Forum Discussion
winston_85158
Nimbostratus
NimbostratusCloned traffic incomplete when forwarding to another virtual?
Hi
I am trying to copy traffic to packet capture device using a clone pool. The setup is as follows:
I have an external VIP that terminates SSL traffic on the client side, forwards the traffic to an internal VIP that re-encrypts traffic to the backend server. Forwarding of traffic is done via an irule:
when CLIENT_ACCEPTED {
virtual internal-vip
}
When I configure server side cloning on the external VIP I get incomplete traffic on the capture device. When I check a packet capture with wireshark it complains for every request: 'TCP Previous segment not captured'.
Note that cloning works fine if I a replace the trafic forwarding to another virtual by a normal pool.
Any thoughts on what may cause this behavior?
Winston
sirwinstonThanks for the effort you put into this!! I really appreciate it.
I cannot work on this today but will compare this with my setup tomorrow.
- sirwinston
@nitass
Your config was not significantly different from mine. Even making it identical did not produce different results, initially .....
However, when we made a tcpdump on the big-ip instead of on the clone pool member things looked very different (better). Originally, I was running the tcpdump within a Docker container on a linux host. It seems that this was causing the issue. Running the tcpdump on a plain linux clone pool member also give good result (but no extensive testing yet).
I am still confused about the reason behind these different results but it seems that my initial question was caused by wrong measurement and not by a non-working setup. I'll do some additional testing in the coming weeks an will update this thread with the results.
Thanks again for your effort.
- sirwinston
After testing with tcpdump on a brand new VM and not using Docker it seems that things are working fine. Marking this issue as answered.