A network engineer notices that the syslog server at 10.1.1.100 is not receiving any log messages from a Cisco router running IOS-XE 16.9. The engineer has configured 'logging host 10.1.1.100' and 'logging trap debugging'. The router can ping the syslog server successfully. What is the most likely cause of the missing syslog messages?
Trap 1: The syslog server is using UDP port 514, but the router is sending…
Incorrect because by default, Cisco IOS uses UDP port 514 for syslog unless explicitly configured with 'logging host <ip> transport tcp'.
Trap 2: The 'logging source-interface' is set to a loopback that is not…
Incorrect because while a missing source-interface can cause reachability issues, the default behavior uses the outgoing interface IP, which is reachable if the ping succeeds. The primary issue is more fundamental.
Trap 3: The 'logging buffered' command is overriding the remote logging…
Incorrect because 'logging buffered' only affects local buffer logging and does not disable remote syslog; both can coexist.
- A
The 'logging on' command is not configured globally.
Correct because 'logging on' must be enabled to allow any syslog messages to be sent to a remote server. Without it, all syslog output is suppressed.
- B
The syslog server is using UDP port 514, but the router is sending over TCP.
Why wrong: Incorrect because by default, Cisco IOS uses UDP port 514 for syslog unless explicitly configured with 'logging host <ip> transport tcp'.
- C
The 'logging source-interface' is set to a loopback that is not advertised in the routing table.
Why wrong: Incorrect because while a missing source-interface can cause reachability issues, the default behavior uses the outgoing interface IP, which is reachable if the ping succeeds. The primary issue is more fundamental.
- D
The 'logging buffered' command is overriding the remote logging configuration.
Why wrong: Incorrect because 'logging buffered' only affects local buffer logging and does not disable remote syslog; both can coexist.