Forum Discussion
CirrusClients unable to connect during business hours
Hi All,
So I have a Virtual Server set up in an LTM. Virtual server listening on port 6000, using usual TCP profile and source based persistence, and 2 pool members on 6000 port. The URL works fine, but during peak hours (when network traffic is high) the clients complain unable to login. When clients try to connect directly via the pool members it connects fine, that is if we bypass the Virtual Server. Do not see any logs or errors on the LTM logs.
If anyone can share any insights on this.
Thanks, Aditya
rsacheenNimbostratus
I guess the use of source based persistence is playing a role here. Might be your VS is overloaded maintaining persistence information during peak hours. How about trying without persistence?
jaikumar_f5Noctilucent
Can you post your setup here, (snat automap ?)
Aditya_MehraHi Rsacheen, Yes there is Persistence used. Can you please explain " VS is overloaded maintaining persistence information during peak hours"
How would we know that it is overloaded? Thanks, Aditya- Aditya_Mehra
Hi Jaikumar, We are using the standard VS setup.
Automap is used, Protocol - tcp, Protocol Profile (Client) - tcp , Protocol Profile (Server) - using client profile, and source persistence.Thanks, Aditya
- jaikumar_f5
Do you find any logs in /var/log/ltm something like below,
01010201:2: Inet port exhaustion on - Aditya_Mehra
No Jaikumar there are no port exhaustion ltm logs.
- jaikumar_f5
You may need to take tcpdump and ssldump during the event to know more on the issue.
- Aditya_Mehra
Thanks Jaikumar , right now do not see this issue as its intermittent.
Will take a tcp and ssl capture to see further if anyone reports.
do you have any insight on the above mentioned VS overload maintaining persistance table.
Thanks, Aditya - jaikumar_f5
Hi Adi,
I'm not aware of any issues that could arise from persistence table.
You can use following Plan of action to capture traffic specific to client experiencing the issue and find the cause for the issue::
1) tmsh modify /sys db tm.rstcause.log value enable 2) tmsh modify /sys db tm.rstcause.pkt value enable
3) Capture the packets on LTM using the following commands.
tcpdump -ni 0.0:nnnp -s0 -w /var/tmp/.pcap
4) capture the packets on the client host experiencing the issue using wireshark.
NOTE: both step 3 and 4 should be performed simultaneously while client experiencing the issue
5) terminate the logs by using following commands. tmsh modify /sys db tm.rstcause.log value disable tmsh modify /sys db tm.rstcause.pkt value disable
By Analysing the Captures in wire-shark and LTM logs, you should be able to find the root cause for the issue
