Forum Discussion
NimbostratusTime Sync issue on Application Servers
Hi all, currently we face some issue where two of our VM are recording slight difference in time capture of the transaction. I have check the VM tools and it's not sync to the ESX host. I have also check on the w32tm configuration and both are pointing to our domain controller. I have run w32tm /monitor /computers:xxxx on both computers and I see only 1-2ms difference.
I need to check on the F5 to see how long are the tcp sessions and the command which I have below is BigPipe. Would someone be able to advise the tmos command ?
b conn client | grep tcp
5 Replies
- nitass
Employee
do you mean tmsh command to show active connection?
e.g.
bigpipe [root@ve10:Active] config b conn client 192.168.206.178 server 172.28.24.9 show all VIRTUAL 172.28.24.9:80 <-> NODE 200.200.200.101:80 TYPE any 1/0 CLIENTSIDE 192.168.206.178:63763 <-> 172.28.24.9:80 (pkts,bits) in = (4, 500) out = (2, 481) SERVERSIDE 200.200.200.15:63763 <-> 200.200.200.101:80 (pkts,bits) in = (3, 521) out = (4, 500) PROTOCOL 6 UNIT 1 IDLE 2 (300) LASTHOP external 00:01:e8:d5:d4:47 VIRTUAL 172.28.24.9:80 <-> NODE 200.200.200.101:80 TYPE any 1/0 CLIENTSIDE 192.168.206.178:63764 <-> 172.28.24.9:80 (pkts,bits) in = (5, 546) out = (6, 4534) SERVERSIDE 200.200.200.15:63764 <-> 200.200.200.101:80 (pkts,bits) in = (5, 4494) out = (5, 546) PROTOCOL 6 UNIT 1 IDLE 2 (300) LASTHOP external 00:01:e8:d5:d4:47 tmsh [root@ve10:Active] config tmsh show sys connection cs-client-addr 192.168.206.178 cs-server-addr 172.28.24.9 all-properties Sys::Connections 192.168.206.178:63763 - 172.28.24.9:80 - 200.200.200.101:80 ----------------------------------------------------------- TMM 0 Type any Protocol tcp Idle Time 4 Idle Timeout 300 Unit ID 1 Lasthop external 00:01:e8:d5:d4:47 Virtual Path 172.28.24.9:80 ClientSide ServerSide Client Addr 192.168.206.178:63763 200.200.200.15:63763 Server Addr 172.28.24.9:80 200.200.200.101:80 Bits In 4.0K 4.1K Bits Out 3.8K 4.0K Packets In 4 3 Packets Out 2 4 192.168.206.178:63764 - 172.28.24.9:80 - 200.200.200.101:80 ----------------------------------------------------------- TMM 0 Type any Protocol tcp Idle Time 4 Idle Timeout 300 Unit ID 1 Lasthop external 00:01:e8:d5:d4:47 Virtual Path 172.28.24.9:80 ClientSide ServerSide Client Addr 192.168.206.178:63764 200.200.200.15:63764 Server Addr 172.28.24.9:80 200.200.200.101:80 Bits In 4.3K 35.9K Bits Out 36.2K 4.3K Packets In 5 5 Packets Out 6 5 Total records returned: 2 
Doran_LumThanks so much for the answer.. it's pretty close to what I need..
But your second command result is what I'm looking for except it's for a specific source and destination.
I need to track the time taken for each session before it timeout.
- nitass
is irule and tcl clock command useful? anyway, CLIENT_CLOSED is triggered when connection is closed either by manual or idle timeout.
e.g.
config root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar ltm virtual bar { destination 172.28.24.10:23 ip-protocol tcp mask 255.255.255.255 pool foo profiles { mytcp { } } rules { myrule } source 0.0.0.0/0 source-address-translation { type automap } vs-index 7 } root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm profile tcp mytcp ltm profile tcp mytcp { app-service none defaults-from tcp idle-timeout 60 keep-alive-interval 4294967295 } root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule myrule ltm rule myrule { when CLIENT_ACCEPTED { set start [clock seconds] } when CLIENT_CLOSED { log local0. "Client=[IP::client_addr]:[TCP::client_port] VS=[IP::local_addr]:[TCP::local_port] Duration=[expr {[clock seconds] - $start}] sec" } } /var/log/ltm [root@ve11a:Active:In Sync] config tail -f /var/log/ltm Feb 11 00:07:32 ve11a info tmm1[13662]: Rule /Common/myrule : Client=192.168.206.178:57236 VS=172.28.24.10:23 Duration=64 sec - Doran_Lum
After further investigation, it seems that one of the Application server was out-of-sync by 12-15 seconds..it might be the time sync on OS level issue
On F5, the default timeout is 300 seconds which I see is more than enough for most sessions.
- Doran_Lum
Hi all, currently we are still having the time sync issue for this time-sensitive and we have an idea to use F5 to resolve the issue.
Current setup on F5 is the traffic are on Round Robin Load Balancing Method to both application server.
Proposed Solution is to point the traffic to one application server but we still want to have the other application server as back-up.
Should I use Priority Group putting one of the server as Priority Group 2 and another as Priority Group 1 ? What Load Balancing Method should I use ?
