I tried a fresh test on ocata-5.0-289 centos setup by patching the setup for missing commit, I don’t see wrong VN name but few points observed:
1. Looks like old flag “log_flow” is still used/referenced to log the sessions because when I set “log_flow=1”(apart from slo_destination=file)extra logs(see 2nd log below) are seen as below:
I tried a fresh test on ocata-5.0-289 centos setup by patching the setup for missing commit, I don’t see wrong VN name but few points observed:
1. Looks like old flag “log_flow” is still used/referenced to log the sessions because when I set “log_flow=1”(apart from slo_destination =file)extra logs(see 2nd log below) are seen as below:
INFO - [SYS_INFO]: SessionData: [ vmi = default- domain: ctest-SecurityL ogging- 77901689: 287ea704- 75b9-4e56- bcad-210a6a1153 1d vn = default- domain: ctest-SecurityL ogging- 77901689: ctest-vn- 06809291 ] security_ policy_ rule = 00000000- 0000-0000- 0000-0000000000 01 remote_vn = default- domain: ctest-SecurityL ogging- 77901689: ctest-vn- 23556997 is_client_session = 1 is_si = 0 vrouter_ip = 10.10.10.8 local_ip = 138.7.139.3 service_port = 0 protocol = 1 logged_ forward_ bytes = 98 logged_forward_pkts = 1 logged_ reverse_ bytes = 84 ip = 45.159.187.3 port = 8068 forward_flow_info= [ logged_bytes = 98 logged_pkts = 1 flow_uuid = f161a6d4- 2c95-427a- aaae-d3724c706e 1b tcp_flags = 0 setup_time = 1539689679214767 action = pass sg_rule_uuid = 8da6cbcd- 91e1-4585- 893b-9b1a13cc52 57 nw_ace_uuid = 1b924ca7- 0ca1-4886- 89c1-8af60b15b6 7a underlay_ source_ port = 53414 ] reverse_flow_info= [ logged_bytes = 84 logged_pkts = 1 flow_uuid = 865627a2- 084a-4f8e- 9067-0aaf4b8c6a 42 tcp_flags = 0 setup_time = 1539689679214767 action = pass sg_rule_uuid = 8da6cbcd- 91e1-4585- 893b-9b1a13cc52 57 nw_ace_uuid = 1b924ca7- 0ca1-4886- 89c1-8af60b15b6 7a underlay_ source_ port = 65224 ] vm = 9932613e- cbd9-4fa1- 9bea-2fe1a94cf1 ac other_vrouter_ip = 10.10.10.9 underlay_proto = 2 ]
2018-10-16 Tue 17:04:39:995.849 IST nodem8 [Thread 140123954079488, Pid 16060]: [SYS_INFO]: SessionEndpoint Object: session_data= [ [ [ vmi = default- domain: ctest-SecurityL ogging- 77901689: 287ea704- 75b9-4e56- bcad-210a6a1153 1d vn = default- domain: ctest-SecurityL ogging- 77901689: ctest-vn- 06809291 security_ policy_ rule = 00000000- 0000-0000- 0000-0000000000 01 remote_vn = default- domain: ctest-SecurityL ogging- 77901689: ctest-vn- 23556997 is_client_session = 1 is_si = 0 vrouter_ip = 10.10.10.8 sess_agg_info= [ [ [ local_ip = 138.7.139.3 service_port = 0 protocol = 1 ] [ sessionMap= [ [ ] ] ], ] ] ], ] ]
2. The Format of the message is changed and there is no sess_agg_info now.
Old format of the log was same as 2nd log above.
