Forum Discussion
NimbostratusTracking LB client & server session
Is there any options in TCPDump command to track end-to-end LB session i.e, client to LB & LB to backend servers. Iam trying the below command which display the connections from client IP to LB virtual IP.
tcpdump -nnn -s0 -i -n host and port 443
We have a SNAT pool configured with 3 IPs and these IPs establish session with the backend servers. There are lot of connections going when I traced the SNAT IPs and unable to find out which one belongs to the client IP which Iam looking for. Can someone throw some light on this?
2 Replies
Samir_Jha_52506Noctilucent
TCPDump is best option to check number live connection, But every time you can't run TCPDump on LB.
Below command will help you to session on LB.
b virtual showb pool show
What_Lies_Bene1Cirrostratus
This is of course the downside of SNAT and more generally PAT. Assuming you can't easily design the SNAT out of the equation you'll need to check the connection table, find out how the client has been SNATted and create your tcpdump filter based on that. To make it easier you probably want to do this in two different terminal windows.
So, view the connection table with
- you can filter by address but sorry I can't remember the syntax, just use ? to bring up the optionstmsh show sys conn ...Then use tcpdump as follows;
tcpdump -i 0.0 -nn -s0 'host real_client_ip or (host snat_ip and port snat_port)
