13-Dec-201610:56 - last edited on 03-Jun-202323:33 by JimmyPackets
Im working to develop a health monitor i Am using a "External Monitor". This monitor try to send a string that its concatenate with the date of the operating system, the string is send correctly, however we dont get a sucessful reponse of destination server, We expect that the response from server be an other string with this we can check the health of the final server.
The only diference with the client application request, are some packets that i understand are sending correctly and correspond to the TCP interaction;
The cuestion its that if i can replicate the client behavior using a netcat i.e. avoid the last FIN/ACK flag sending by source, althoug i understand that this last packet send by the F5 is expected on normal TCP negotation. According to the developers of the destination server the string is ok however they doesnt know why the app doesnt response.
Using the nc utility to get data from the server.
`reply2=$(echo "$chain" | /usr/bin/nc $node_ip $2 2>&1 > /dev/null)
`
Search the data received for the expected expression.
`if [[ $reply2 == *"0810"* ]]
then
`
Remove the pidfile before the script echoes anything to stdout and is killed by bigd
`rm -f $pidfile
echo "up"
fi
`
This is a one connection send by F5 script :
`Client send a request for SYNC >IP 172.16.230.232.44127 > 172.31.140.196.8300: S 220757023:220757023(0) win 14600
Server response SYNC/ACK > IP 172.31.140.196.8300 > 172.16.230.232.44127: S 2820505845:2820505845(0) ack 220757024 win 64436
Client complete Handshake > IP 172.16.230.232.44127 > 172.31.140.196.8300: . ack 1 win 115
Client Send DATA request >IP 172.16.230.232.44127 > 172.31.140.196.8300: P 1:194(193) ack 1 win 115
Client send FIN/ACK >IP 172.16.230.232.44127 > 172.31.140.196.8300: F 194:194(0) ack 1 win 115
Server send ACK of Data request>IP 172.31.140.196.8300 > 172.16.230.232.44127: . ack 194 win 64436
Server send ACK of FIN/ACK >IP 172.31.140.196.8300 > 172.16.230.232.44127: . ack 195 win 64436
Server send FIN/ACK >IP 172.31.140.196.8300 > 172.16.230.232.44127: F 1:1(0) ack 195
Client Send ACK >IP 172.16.230.232.44127 > 172.31.140.196.8300: . ack 2 win 115
`
Normal conversation between a client and server:
`Client send a request > IP 172.16.230.231.56943 > 172.31.140.196.8300: P 198:396(198) ack 136 win 4785
Server response > IP 172.31.140.196.8300 > 172.16.230.231.56943: P 136:271(135) ack 396 win 64240
ACK from the client >IP 172.16.230.231.56943 > 172.31.140.196.8300: . ack 271 win 4920
IP 172.16.230.231.56943 > 172.31.140.196.8300: P 396:594(198) ack 271 win 4920 out
IP 172.31.140.196.8300 > 172.16.230.231.56943: P 271:406(135) ack 594 win 64240 in
IP 172.16.230.231.56943 > 172.31.140.196.8300: . ack 406 win 5055 out
IP 172.16.230.231.56943 > 172.31.140.196.8300: P 594:792(198) ack 406 win 5055 out slot1/tmm0 lis=/Autorization/vs_FEPAS_TicketCar
IP 172.31.140.196.8300 > 172.16.230.231.56943: P 406:541(135) ack 792 win 64240 in slot1/tmm0 lis=/Autorization/vs_FEPAS_TicketCar
IP 172.16.230.231.56943 > 172.31.140.196.8300: . ack 541 win 5190 out slot1/tmm0 lis=/Autorization/vs_FEPAS_TicketCar
Run this yourself and check the output. Once you're happy that it works as expected then add the last part of the script to output to /dev/null and check the response with $?
The issue was related with the way that the nc "netcat" handle the communication, we perform the TCP comunication through perl command, with this we avoid the FIN/ACK packet send by F5 before the server response,
!/usr/bin/perl
create a connecting socket
my $socket = new IO::Socket::INET (
PeerHost => $IP,
PeerPort => $port,
Proto => 'tcp',
);
