Forum Discussion
NimbostratusVS is not working
Hi Guys,
My name is Marian, I'm a new user in DevCentral. I have problems with a VS (10.190.8.10) we create one is for http, one for rtsp and one for rtmp. The thing is when a client (10.190.100.150) ask for the content the VS looks like is not working. The LTM is the gateway for the nodes (10.190.23.254). I have a default route for this so I don't have Snat. I have a tcpdump, If someone can be so kind as to give me a review. Thanks a lot!!
[root@Prod_A:Active] config tcpdump -e -i 0.0 -nn -p host 10.190.100.159 and host 10.190.8.10 and port 80 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 96 bytes 12:18:17.590753 ethertype 802.1Q (0x8100), length 70: vlan 4093, p 0, ethertype IPv4, 10.190.100.159.56320 > 10.190.8.10.80: S 3178197221:3178197221(0) win 65535 12:18:17.590796 ethertype 802.1Q (0x8100), length 70: vlan 4093, p 0, ethertype IPv4, 10.190.8.10.80 > 10.190.100.159.56320: S 3466574693:3466574693(0) ack 3178197222 win 4014 12:18:17.656727 ethertype 802.1Q (0x8100), length 58: vlan 4093, p 0, ethertype IPv4, 10.190.100.159.56320 > 10.190.8.10.80: . ack 1 win 1024 12:18:17.657617 ethertype 802.1Q (0x8100), length 372: vlan 4093, p 0, ethertype IPv4, 10.190.100.159.56320 > 10.190.8.10.80: P 1:315(314) ack 1 win 1024 12:18:17.657642 ethertype 802.1Q (0x8100), length 58: vlan 4093, p 0, ethertype IPv4, 10.190.8.10.80 > 10.190.100.159.56320: . ack 315 win 4328 12:18:21.336715 ethertype 802.1Q (0x8100), length 70: vlan 4093, p 0, ethertype IPv4, 10.190.100.159.56327 > 10.190.8.10.80: S 4045256497:4045256497(0) win 8192 12:18:21.336765 ethertype 802.1Q (0x8100), length 70: vlan 4093, p 0, ethertype IPv4, 10.190.8.10.80 > 10.190.100.159.56327: S 1795969471:1795969471(0) ack 4045256498 win 4014 12:18:21.402397 ethertype 802.1Q (0x8100), length 58: vlan 4093, p 0, ethertype IPv4, 10.190.100.159.56327 > 10.190.8.10.80: . ack 1 win 64 12:18:21.402988 ethertype 802.1Q (0x8100), length 144: vlan 4093, p 0, ethertype IPv4, 10.190.100.159.56327 > 10.190.8.10.80: P 1:87(86) ack 1 win 64 12:18:21.403009 ethertype 802.1Q (0x8100), length 58: vlan 4093, p 0, ethertype IPv4, 10.190.8.10.80 > 10.190.100.159.56327: . ack 87 win 4100 12:18:21.468875 ethertype 802.1Q (0x8100), length 113: vlan 4093, p 0, ethertype IPv4, 10.190.100.159.56327 > 10.190.8.10.80: P 87:142(55) ack 1 win 64 12:18:21.468906, ethertype 802.1Q (0x8100), length 58: vlan 4093, p 0, ethertype IPv4, 10.190.8.10.80 > 10.190.100.159.56327: . ack 142 win 4155 12:18:24.353261 ethertype 802.1Q (0x8100), length 70: vlan 4093, p 0, ethertype IPv4, 10.190.100.159.56328 > 10.190.8.10.80: S 2939790242:2939790242(0) win 8192 12:18:24.353312 ethertype 802.1Q (0x8100), length 70: vlan 4093, p 0, ethertype IPv4, 10.190.8.10.80 > 10.190.100.159.56328: S 2100515138:2100515138(0) ack 2939790243 win 4014 12:18:24.353072 ethertype 802.1Q (0x8100), length 58: vlan 4093, p 0, ethertype IPv4, 10.190.100.159.56327 > 10.190.8.10.80: F 142:142(0) ack 1 win 64 12:18:24.353106 ethertype 802.1Q (0x8100), length 58: vlan 4093, p 0, ethertype IPv4, 10.190.8.10.80 > 10.190.100.159.56327: . ack 143 win 4155 12:18:24.354174 ethertype 802.1Q (0x8100), length 70: vlan 4093, p 0, ethertype IPv4, 10.190.100.159.56331 > 10.190.8.10.80: S 164731020:164731020(0) win 8192 12:18:24.354240 ethertype 802.1Q (0x8100), length 70: vlan 4093, p 0, ethertype IPv4, 10.190.8.10.80 > 10.190.100.159.56331: S 2135722860:2135722860(0) ack 164731021 win 4014 12:18:24.418076 ethertype 802.1Q (0x8100), length 58: vlan 4093, p 0, ethertype IPv4, 10.190.100.159.56328 > 10.190.8.10.80: R 2939790243:2939790243(0) win 0
20 Replies
Cory_50405Noctilucent
This capture is just on the client/VS side. Can you also post a capture between your F5 and the web server sitting behind your F5? Could you also elaborate on your pool config?
