Forum Discussion
NimbostratusApplication returning Error with possible port communication issue
Hello All,
The application requires port 3033 to communicate from the Application Server to the Control Server. Access to the Control Server is load balanced. There are two Control Servers & a VIP URL is used and configured via the LTM. The port needed which is port 3033 is configured & opened to allow the port in the VIP URL from source Application Server to the Control server. The port has already been opened but throwing error after login. Is there a way or option to trace the error from the LTM or trace the port communication from the LTM side?
Thank you in advance.
Stephane_ViauWhat kind of error are you seeing? If your application requires a login, perhaps you need to add persistence to your Virtual Server. Are your "Control Servers" clustered and sharing login information?
heybey_329083Yes it does have login to use the application, additional information: the login works well without issues and proceeds then produces the error.
The Control Servers are clustered but not sharing login information.
Here's the error info: from source application (hosted from app server) to destination control server
Reason: connect timed out Remote Host: 100.170.27.43 Remote Port: 3033 vmcid: 0x49421000 minor code: 80 completed: No
It seemed like the VIP URL can passthrough the port but unable to truely communicate with the remote host.
HamishCirrocumulus
There's a couple of ways to troubleshoot this.
The first (And possibly easier, especially for the application guys) is to try running fiddler (Or similar) on your client and push all your browser traffic through that. Fiddler will show you were you're connecting what's coming back, content etc. It's good because you see exactly what the browser is sending and receiving.
It may be that you have an issue with content not being re-written for the VS vs the backend IP's/Names
To debug at the LTM, generally the best (Best is relative BTW) way is with tcpdump. You'd need to work out what the correct command line is to just capture the traffic you're interested in. You can then examine using tcpdump (Not really a windows user friendly method) or save the output to a dump file and use something like wireshark to examine it.
There's a long version of this posting (No I haven't written one, but there are lots of answers around - you just have to figure out which one suits you). You'll notice my answer may be a bit vague...
I could also recommend the troubleshooting course from BigIP, it's a great way to learn this stuff.
- Hamish
Fiddler is a mitm proxy. So you will see all the traffic that passes through it.
- Hamish
Sorry, I was on my iPhone so previous answer is a bit short.
Fiddler runs as a proxy. So you will be able to see and examine in detail any traffic that is passed. Because it acts as a MITM it will decode your TLS and let you see the content. Easily identifying the actual content and request that is timing out. From that you can work out if it's a missing VS (i.e. your app uses multiple ports and you've only configured one) or it's not being rewritten correctly (i.e. embedded URL's in the content aren't being changed from the backend IP:port to the VS ip:port)
More info on fiddler is available at http://www.telerik.com/fiddler