Forum Discussion

A__N_5261's avatar
A__N_5261
Icon for Nimbostratus rankNimbostratus
Jan 11, 2013

ARP entry..

Hi ,

 

 

We have two firewall (FW1. and Fw2). and f5 default gateway pointing to FW2

 

 

We have two Virtual server Behind the FW1. when user come from internet it come via Fw1 and Fw1 forward to F5. it works fine with "Auto last feature:. if i am not wrong. But i can not see mac of FW1 in F5. i tried "arp -a" . did not find the source mac . is there any way to see.

 

 

 

Thanks & Regards

 

A.N

 

4 Replies

  • But i can not see mac of FW1 in F5. i tried "arp -a" . did not find the source mac . is there any way to see.

    can you try "b conn" or "tmsh show sys connection"?

     

     

    b conn client x.x.x.x show all

     

    tmsh show sys connection cs-client-addr x.x.x.x all-properties

     

    x.x.x.x is client ip

     

  • auto lasthop

     bigpipe
    
    [root@ve10:Active] config  b conn client 172.28.19.251 show all
    VIRTUAL 172.28.19.252:443 <-> NODE any6   TYPE any   1/0
        CLIENTSIDE 172.28.19.251:42786 <-> 172.28.19.252:443
            (pkts,bits) in = (9, 1103)   out = (6, 1692)
        SERVERSIDE any6 <-> any6
            (pkts,bits) in = (0, 0)   out = (0, 0)
        PROTOCOL 6   UNIT 1   IDLE 2 (300)   LASTHOP external 00:50:56:b3:03:8f
    
     tmsh
    
    root@ve10(Active)(tmos) show sys connection cs-client-addr 172.28.19.251 all-properties
    Sys::Connections
    172.28.19.251:42788 - 172.28.19.252:443 - ::.0
    ----------------------------------------------
      TMM           0
      Type          any
      Protocol      tcp
      Idle Time     2
      Idle Timeout  300
      Unit ID       1
      Lasthop       external 00:50:56:b3:03:8f
      Virtual Path  172.28.19.252:443
    
                            ClientSide  ServerSide
      Client Addr  172.28.19.251:42788        ::.0
      Server Addr    172.28.19.252:443        ::.0
      Bits In                     8.4K           0
      Bits Out                   13.5K           0
      Packets In                     8           0
      Packets Out                    6           0
    
    Total records returned: 1
    

    in case you just want to see arp.

     bigpipe
    
    [root@ve10:Active] config  b arp
    ARP 172.28.19.251 - 00:50:56:B3:03:8F   VLAN external   expire 297s   resolved
    ARP 200.200.200.101 - 00:50:56:B3:01:0B   VLAN internal   expire 297s   resolved
    
     tmsh
    
    [root@ve10:Active] config  tmsh show net arp
    
    Net::Arp
    Address          HWaddress        Vlan      Expire-in-sec  Status
    -------------------------------------------------------------------
    172.28.19.251    0:50:56:b3:3:8f  external  286            resolved
    200.200.200.101  0:50:56:b3:1:b   internal  286            resolved
    
  • HI Nitass,

     

     

    Excellent. thanks for help.

     

     

    But quick question why it does not show with "arp -a".

     

     

  • But quick question why it does not show with "arp -a".

    i understand "arp -a" shows arp on host subsystem (mgmt interface). tmm interface is not on the host, so arp is not seen there.