Forum Discussion

A__N_5261's avatar
A__N_5261
Icon for Nimbostratus rankNimbostratus
Jan 11, 2013

ARP entry..

Hi ,

 

 

We have two firewall (FW1. and Fw2). and f5 default gateway pointing to FW2

 

 

We have two Virtual server Behind the FW1. when user come from internet it come via Fw1 and Fw1 forward to F5. it works fine with "Auto last feature:. if i am not wrong. But i can not see mac of FW1 in F5. i tried "arp -a" . did not find the source mac . is there any way to see.

 

 

 

Thanks & Regards

 

A.N

 

config
design

4 Replies

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jan 11, 2013
    But i can not see mac of FW1 in F5. i tried "arp -a" . did not find the source mac . is there any way to see.

    can you try "b conn" or "tmsh show sys connection"?

     

     

    b conn client x.x.x.x show all

     

    tmsh show sys connection cs-client-addr x.x.x.x all-properties

     

    x.x.x.x is client ip

     

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jan 11, 2013
    auto lasthop 

     bigpipe

[root@ve10:Active] config  b conn client 172.28.19.251 show all
VIRTUAL 172.28.19.252:443 <-> NODE any6   TYPE any   1/0
    CLIENTSIDE 172.28.19.251:42786 <-> 172.28.19.252:443
        (pkts,bits) in = (9, 1103)   out = (6, 1692)
    SERVERSIDE any6 <-> any6
        (pkts,bits) in = (0, 0)   out = (0, 0)
    PROTOCOL 6   UNIT 1   IDLE 2 (300)   LASTHOP external 00:50:56:b3:03:8f

 tmsh

root@ve10(Active)(tmos) show sys connection cs-client-addr 172.28.19.251 all-properties
Sys::Connections
172.28.19.251:42788 - 172.28.19.252:443 - ::.0
----------------------------------------------
  TMM           0
  Type          any
  Protocol      tcp
  Idle Time     2
  Idle Timeout  300
  Unit ID       1
  Lasthop       external 00:50:56:b3:03:8f
  Virtual Path  172.28.19.252:443

                        ClientSide  ServerSide
  Client Addr  172.28.19.251:42788        ::.0
  Server Addr    172.28.19.252:443        ::.0
  Bits In                     8.4K           0
  Bits Out                   13.5K           0
  Packets In                     8           0
  Packets Out                    6           0

Total records returned: 1

    in case you just want to see arp. 

     bigpipe

[root@ve10:Active] config  b arp
ARP 172.28.19.251 - 00:50:56:B3:03:8F   VLAN external   expire 297s   resolved
ARP 200.200.200.101 - 00:50:56:B3:01:0B   VLAN internal   expire 297s   resolved

 tmsh

[root@ve10:Active] config  tmsh show net arp

Net::Arp
Address          HWaddress        Vlan      Expire-in-sec  Status
-------------------------------------------------------------------
172.28.19.251    0:50:56:b3:3:8f  external  286            resolved
200.200.200.101  0:50:56:b3:1:b   internal  286            resolved
  • A__N_5261's avatar
    A__N_5261
    Icon for Nimbostratus rankNimbostratus
    Jan 11, 2013
    HI Nitass,

     

     

    Excellent. thanks for help.

     

     

    But quick question why it does not show with "arp -a".

     

     

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jan 11, 2013
    But quick question why it does not show with "arp -a".

    i understand "arp -a" shows arp on host subsystem (mgmt interface). tmm interface is not on the host, so arp is not seen there.