Forum Discussion

Rahul_Gupt_2401's avatar
Rahul_Gupt_2401
Icon for Nimbostratus rankNimbostratus
Sep 23, 2017

Verify Client connection to Nodes

Hi, my customer was complaining that they are able to reach F5 but not the servers. When I checked pool statistics on the LTM, there was traffic showing under "In Bits" but not in "Out Bits". I know this was due to Auto Map not set in Source Address translation under virtual server. But could someone explain what exactly "Out Bits" represent and how we can troubleshoot this issue or identify this issue through a CLI / tmsh command. Below is the output from the CLI on LTM(VS IP:10.27.5.174, Server: 10.27.7.133) before I applied Auto map: admin@(ltm)(cfg-sync In Sync)(Active)(/Common)(tmos) show sys connection cs-server-addr 10.27.5.174 Sys::Connections 10.27.20.144:36759 10.27.5.174:443 10.27.20.144:36759 10.27.7.133:443 tcp 1 (tmm: 1) none

 

Total records returned: 1

Our virtual server is configured with type Performance(Layer 4).

 

application delivery
LTM
TMSH

1 Reply

Sort By
  • Jad_Tabbara__J1's avatar
    Jad_Tabbara__J1
    Icon for Cirrostratus rankCirrostratus
    Sep 24, 2017

    HI Rahul,

    • "In" Represents the cumulative number of bits (including all headers) that have been received from the pool or pool member.
    • "Out" Represents the cumulative number of bits (including all headers) that have been sent to the pool or pool member

    To troubleshoot this from CLI : The easiest way is to make a tcpdump and view that you don't receive response from the node.

    In the tcpdump capture you will have :

    1) client_IP ---> VIP

2) client_IP <--- VIP  

3) client_IP ---> node_IP

4) ...

    and you will never have responses from the node since the node will respond directly to client_IP... (asymetric routing) !

    With SNAT the tcpdump looks like this:

    1) client_IP ---> VIP

2) client_IP <--- VIP  

3) f5_self_IP ---> node_IP

4) f5_self_IP <--- node_IP

    => the F5 receives the responses from the node and can transmit it to the "client_IP"

    To troubleshoot this from tmsh:

    As you posted in your question you can view this by the following command

    tmsh show sys connection cs-server-addr 10.27.5.174 
Sys::Connections **10.27.20.144**:36759 10.27.5.174:443 **10.27.20.144**:36759 10.27.7.133:443

    It shows that client_IP is the same on the Client Side and Server Side connections Also you can determine this by view the statistics on the particular pool and note that the "IN" counter is not incremented because F5 don't receive any packet from the backend... 

    tmsh show ltm pool pool_name

    regards