Forum Discussion

Carl_rag

Nimbostratus

Jun 13, 2020

using TCPDUMP to see the selected node

How can I use TCPDUMP to see which node from a pool F5 selects after it receives traffic to a virtual server?

Cirrus

Jun 14, 2020

tcpdump -i 0.0:p host 10.20.1.1 -w /var/tmp/tcpdumps1.pcap

Use the above command. :p indicates peer side. In the above statement, IP address 10.20.1.1 is the Client ip address. Wireshark output will show which node it has selected from Pool.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

using TCPDUMP to see the selected node

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Illigal Parameter addition as custom signature set wanted to Unblock

Related Content

decrypted tcpdump capture without using an iRule and without using tshark

8. SYN Cookie: Troubleshooting tcpdump

decrypted tcpdump capture without using an iRule using tshark

Decrypting TLS with the tcpdump sslprovider

Using the Model Context Protocol with Open WebUI

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS