see logs starts dropping in instantly.

    Is this by design or should I file a bug report?

    1 Reply Last reply Reply Quote 0
    • H
      haddock
      last edited by May 28, 2015, 7:04 AM

      Just realized this probably fit better under the CARP/VIPs forum.

      Could a moderator please move it?

      1 Reply Last reply Reply Quote 0
      • D
        Derelict LAYER 8 Netgate
        last edited by May 28, 2015, 7:46 AM

        I would think you would want all cluster members logging and would want to be able to tell which member the log entry came from anyway.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • H
          haddock
          last edited by May 28, 2015, 12:18 PM

          Hmm.

          I would think your logic is flawed.

          I use CARP for failover purposes and send my logs to an ELK stack to visualize firewall entries.

          Why would I want logs from the secondary host when its in Backup state and not being actively used? And even then, I could just configure the other hosts to use their LAN IP as source? And keep primary as CARP.

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.