Forum Discussion

Jim_24689's avatar
Icon for Nimbostratus rankNimbostratus
May 03, 2012

Tracing traffic through an LTM.




How can I troubleshoot an LTM configuration where I see traffic proceeding from the backend of the LTM to the application node, and oberving the node responding by sending traffic back to the backend IP address of the LTM while not seeing the VIP of the application respond to the client?



Could I determine if the node is stomping on the automap SNAT and trying to send the traffic somewhere else ?




I have tcpdump-ed the backend to the node: tcpdump -ni vlan006 host -s 0 -w ./be.cap



as well as the frontend to the VIP.



tcpdump -ni -frontend host -s 0 -w ./fe.cap



The traces do in fact show what the application is observing but I don't know how to debugg it.

3 Replies

  • You're doing it exact the way I do... You may want to tcpdump on the server to see how it looks there as well. Unfortunately, I don't know of a better way. Slightly off topic, but be sure you're not capturing to your home directory, /var/tmp is a good target directory...










  • I concur with John. I always trap to /var/tmp. I also run my dump just as you do except I cap the size at 1600 usually. Other than at the server, you could trap on your switch. You should see everything between the LTM and the server. If you're using Wireshark, they have good debug tools built in; I usually right click a packet and choose to 'trace conversation' to get just that communication stream broken out. I hope that helps?