Forum Discussion
swo0sh_gt_13163
Altostratus
AltostratusStandby Appliance receives HTTP Requests.
Hello Pros,
I am working on a weird issue. Where customer is using BigIP 8900 11.2.1 HF10. While performing health-check for a customer, I observed that standby unit was showing some HTTP Connec...
nitass_89166
Noctilucent
Noctilucentare you using connection mirroring?
e.g.
configuration
[root@ve11a:Active:In Sync] config tmsh list ltm virtual bar
ltm virtual bar {
destination 172.28.24.10:80
ip-protocol tcp
mask 255.255.255.255
mirror enabled
pool foo
profiles {
http { }
tcp { }
}
rules {
qux
}
source 0.0.0.0/0
source-address-translation {
type automap
}
vs-index 12
}
[root@ve11a:Active:In Sync] config tmsh list ltm rule qux
ltm rule qux {
when HTTP_REQUEST {
log local0. "hostname: [info hostname] \
active: [HA::status active] standby: [HA::status standby] \
client: [IP::client_addr]:[TCP::client_port]"
}
when HTTP_RESPONSE {
log local0. "hostname: [info hostname] \
active: [HA::status active] standby: [HA::status standby] \
client: [IP::client_addr]:[TCP::client_port]"
}
}
active
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) show ltm virtual bar raw
(raw)
------------------------------------------------------------------
Ltm::Virtual Server: bar
------------------------------------------------------------------
Status
Availability : unknown
State : enabled
Reason : The children pool member(s) either don't have service checking enabled, or service check results are not available yet
CMP : enabled
CMP Mode : all-cpus
Destination : 172.28.24.10:80
Traffic ClientSide Ephemeral General
Bits In 3312 0 -
Bits Out 4320 0 -
Packets In 6 0 -
Packets Out 5 0 -
Current Connections 0 0 -
Maximum Connections 1 0 -
Total Connections 1 0 -
Evicted Connections 0 0 -
Slow Connections Killed 0 0 -
Min Conn Duration/msec - - 169
Max Conn Duration/msec - - 169
Mean Conn Duration/msec - - 169
Total Requests - - 1
SYN Cookies
Status not-activated
Hardware SYN Cookie Instances 0
Software SYN Cookie Instances 0
Current SYN Cache 0
SYN Cache Overflow 0
Total Software 0
Total Software Accepted 0
Total Software Rejected 0
Total Hardware 0
Total Hardware Accepted 0
CPU Usage Ratio (%)
Last 5 Seconds 0
Last 1 Minute 0
Last 5 Minutes 0
[root@ve11a:Active:In Sync] config tail -f /var/log/ltm
Dec 21 23:14:27 ve11a info tmm1[14890]: Rule /Common/qux : hostname: ve11a.acme.local active: 1 standby: 0 client: 172.28.24.1:57671
Dec 21 23:14:27 ve11a info tmm1[14890]: Rule /Common/qux : hostname: ve11a.acme.local active: 1 standby: 0 client: 172.28.24.1:57671
standby
root@(ve11b)(cfg-sync In Sync)(Standby)(/Common)(tmos) show ltm virtual bar raw
(raw)
------------------------------------------------------------------
Ltm::Virtual Server: bar
------------------------------------------------------------------
Status
Availability : unknown
State : enabled
Reason : The children pool member(s) either don't have service checking enabled, or service check results are not available yet
CMP : enabled
CMP Mode : all-cpus
Destination : 172.28.24.10:80
Traffic ClientSide Ephemeral General
Bits In 3312 0 -
Bits Out 0 0 -
Packets In 6 0 -
Packets Out 0 0 -
Current Connections 0 0 -
Maximum Connections 1 0 -
Total Connections 1 0 -
Evicted Connections 0 0 -
Slow Connections Killed 0 0 -
Min Conn Duration/msec - - 268
Max Conn Duration/msec - - 268
Mean Conn Duration/msec - - 268
Total Requests - - 1
SYN Cookies
Status not-activated
Hardware SYN Cookie Instances 0
Software SYN Cookie Instances 0
Current SYN Cache 0
SYN Cache Overflow 0
Total Software 0
Total Software Accepted 0
Total Software Rejected 0
Total Hardware 0
Total Hardware Accepted 0
CPU Usage Ratio (%)
Last 5 Seconds 0
Last 1 Minute 0
Last 5 Minutes 0
[root@ve11b:Standby:In Sync] config tail -f /var/log/ltm
Dec 21 23:14:27 ve11b info tmm1[14917]: Rule /Common/qux : hostname: ve11b.acme.local active: 0 standby: 1 client: 172.28.24.1:57671
Dec 21 23:14:27 ve11b info tmm1[14917]: Rule /Common/qux : hostname: ve11b.acme.local active: 0 standby: 1 client: 172.28.24.1:57671
Shiraz_84431
Nimbostratus
NimbostratusHi Nitass,
I am using connection mirroring and I see the same number of connections for virtual servers on both standby and active units. I also checked using the tcpdump command and found that on standby device, I see all the IN packets and on active IN and OUT Packets. Is this normal to even have the packets flow replicated on standby units when we have connection mirroring?
Regards,
Mohammed