Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

Are you an expert?    Interested in presenting at F5 AppWorld 2024?    Submit a proposal by Nov 29th!

Display LTM connections??

Go to solution
JRichter_151775
Nimbostratus
Nimbostratus

‎23-Apr-2014 10:59

I am very new to F5 Big IP, mainly worked with Cisco CSMs and Citrix NetScaler load balancers in the past.....what I am trying to find is how to display what hosts are connected to a particular virtual server, what pool member it's getting routed to and what SNAT address the source is being assigned, etc.

 

WHat I have is a pair of F5 Big IP 4200s set up in a HA configuration.

 

Thanks for any help...Jeff

 

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
smp_86112
Cirrostratus
Cirrostratus

‎23-Apr-2014 13:07 - last edited on ‎05-Jun-2023 14:12 by Fog

You didn't specify a version, but assuming you're running 10 or 11-something, Yoni is right. 

tmsh show sys connection
is the basic starting point, but if that's all you specify, you'll see all the connections - which is probably much more output than you want. You need to specify additional information about the endpoints you care about if you want to limit the output. I think of them as filters in a sense - they limit the output to only things that match. The ones I primarily use are:

cs-client-addr - the (client) source IP address on the clientside of the connection

cs-client-port - the (client) source port on the clientside of the connection

cs-server-addr - the (server) destination IP address on the clientside of the connection (i.e. the Virtual Server IP address)

cs-server-port - the (server) destination port on the clientside of the connection (i.e. the Virtual Server port)

ss-client-addr - the (client) source IP address on the serverside of the connection (i.e. the SNAT address)

ss-client-port - the (client) source port on the serverside of the connection (i.e. the SNAT port)

ss-server-addr - the (server) destination IP address on the serverside of the connection (i.e., the Pool Member address)

ss-server-port - the (server) destination port on the serverside of the connection (i.e., the Pool Member port)

You can mix/match these options as necessary to isolate the connections you are interested in. The more pieces of information you specify, the narrower your focus will be, and the smaller your output will become. So for example, this command would show me all connections from client 100.1.1.1, to any Virtual Server assigned address 10.1.1.0, that were load-balanced to Pool Member 192.168.1.1:9999: 

tmsh show sys conn cs-client-addr 100.1.1.1 cs-server-addr 10.1.1.0 ss-server-addr 192.168.1.1 ss-server-port 9999

I have noticed over multiple TMM releases that the ss-client-addr and ss-client-port do not work, despite being available according to the command help. That was frustrating, since quite often these connection points are very important. However I just confirmed they do work in 11.2.1HF10. So depending on what version you're running, you may not see the SNAT address in the output. I think you can also append the all-properties option which should include that output, like this. Unfortunately, the output is not formatted as nicely: 

tmsh show sys conn cs-client-addr 100.1.1.1 cs-server-addr 10.1.1.0 ss-server-addr 192.168.1.1 ss-server-port 9999 all-properties

Understanding exactly which points in the connection flow correspond to the cs-client-addr, ss-server-port, etc... options can be very, very helpful in isolating connections in the connection table.

View solution in original post

0 Kudos
16 REPLIES 16

Go to solution
yoni_100721
Nimbostratus
Nimbostratus

‎23-Apr-2014 12:17

tmsh show sys connection all-properties

 

you can filter with options do a "tmsh show sys connection ?" and see

 

0 Kudos

Go to solution
smp_86112
Cirrostratus
Cirrostratus

‎23-Apr-2014 13:07 - last edited on ‎05-Jun-2023 14:12 by Fog

You didn't specify a version, but assuming you're running 10 or 11-something, Yoni is right. 

tmsh show sys connection
is the basic starting point, but if that's all you specify, you'll see all the connections - which is probably much more output than you want. You need to specify additional information about the endpoints you care about if you want to limit the output. I think of them as filters in a sense - they limit the output to only things that match. The ones I primarily use are:

cs-client-addr - the (client) source IP address on the clientside of the connection

cs-client-port - the (client) source port on the clientside of the connection

cs-server-addr - the (server) destination IP address on the clientside of the connection (i.e. the Virtual Server IP address)

cs-server-port - the (server) destination port on the clientside of the connection (i.e. the Virtual Server port)

ss-client-addr - the (client) source IP address on the serverside of the connection (i.e. the SNAT address)

ss-client-port - the (client) source port on the serverside of the connection (i.e. the SNAT port)

ss-server-addr - the (server) destination IP address on the serverside of the connection (i.e., the Pool Member address)

ss-server-port - the (server) destination port on the serverside of the connection (i.e., the Pool Member port)

You can mix/match these options as necessary to isolate the connections you are interested in. The more pieces of information you specify, the narrower your focus will be, and the smaller your output will become. So for example, this command would show me all connections from client 100.1.1.1, to any Virtual Server assigned address 10.1.1.0, that were load-balanced to Pool Member 192.168.1.1:9999: 

tmsh show sys conn cs-client-addr 100.1.1.1 cs-server-addr 10.1.1.0 ss-server-addr 192.168.1.1 ss-server-port 9999

I have noticed over multiple TMM releases that the ss-client-addr and ss-client-port do not work, despite being available according to the command help. That was frustrating, since quite often these connection points are very important. However I just confirmed they do work in 11.2.1HF10. So depending on what version you're running, you may not see the SNAT address in the output. I think you can also append the all-properties option which should include that output, like this. Unfortunately, the output is not formatted as nicely: 

tmsh show sys conn cs-client-addr 100.1.1.1 cs-server-addr 10.1.1.0 ss-server-addr 192.168.1.1 ss-server-port 9999 all-properties

Understanding exactly which points in the connection flow correspond to the cs-client-addr, ss-server-port, etc... options can be very, very helpful in isolating connections in the connection table.