Marian_A_142180Thanks Cody,
I'm trying to make a capture but is empty:
[root@:Active] config tcpdump -e -i 0.0 -nn -p host 10.190.8.10 and host 10.190.23.1 and port 80 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 96 bytes ^C 0 packets captured 0 packets received by filter 0 packets dropped by kernel [root@Prod_A:Active] config tcpdump -e -i 0.0 -nn -p host 10.190.8.10 and host 10.190.23.2 and port 80 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 96 bytes ^C 0 packets captured 0 packets received by filter 0 packets dropped by kernel [root@Prod_A:Active] config
Ltm::Node: 10.190.23.2 (10.190.23.2)Status
Availability : available State : enabled Reason : Node address is available Monitor : /Common/gateway_icmp (default node monitor) Monitor Status : up Session Status : enabled
Ltm::Node: 10.190.23.1 (10.190.23.1)Status
Availability : available State : enabled Reason : Node address is available Monitor : /Common/gateway_icmp (default node monitor) Monitor Status : up Session Status : enabled
Ltm::Pool: http_poolStatus
Availability : available
State : enabled
Reason : The pool is available Monitor : http and /Common/tcp_half_open Minimum Active Members : 0
Current Active Members : 2
Total Requests : 0Thanks for your time
- Cory_50405
Your tcpdump attempt on the server side is specifying the VIP address. Production traffic will not include the VIP if you are trying to capture on the server side. If you aren't performing SNAT, it'll be from the original client IP address to the servers. If you replace 10.190.8.10 with the client IP address in your two latest tcpdumps, you should see something.
- Marian_A_142180
Sorry Cory,
The capture
[root@Prod_A:Active] config tcpdump -e -i 0.0 -nn -p host 10.190.100.159 and port 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 96 bytes
17:30:11.952693 ethertype 802.1Q (0x8100), length 372: vlan 23, p 0, ethertype IPv4, 10.190.100.159.19482 > 10.190.23.1.80: P 2765136783:2765137097(314) ack 876391751 win 4380
17:30:16.152410 ethertype 802.1Q (0x8100), length 372: vlan 23, p 0, ethertype IPv4, 10.190.100.159.19482 > 10.190.23.1.80: P 0:314(314) ack 1 win 4380
17:30:24.352379 ethertype 802.1Q (0x8100), length 372: vlan 23, p 0, ethertype IPv4, 10.190.100.159.19482 > 10.190.23.1.80: P 0:314(314) ack 1 win 4380
17:30:33.858194 ethertype 802.1Q (0x8100), length 58: vlan 80, p 0, ethertype IPv4, 10.190.100.159.53435 > 10.190.8.10.80: R 4185587299:4185587299(0) ack 2320324681 win 0
17:30:33.858242 ethertype 802.1Q (0x8100), length 58: vlan 23, p 0, ethertype IPv4, 10.190.100.159.19482 > 10.190.23.1.80: R 314:314(0) ack 1 win 4380
17:30:33.939621 ethertype 802.1Q (0x8100), length 70: vlan 80, p 0, ethertype IPv4, 10.190.100.159.53441 > 10.190.8.10.80: S 3385486892:3385486892(0) win 65535
17:30:33.939666 ethertype 802.1Q (0x8100), length 70: vlan 80, p 0, ethertype IPv4, 10.190.8.10.80 > 10.190.100.159.53441: S 1185017584:1185017584(0) ack 3385486893 win 4014
17:30:34.005386 ethertype 802.1Q (0x8100), length 58: vlan 80, p 0, ethertype IPv4, 10.190.100.159.53441 > 10.190.8.10.80: . ack 1 win 1024
17:30:34.005459 ethertype 802.1Q (0x8100), length 70: vlan 23, p 0, ethertype IPv4, 10.190.100.159.53441 > 10.190.23.2.80: S 3170405114:3170405114(0) win 4380