3. logged_reverse_pkts field is missing in log. Earlier same issue was seen for syslog. /bugs.launchpad .net/juniperope nstack/ +bug/1753381
https:/
Expected session log(ignore the format):
[ vmi = default- domain: ctest-SecurityL ogging- 62453854: 4b97fc45- dd8e-437f- 9f84-967a1e6388 d3 vn = default- domain: ctest-SecurityL ogging- 62453854: ctest-vn- 23374218 security_ policy_ rule = 00000000- 0000-0000- 0000-0000000000 01 remote_vn = default- domain: ctest-SecurityL ogging- 62453854: ctest-vn- 72151247 is_client_session = 1 is_si = 0 vrouter_ip = 10.10.10.8 sess_agg_info= \[ \[ \[ local_ip = 194.124.216.3 service_port = 0 protocol = 1 ] \[ logged_ forward_ bytes = \d+ logged_forward_pkts = \d+ logged_ reverse_ bytes = \d+ logged_reverse_pkts = \d+ sessionMap= \[ \[ \[ ip = 76.27.77.3 port = \d+ ] \[ forward_flow_info= \[ logged_bytes = \d+ logged_pkts = \d+ flow_uuid = [0-9a-f] {8}-[0- 9a-f]{4} -[0-9a- f]{4}-[ 0-9a-f] {4}-[0- 9a-f]{12} tcp_flags = 0 setup_time = \d+ action = pass sg_rule_uuid = 62452913- c895-4f02- a152-e4887090e3 b4 nw_ace_uuid = c8717e49- fb90-436d- 8fe8-d7d9e24d39 b5 underlay_ source_ port = \d+ ] reverse_flow_info= \[ logged_bytes = \d+ logged_pkts = \d+ flow_uuid = [0-9a-f] {8}-[0- 9a-f]{4} -[0-9a- f]{4}-[ 0-9a-f] {4}-[0- 9a-f]{12} tcp_flags = 0 setup_time = \d+ action = pass sg_rule_uuid = 62452913- c895-4f02- a152-e4887090e3 b4 nw_ace_uuid = c8717e49- fb90-436d- 8fe8-d7d9e24d39 b5 underlay_ source_ port = \d+ ] vm = 576abcb9- 087a-45da- bcbb-2dd960c80b ca other_vrouter_ip = 10.10.10.9 underlay_proto = 2 ], ] ] ], ] ] ]"
session log seen in agent file:
[ vmi = default- domain: ctest-SecurityL ogging- 62453854: 4b97fc45- dd8e-437f- 9f84-967a1e6388 d3 vn = default- domain: ctest-SecurityL ogging- 62453854: ctest-vn- 23374218 ] security_ policy_ rule = 00000000- 0000-0000- 0000-0000000000 01 remote_vn = default- domain: ctest-SecurityL ogging- 62453854: ctest-vn- 72151247 is_client_session = 1 is_si = 0 vrouter_ip = 10.10.10.8 local_ip = 194.124.216.3 service_port = 0 protocol = 1 logged_ forward_ bytes = 98 logged_forward_pkts = 1 logged_ reverse_ bytes = 84 ip = 76.27.77.3 port = 1672 forward_flow_info= [ logged_bytes = 98 logged_pkts = 1 flow_uuid = b232e21f- 88a5-40f2- a7dc-aedb198c2b 87 tcp_flags = 0 setup_time = 1539693126283710 action = pass sg_rule_uuid = 62452913- c895-4f02- a152-e4887090e3 b4 nw_ace_uuid = c8717e49- fb90-436d- 8fe8-d7d9e24d39 b5 underlay_ source_ port = 59521 ] reverse_flow_info= [ logged_bytes = 84 logged_pkts = 1 flow_uuid = ab21ef37- 89f8-4db0- a664-a3a6fc378d aa tcp_flags = 0 setup_time = 1539693126283710 action = pass sg_rule_uuid = 62452913- c895-4f02- a152-e4887090e3 b4 nw_ace_uuid = c8717e49- fb90-436d- 8fe8-d7d9e24d39 b5 underlay_ source_ port = 57159 ] vm = 576abcb9- 087a-45da- bcbb-2dd960c80b ca other_vrouter_ip = 10.10.10.9 underlay_proto = 2 ]