0 Kudos

Go to solution
Tom_9252
Nimbostratus
Nimbostratus
In response to smp_86112

‎08-Jan-2016 11:12

Very helpful - thanks!
0 Kudos

Go to solution
JRichter_151775
Nimbostratus
Nimbostratus

‎27-May-2014 08:02

Sorry for the delayed response....but THANK YOU for the replies.

 

0 Kudos

Go to solution
Neeraj_Jags_152
Cirrus
Cirrus

‎08-Jul-2014 22:32

Hi,

 

When I execute the command show /sys connection all-properties I get very huge output but I want to filter it for specific so if I enter the command show /sys connection all-properties | grep -i

 

then it does not show all the values of connection like idle time out etc.. any guess how to do that ?

 

I have 11.4 & 11.2 both version.

 

0 Kudos

Go to solution
smp_86112
Cirrostratus
Cirrostratus
In response to Neeraj_Jags_152

‎09-Jul-2014 05:12

I described the filtering mechanism rather completely above. To display the idle time and other properties of a connection, append the "all-properties" argument to the command. To display the available arguments, execute the command `tmsh show /sys connection ?`
0 Kudos

Go to solution
Neeraj_Jags_152
Cirrus
Cirrus

‎10-Jul-2014 11:49

Yes,

 

I tried the command and verifies the command it working for me only one thing was that. I was using the route domain thats why it was not working and while troubleshooting I got to know that I have to use route domain as % like below. show sys connection cs-client-addr 1.1.2.3%1701 all-properties the above work perfects.

 

as well as below also show /sys connection cs-client-addr 1.1.2.3%1701 all-properties

 

Neeraj Jagetia

 

0 Kudos

Go to solution
KDS2014
Nimbostratus
Nimbostratus

‎04-Sep-2015 11:24

I like this post.....this has helped me out.

 

0 Kudos

Go to solution
Yamazaki_Hi_257
Nimbostratus
Nimbostratus

‎03-Apr-2016 22:00

Do you Have Command to check while Some Session is Lost ? How Can I know ? What Session is lost ?

 

0 Kudos

Go to solution
sahrrr_261578
Nimbostratus
Nimbostratus

‎28-Apr-2016 11:06

If we have a lot of current connections, is there a way to execute that command into a log file for viewing?

 

0 Kudos

Go to solution
tatmotiv
Cirrostratus
Cirrostratus
In response to sahrrr_261578

‎29-Apr-2016 01:58

As with all Commands executed in Linux shell, you can redirect the output into a file, e.g. like this (execute in bash, not in tmsh!): bash tmsh show sys connection > /var/tmp/myconnectiondump.txt If you want to generate the file not on the BigIP, but directly on the remote machine on which you are running your ssh client to the BigIp, you could also spawn the ssh session like this: ssh -l | tee someoutputfile.txt That will write all the output of your SSH session into a file for later reference. putty on windows has a similar function somewhere. HTH, Martin
0 Kudos

Go to solution
tatmotiv
Cirrostratus
Cirrostratus
In response to sahrrr_261578

‎29-Apr-2016 02:01

dammit, devcentral alway messes up all the formatting in the comments. I'll copy my comment to a separate answer in order to improve readability.
0 Kudos

Go to solution
tatmotiv
Cirrostratus
Cirrostratus

‎29-Apr-2016 02:04 - last edited on ‎04-Jun-2023 17:40 by Fog

sahrrr,

as with all commands executed in Linux shell, you can redirect the output into a file, e.g. like this (execute in bash, not in tmsh!):

bash  tmsh show sys connection  > /var/tmp/myconnectiondump.txt

If you want to generate the file not on the BigIP, but directly on the remote machine on which you are running your ssh client to the BigIp, you could also spawn the ssh session like this nad then run the appropriate tmsh command in that session: 

ssh -l   | tee someoutputfile.txt

That will write all the output of your SSH session into a file for later reference. putty on windows has a similar function somewhere.

HTH, Martin

0 Kudos

Go to solution
IRONMAN
Cirrostratus
Cirrostratus

‎08-Oct-2016 11:05

CMD: tmsh show sys connection cs-server-addr 'VIP IP'

 

Output line:

 

client ip 2:60745 VIP IP:8090 ::.0 tcp 3

 

client ip 2:67546 VIP IP:8090 SS Server node:8090 tcp 3

 

in line one output i am getting server side as ::0 , second line i am getting server side ip with port number'

 

what is mean by first line output ?

 

0 Kudos

Go to solution
SachinGarg2_171
Nimbostratus
Nimbostratus

‎17-Feb-2017 06:20

try using the following command to see the connections on every VIP in last 5 miss to see a report whihc VIP is heavily loaded withconnections

 

tmsh show ltm virtual | grep -e Ltm::Virtual -e "Last 5 Minutes"

 

Best Regards Sachin

 

0 Kudos

Go to solution
F5_Design_Engineer
MVP
MVP

‎10-Nov-2023 21:25 - edited ‎10-Nov-2023 21:29

root@(TestF5)(cfg-sync Changes Pending)(Active)(/Production)(tmos)# show sys connection
Options:
all-properties

default

exa

field-fmt

gig

kil

meg

peta

raw

save-to-file

tera

yotta

zetta |
Properties:
age

connection-id

cs-client-addr

cs-client-port

cs-server-addr

cs-server-port

max-result-limit

protocol

ss-client-addr

ss-client-port

ss-server-addr

ss-server-port type

virtual-server

{

 

for filtering you can use following command

 

show sys connection all-properties | grep 141.a.b.c

(give your IP address or the word you want to search in grep)

 

show sys connection all-properties | grep -i -e  141.x.y.z

HTH

 

HaveahappydayYayGIF.gif

0 Kudos
Copyright © 2023 Khoros, LLC