Forum Discussion

Nik's avatar
Nik
Icon for Cirrus rankCirrus
May 02, 2014

Logging outgoing SNAT List connections

I have a number of servers in snat lists and we're trying to figure out what servers are actually making connections. I haven't found anyplace to do this.. any ideas if it's possible?  
application delivery
design
logging
LTM
management
snat
StephanManthey's avatar
StephanManthey
Icon for MVP rankMVP
May 02, 2014

I guess, a wildcard virtual server is listening on the internal VLAN and forwards outgoing connection, right? In this case the iRule above assigned to this virtual server will log the internal server in the first log statement. The second log statement lists the used SNAT address as local address. Feel free to combine the log statements into a single one.

An alternative approach for just monitoring the current open connection would be the "tmsh show sys conn" command.

By specifying a client´s IP address (option "cs-client-addr") you can lookup your current connection table.

Here is an example to display connections intiated by 10.131.131.201: 
 tmsh show sys conn cs-client-addr 10.131.131.201
Sys::Connections
10.131.131.201:50266  10.131.131.141:80  10.131.131.131:50266  10.131.131.121:80  tcp  1  (tmm: 0)  none
Total records returned: 1

Client 10.131.131.201 tries to connect and gets SNATed by 10.131.131.131 when being connected to 10.131.131.121.

Be carefull when using this command in the context of large connection tables, please!

Thanks, Stephan