Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

What Source Port Does NetScreen use for Syslog?

0

0

Article ID: KB7799 KB Last Updated: 18 Aug 2010Version: 3.0
Summary:
Source port used when NetScreen sends log messages to a syslog server
Symptoms:
 
Solution:

When the NetScreen is booted, syslog is added to the system as a module at boot time.  This is when it determines what source port to use for syslog communications.  This is a randomly chosen port.  Once the NetScreen chooses this source port, it will use that very same port for all syslog communications.

For example, on bootup, assume the NetScreen chooses port 2064.  From this point onward (until the NetScreen is rebooted), syslog messages will be sent using a source port of 2064, and a destination port of 514.

To determine what port the Netscreen chooses as the source port, first issue a 'get syslog' command.  It will tell you what socket syslog is allocated to.  Then, issue a 'get socket id (number)', and it will give you the source port.

Example:

ns208-> get syslog
Syslog Configuration:

        Hostname: 172.19.50.129
        Host port: 514
        Security Facility: local0
        Facility: local1
        Traffic log: disabled
        Event log: enabled
        Transport: udp
        Socket number: 1029

        module=system:  emer, alert, crit, error, warn, notif, info, debug

 

Syslog is enabled.
ns208-> get socket id 1029
socket 1029, type udp, state open
remote IP 0.0.0.0, port 0, local IP 0.0.0.0, port 0, maxq 0, cnt 0
socket options: main 0x0, udp 0x0, raw 0x0
pak life time: 0
src if: null
pak q: head 0, tail 0 and count 0, max delay 0 ms, deq 0, drop 0
pak q: head 0, tail 0 and count 0, max delay 0 ms, deq 0, drop 0
display udp socket info:
in_use 1, port 2064

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search