Forum Discussion
Altostratusltm shows only half session in tcpdump
MVPHi too,
You can run a tcpdump that contains both client-side and server-side traffic using the p switch.
An example would be:
tcpdump -i 0.0:nnnp host <VS_ipAddress> -w /shared/tmp/somefile.capAlso see this KB article for more details: K20233108: Running the tcpdump utility using the p interface modifier
Or you did that tcpdump already and you still don't see any attempt to send traffic to any pool member?
Are health monitors OK, showing green? Can you observe traffic from the health monitors or did you try to curl / telnet to the pool members?
KR
Daniel
gof5Hi Daniel,
thanks for the prompt reply. what you have suggested is not something i have done yet. as i read through the article it says to follow caution when using the "p" switch? is it that heavy on the box to run tcpdump with that switch? in that case i might need to do it after hours maybe. yes the health monitors are all green. the tcpdump i did earlier was using the curl command though.
thanks.
- Daniel_Wolf
I think that practically every article on that matter will mention that you should be careful when you run tcpdump on a busy box. I don't know whether your box is busy or not, but here are some hints.
You can run tcpdump -D. This will output a list of all available interfaces. You could use the corresponding interface from the list, instead of using 0.0. Example:
Also you should filter as precisely as possible and combine filters. In the following example I filter for host IP and port.
Also in this example I use tcpdump -n to disable name resolution of host names. Example:
tcpdump -ni external host 10.100.200.50 and port 80And if you are really not sure, whether running a tcpdump will be too heavy for your box during daytime... Yes, running it after hours might be better.
