Symantec IGA

  • Private Community
 View Only

  • 1.  Remove IPv6 from vApp to reduce noise in /var/log/messages

    Posted Oct 07, 2024 02:31 PM
    Edited by Alan Baugher Oct 07, 2024 03:05 PM
    Background:   vApp r14.5  
     
    While working with rsyslog we noticed that /var/log/messages was being swamped with error messages due to IPv6 not utilized for Network Manager.

    Reference about IPv6 not used in vApp.
    https://broadcomcms-software.wolkenservicedesk.com/wolken-support/kbsearch/article?articleNumber=129489
     
     
    Example of logs events:       grep -i ipv6  /var/log/messages
     
    Sep 29 06:22:58 vapp145 NetworkManager[793]: <warn>  [1727608978.3001] ipv6ll[1ad01a420750ae45,ifindex=2]: changed: no IPv6 link local address to retry after Duplicate Address Detection failures (back off)
    Sep 29 06:23:08 vapp145 NetworkManager[793]: <warn>  [1727608988.3024] platform-linux: do-add-ip6-address[2: fe80::290a:17e6:ea50:c07]: failure 13 (Permission denied - ipv6: IPv6 is disabled on this device)
    Sep 29 06:23:08 vapp145 NetworkManager[793]: <warn>  [1727608988.3025] l3cfg[e72522d0d139da92,ifindex=2]: unable to configure IPv6 route: type unicast fe80::/64 dev 2 metric 1024 mss 0 rt-src ipv6ll
    Sep 29 06:23:10 vapp145 NetworkManager[793]: <warn>  [1727608990.3051] platform-linux: do-add-ip6-address[2: fe80::f262:f3c1:cf89:f75c]: failure 13 (Permission denied - ipv6: IPv6 is disabled on this device)
     
     
    Resolution:
     
    Providing this process to assist with reducing noise when using rsyslog to monitor the vApp.
     
    As the 'config' user,  issue the below commands and confirm that /var/log/messages no longer has error messages related to IPv6.
     
     
    sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
    sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1
    sudo sysctl -p
    sudo systemctl restart NetworkManager
    sudo journalctl -n 100 --no-pager


    Summary Note:  Use the above process to reduce "noise" for your chosen log collector (Grafana/Splunk/etc.) when using rsyslog as the intermediate process.









    ------------------------------
    Alan Baugher
    ANA
    ------------------------------



  • 2.  RE: Remove IPv6 from vApp to reduce noise in /var/log/messages

    Posted Oct 08, 2024 06:22 PM

    Great update, Alan. I had not encountered this yet with a client, since not too many have upgraded to r14.5.


    Original Message


  • 3.  RE: Remove IPv6 from vApp to reduce noise in /var/log/messages

    Posted Oct 09, 2024 09:53 AM

    Thanks Enrique, 

    I plan to write up the process using another module of rsyslog on the vApp to showcase how we can see all DEBUG and stderr message in a Collector like Splunk or Grafana, from all the logs under /opt/CA/VirtualAppliance/logs.    Unfortunately, the imjournal module was not sending everything we all wish to see.




    ------------------------------
    Alan Baugher
    ANA
    ------------------------------

    Original Message