Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Is there a way to trace connections?

Go to solution
TrainerBob
Nimbostratus
Nimbostratus

‎26-Sep-2023 14:59 - edited ‎26-Sep-2023 14:59

Is there a tool within the Big-IP that allows you to trace inbound connection to see which virtual server its being processed by?

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
PSFletchTheTek
MVP
MVP

‎27-Sep-2023 06:16

Hi,

A couple of people have asked very simular questions resently.
Try looking here
Solved: iRule to log traffic details - DevCentral (f5.com)

This page shows how to get the virtual server name
https://community.f5.com/t5/codeshare/example-of-static-variables-with-virtual-server-specific/ta-p/...You may also find these to links useful for HTTP and IP info for the connection.

https://clouddocs.f5.com/api/irules/HTTP.html

https://clouddocs.f5.com/api/irules/IP.html

From the first example, plus the other references you should be able to pull together you want to see and either log this to file or to a remote server.

 

 

View solution in original post

5 REPLIES 5

Go to solution
Paulius
MVP
MVP

‎26-Sep-2023 21:11

@TrainerBob I believe what you're looking for is at the following link.

https://my.f5.com/manage/s/article/K40033505

Once you have this information you should be able to easily tell which virtual server (VS) is being used based on destination IP, port, and protocol.

0 Kudos

Go to solution
TrainerBob
Nimbostratus
Nimbostratus
In response to Paulius

‎27-Sep-2023 05:51

This might be the solution. Can you explain what the "Slot" number and TMM instance is? Is this related to a virtual server?

The goal I'm trying to get to is to identify which VS is processing a specific connection. This is for troubleshooting purposes. 

0 Kudos

Go to solution
PSFletchTheTek
MVP
MVP

‎27-Sep-2023 02:27

Not to sure what you are trying to find out here.
But you can amend your logging to send logs on a per connection basis and review and filter that using a policy or irule.

Or you could use telemetry or netflow with a suitable collector to filter it down at that level.

Depends on what you are looking for and the tools around you.

The cli option is more real-time but again might tell you want you want to know.

0 Kudos

Go to solution
TrainerBob
Nimbostratus
Nimbostratus
In response to PSFletchTheTek

‎27-Sep-2023 05:53

Will the logs show which VS is processing a specific connection? I'm not seeing anything for my client IP when I grep /var/log/ltm for it. I'm guessing maybe I need to make a change to the log settings to get connections logged or they're in another log?

0 Kudos

Go to solution
PSFletchTheTek
MVP
MVP

‎27-Sep-2023 06:16

Hi,

A couple of people have asked very simular questions resently.
Try looking here
Solved: iRule to log traffic details - DevCentral (f5.com)

This page shows how to get the virtual server name
https://community.f5.com/t5/codeshare/example-of-static-variables-with-virtual-server-specific/ta-p/...You may also find these to links useful for HTTP and IP info for the connection.

https://clouddocs.f5.com/api/irules/HTTP.html

https://clouddocs.f5.com/api/irules/IP.html

From the first example, plus the other references you should be able to pull together you want to see and either log this to file or to a remote server.

 

 

Copyright © 2023 Khoros, LLC