Forum Discussion
nitass_89166
Noctilucent
have you tried LB_FAILED?
e.g.
config
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
destination 172.28.24.10:80
ip-protocol tcp
mask 255.255.255.255
pool foo
profiles {
http { }
tcp { }
}
rules {
qux
}
source 0.0.0.0/0
source-address-translation {
type automap
}
vs-index 41
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
members {
200.200.200.101:80 {
address 200.200.200.101
}
}
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
when LB_FAILED {
log local0. "cs src [IP::client_addr]:[TCP::client_port] dst [IP::local_addr]:[TCP::local_port] \
ss src [serverside {IP::local_addr}]:[serverside {TCP::local_port}] dst [IP::server_addr]:[TCP::server_port]"
}
when SERVER_CONNECTED {
log local0. "cs src [IP::client_addr]:[TCP::client_port] dst [clientside {IP::local_addr}]:[clientside {TCP::local_port}] \
ss src [IP::local_addr]:[TCP::local_port] dst [IP::server_addr]:[TCP::server_port]"
}
}
trace
[root@ve11a:Active:In Sync] config tcpdump -nni 0.0 -s0 port 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes
18:33:30.234595 IP 172.28.24.1.46920 > 172.28.24.10.80: S 2765154856:2765154856(0) win 5840 in slot1/tmm0 lis=
18:33:30.234675 IP 172.28.24.10.80 > 172.28.24.1.46920: S 420746216:420746216(0) ack 2765154857 win 4380 out slot1/tmm0 lis=/Common/bar
18:33:30.236318 IP 172.28.24.1.46920 > 172.28.24.10.80: . ack 1 win 5840 in slot1/tmm0 lis=/Common/bar
18:33:30.237491 IP 172.28.24.1.46920 > 172.28.24.10.80: P 1:156(155) ack 1 win 5840 in slot1/tmm0 lis=/Common/bar
18:33:30.237555 IP 200.200.200.14.46920 > 200.200.200.101.80: S 4231709820:4231709820(0) win 4380 out slot1/tmm0 lis=/Common/bar
18:33:30.237568 IP 172.28.24.10.80 > 172.28.24.1.46920: . ack 156 win 4535 out slot1/tmm0 lis=/Common/bar
18:33:30.261632 IP 200.200.200.101.80 > 200.200.200.14.46920: R 0:0(0) ack 4231709821 win 0 in slot1/tmm0 lis=/Common/bar
18:33:30.261805 IP 172.28.24.10.80 > 172.28.24.1.46920: R 1:1(0) ack 156 win 4535 out slot1/tmm0 lis=/Common/bar
/var/log/ltm
[root@ve11a:Active:In Sync] config tail -f /var/log/ltm
Jun 22 18:33:30 ve11a info tmm[9801]: Rule /Common/qux : cs src 172.28.24.1:46920 dst 172.28.24.10:80 ss src 200.200.200.14:46920 dst 200.200.200.101:80
natti
Jun 23, 2014Nimbostratus
Yup! Thanks, just what I needed, works perfectly :)