Forum Discussion
NimbostratusAny way to get traffic data from virtual server that has no pool and no nodes ?
I have a virtual server that has no pool and no nodes. Is there a way to use some tmsh command to get traffic information about the cs-client-addr ? I can see all the traffic for the virtual server from the gui statistics tab but I need to see what connections are generating all the traffic. I use a command like tmsh show sys connection cs-server-addr xx.xx.xx.xx to see all the connections but cannot see cs-client-addr traffic. Below is the virtual server configuration.
ltm virtual /Common/general_proxy {
description "general proxy for ports 80 and 443"
destination /Common/xxx.xx.xxx.xxx:3128
ip-protocol tcp
mask 255.255.255.255
profiles {
/Common/umn_http { }
/Common/umn_tcp-lan-optimized {
context clientside
}
/Common/umn_tcp-wan-optimized {
context serverside
}
}
rules {
/Common/https_proxy_general
}
source 0.0.0.0/0
source-address-translation {
type automap
}
translate-address enabled
translate-port enabled
}
Thanks, Tom
- Kevin_Davies
Nacreous
tmsh show sys connection cs-server-addr xxx.xx.xxx.xxxYour using the correct command. The output of that will show the client addresses. The cs stands for clientside. The server means the server end of that connection, eg the F5. The addr means the IP address.
So cs-server-addr x.x.x.x is showing you all the clientside connections to your virtual server.
Tom_KKevin - thanks for the prompt reply. Sorry that I was not very clear about what I am looking for. Yes, I am able to see all the client side IP addresses. What I would like to see in addition is like the virtual server statistics shows on the GUI, like bits in and out, packets in and out for each client side IP address. Thanks, Tom
- Kevin_Davies
Alternatively you can add a one line iRule.
when CLIENT_ACCEPTED { log local0. "Connection from [IP::client_addr]" }This will log an entry for every connection. If you have many thousands of connections then you can use the rule below to store connection information in session tables which can be retrieved later with a reporting iRule.
when CLIENT_ACCEPTED { table incr client-[IP::client_addr] table timeout client-[IP::client_addr] 3600 table add -subtable client-tracking client-[IP::client_addr] 3600 }Client connection information is stored for up to an hour, adjust this with the 3600 seconds above. If we don't see that client come back in an hour then it is automatically expired from the session table.
The reporting iRule below gives you the output from the collected stats above. It can be attached to any virtual server on the same F5. You trigger it with and it will display a page of collected connection information.
when HTTP_REQUEST { if {[HTTP::uri] ne "/connections" } { return } set response "Connections\r\n" foreach key [table keys -subtable client-tracking] { append response "$key = [table lookup $key]\r\n" } HTTP::respond 200 content $response Content-Type "text/plain" Connection Close event disable }