17:30:34.005712 ethertype 802.1Q (0x8100), length 372: vlan 80, p 0, ethertype IPv4, 10.190.100.159.53441 > 10.190.8.10.80: P 1:315(314) ack 1 win 1024
17:30:34.005742 ethertype 802.1Q (0x8100), length 58: vlan 80, p 0, ethertype IPv4, 10.190.8.10.80 > 10.190.100.159.53441: . ack 315 win 4328
17:30:34.005917 ethertype 802.1Q (0x8100), length 70: vlan 23, p 0, ethertype IPv4, 10.190.23.2.80 > 10.190.100.159.53441: S 1090504938:1090504938(0) ack 3170405115 win 8192
17:30:34.005939 ethertype 802.1Q (0x8100), length 58: vlan 23, p 0, ethertype IPv4, 10.190.100.159.53441 > 10.190.23.2.80: . ack 1 win 4380
17:30:34.005945 ethertype 802.1Q (0x8100), length 372: vlan 23, p 0, ethertype IPv4, 10.190.100.159.53441 > 10.190.23.2.80: P 1:315(314) ack 1 win 4380
17:30:35.205918 ethertype 802.1Q (0x8100), length 372: vlan 23, p 0, ethertype IPv4, 10.190.100.159.53441 > 10.190.23.2.80: P 1:315(314) ack 1 win 4380
17:30:37.405690 ethertype 802.1Q (0x8100), length 372: vlan 23, p 0, ethertype IPv4, 10.190.100.159.53441 > 10.190.23.2.80: P 1:315(314) ack 1 win 4380
17:30:41.605896 ethertype 802.1Q (0x8100), length 372: vlan 23, p 0, ethertype IPv4, 10.190.100.159.53441 > 10.190.23.2.80: P 1:315(314) ack 1 win 4380
^C 17 packets captured 17 packets received by filter 0 packets dropped by kernel
- Cory_50405
So the three way handshake between your client and the VS completes, and then the three way handshake between the client and server completes. Your client then starts pushing data to your server and no acknowledgements come back after that point. What is your client trying to send to the server? It seems after the three way handshake, the server isn't responding any longer.
- Marian_A_142180
Well the client in this case, only request for content (video) to the server, we made a test asking the video directly on the server, "taking out" the LTM and we can see the content.
But could be that the server is not sending "correctly" the content to the LTM? Is correct that the LTM don't have configured AutoMap?
- Cory_50405SNAT is not needed if your servers have a default gateway set to the LTM. Based on the packet capture, the server is routing back through the LTM. Another question, do you have any profiles applied to your virtual server? Specifically, an HTTP profile? Try removing it if so, and see if that makes a difference.
- Marian_A_142180
VS for HTTP is type standard and don't have profile the option es NONE :(
- Cory_50405Can you post your virtual server configuration here as you did with your pool and nodes?
- Marian_A_142180
yes
Ltm::Virtual Server: vs_httpStatus
Availability : available State : enabled Reason : The virtual server is available CMP : enabled CMP Mode : all-cpus Destination : 10.190.8.10:80 - Cory_50405
You've posted captures from both sides of the LTM and I don't see anything in these captures that points to the problem. Can you run a capture on one of the nodes by chance?
- Marian_A_142180
Cory,
I have the capture is helpful for you? or you need all the .pcapng file?
- Cory_50405I see packet sizes in excess of 1500 bytes in this capture, but I didn't see them on the capture you took on the LTM. What is the TCP MSS set to on your servers?
