Forum Discussion
AltostratusChecking the Logs...HOW TO??
Dear All,
Recently got one requirement from my client to analyze the traffic between client and F5 and between F5 and pool members for some of the Virtual Servers. Anybody knows how I can setup and view that?
2 Replies
Michael_JenkinsCirrostratus
The best way to monitor the traffic between clients and servers would be with the
utility through the CLI. Then you can view the packets in a packet capture viewer like Wireshark. You can find an overview of tcpdump in SOL411 . If you're using SSL from the client to the F5, then you should check out the overview of ssldump in SOL10209 (you'll need access to the private key for the SSL profile used in order to decrypt the traffic).tcpdumpThe other option would be to use an iRule to log some of the traffic information to the LTM log if you're just looking for specific data.
Hope this helps.
Note that if you're having problems with pool members unexpectedly changing state, then consider also sol12531 "Troubleshooting health monitors", which gives you some detail on log messages and how to get more debug logged.
Pertaining to tcpdump, also note sol13637 "Capturing internal TMM information with tcpdump" and the very nice "p" option:
"Beginning in BIG-IP 11.2.0, you can use the p interface modifier with the n modifier to capture traffic with TMM information for a specific flow, and its related peer flow. The p modifier allows you to capture a specific traffic flow through the BIG-IP system from end to end, even when the configuration uses a Secure Network Address Translation (SNAT) or OneConnect."
