Forum Discussion

Doran_Lum's avatar
Doran_Lum
Icon for Nimbostratus rankNimbostratus
Oct 06, 2019

How to send test F5 traffic from SNAT

We have some servers on this VLAN which seem unable to receive any traffic from F5. On firewall, we don't see any traffic deny or dropped. When we issue ping of telnet test from F5 CLI, we can see successful traffic but it's from the F5 Self-IP address.

 

How can we issue test traffic from SNAT IP address from F5 CLI ?

 

All other VLAN are working fine except for this VLAN.

Routing table looks good on F5 too.

5 Replies

    • Doran_Lum's avatar
      Doran_Lum
      Icon for Nimbostratus rankNimbostratus

      Thank you, but i get "bind: Cannot assign requested address"

      • Hi Doran,

        ping -I <snat-ip> <destination>
        curl --interface <snat-ip> <destination>
  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus

    While ping will test basic ICMP packet connectivity, it's not always successful when firewalls are involved

     

    Personally I think the easiest way for you to accomplish this is to hit your VS with curl, while tcpdump'ing for the expected SNAT'ed traffic on interface 0.0 (All Interfaces) to check whether the connection is being attempted, and whether any response is coming back (And which interface it's coming back to in case you have some asymmetric routing happening)

     

    That's the first check. After you find whether connections are attempted (or not) and whether you get back a snack (Or not) and whether you see the request go past (Or not) will give you an idea of where to check next

     

    I'd also tcpdump on the server at the same time so you can check both ends at once. One end is good. Both ends, will tell you a lot more.

     

    H