Forum Discussion

genseek_32178's avatar
genseek_32178
Icon for Nimbostratus rankNimbostratus
Mar 22, 2012

F5 Traffic

Hi,

 

 

Following wild card virtual server is configured to listen traffic on vlan 20

 

 

 

virtual reversnpath_vlan30

 

snatpool vlan20

 

pool reversnpath_vlan20

 

desntination any:any

 

mask 0.0.0.0

 

profiles fastl4_reversenapth_default

 

vlan30

 

 

pool reversnpath_vlan20

 

member 230.36.134.25

 

 

snatpool vlan20

 

members 203.36.134.30

 

 

virtual livesite_443

 

pool livesite_443_pl

 

destination 203.36.134.40

 

ip protocol tcp

 

profiles tcp_default

 

vlans

 

20

 

30

 

enable

 

 

pool livesite_443_pl

 

lb method least conn

 

monitor xyz

 

members

 

 

10.10.10.10

 

10.10.10.11

 

 

When the DIPs initiate outbound traffic for another VIP on the same F5, i want to capture traffic to see if the DIPs src is getting snatted to 203.36.134.30.

 

 

Please suggest.

 

basic
getting started
new to f5

2 Replies

Sort By
  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus
    Apr 17, 2012

     

    Mm... Need more info... Input...

     

     

    Do you have something in place to do that SNAT? When you say DIP's initiate outbound traffic for 'another' VIP on the same F5... Does that other VS have SNAT'ing enabled? or is there a SNAT configured to SNAT the DIP's IP addresses?

     

     

    What are the DIP's? You mean the pool members in livesite_443_pl?

     

     

    H
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Apr 18, 2012
    are you asking for tcpdump command or something else?

     

     

    if it is tcpdump, can you try tcpdump on interface 0.0 and use destination ip as filter?

     

     

    tcpdump -nni 0.0:nnn -s0 -w /var/tmp/output.pcap host x.x.x.x

     

    x.x.x.x is destination ip