tcpdump portrange option
Hi everyone, I'm trying to capture traffic directed to a certain range of tcp ports with tcpdump. When using the "portrange" expression I get a syntax error: tcpdump -i -s0 -w capture_file.trc portrange 8080-8082 tcpdump: syntax error in filter expression Is this expression supported on BIG-IP (1600 10.2.4 HF5)? Thanks in advance, Regards. moog67Solved12KViews0likes8CommentsURL rewrite through iRule
Hi Guys, i have one "Performance (HTTP)" virtual server on F5-1600 series, and i want to change the URL "http://www.abc.com" to "http://partner.abc.com/xyz". i have tried all below scripts : 1- when HTTP_REQUEST { if {([string tolower [HTTP::host]] equals "http://www.abc.com")}{ HTTP::header replace Host "http://partner.abc.com/xyz" } } 2- when HTTP_REQUEST { if { not ([HTTP::uri] starts_with "/xyz") } { HTTP::uri /xyz[HTTP::uri] } } 3- when HTTP_REQUEST { if {[HTTP::uri] equals {http://www.abc.com}} {HTTP::uri {http://partner.abc.com/xyz} } } but i wasn't successful! can anyone help me how can i do this through iRule ?Solved9KViews0likes27CommentsOffline (Enabled) - The children pool member(s) are down
Hi Friends, I am novice to F5 and following CBT Nuggets to understand LTM in a better way. I have completed basic configuration i.e defined Nodes, defined Pool and assigned Pool Members to my Pool. Now the problem is that I have enabled "http" health monitor and right after I click 'finished' the icon Transitions from 'Blue Square' to 'Rectangle Red' - Offline(Enabled) - The children pool member(s) are down when I hover over the Pool in 'Pool List'. Now this is a very basic setup with 3 .OVA web servers pre configured which I received in my Nuggetlabs. I am able to login to the servers using my browser, telnet 10.2.0.11 80 and curl http://10.2.0.11 commands but the Servers are showing as Offline(Enabled) - Pool member has been marked down by a monitor in 'Members' list. I need your help to proceed further please. Thanks in advance, SagarSolved8.3KViews0likes10CommentsPriority Group Activation, why use it?
If you have 3 members that are active within a pool and you select round robin LB method and set the priority group activation for less than 2, the virtual server is only going to use two of three nodes to round robin, why on earth would you configure this? this is an example in the f5 university. Wouldn't the goal be to use all active nodes within the pool and not limit it to use two of the three?6.9KViews0likes8CommentsSlow application performance when using BIG-IP LTM VE for load balancing.
The Question Is there some limitation on the BIG-IP F5 LTM that prevents it from being able to support a large user load and/or are there any configurations that could specifically interfere with performance of an application? Supporting Information I am load testing our application, and wanting to utilize our virtual F5 as the load balancer for the various clusters. Currently I am seeing slow response times when using a Virtual F5 as the load balancer. The slow performance is most apparent when the system is under load. While I can see slow performance in single user tests, it is not as extreme as when the system is under a large user load. When using other load balancing options (in our specific case, NLB) I am not seeing the same slow performance. I have tried a variaty of debugging steps, but none have really helped me to put a finger on a solution to the problem. 1. Checking VM resource usage All VMs show acceptable resource consumption and availability (no VMs appear to be strained... this includes the F5 VM.) 2. Checking ESX host usage All ESX hosts show acceptable resource consumption and availability (no ESX hosts appear to be strained.) 3. Adjustments to F5 configuration Disabled oneConnect for the F5 virtual server configuration. There was an issue discovered earlier with using oneConnect with our application and the 11.x versions of F5. This change did not have any obvious affect on test results. 4. Test validation: We have ran the same test with another load balancer set-up. This set-up shows acceptable response times with that configuration. Is there perhaps a limitation with the virtual server as to the max number of users we can expect to support? If so what might this number be? 5. Comparison against other environments I have compared configurations between an environment using a physical F5 to the the virtual F5 setup I am having issues with. I am not seeing any noticeable differences that would potentially cause issues with performance. It should be noted that using the physical F5 is yielding expected response time performance. 6. Analytics from the F5 console Monitoring Latency of pool members (while under load) is showing an average latency of 1,000+ ms. This seems high... particularly for a virtualized environment. Is this perhaps an F5 VM limitation, or is there perhaps something at an F5 configuration level that we are overlooking, that could cause this? 7. Changing vNIC type It had been suggested that the particular vNIC being used may be a possible source of bad behavior. As such, the vNIC type was changed from Intel to vmxnet3. Current test executions thus far have not shown any noticeable change, but there are additional tests to be executed in this avenue. 8. DynaTrace Analysis This is the latest testing being done, and as such the results are still under analysis. However, initial test runs suggest that the majority of the extra time is being spent in two points: Requests between load test agents and Requests between Java Tier and IIS host This seems to suggest that the F5 is somehow bottle-necking the request. Version Information F5 Version: BIG-IP v11.3.0 (Build 2806.0) Node OS version (Windows 2008 r2) VMWare Tools Version: Version 9.4.0, build-1280544 Thank you in advance for any help that can be provided.Solved4.4KViews0likes7CommentsApplication Web Pages Not Being Served Correctly by F5
Hi, One of our customers has an application that doesn't appear to perform very well when load-balanced by the F5. The application is currently using a Standard VS profile, which is not doing SSL offload, uses cookie persistence and a SNAT pool with a single IP address and pretty much everything else is default. We have recently applied a Web Acceleration profile to the VS to attempt to address the problem but it doesn't appear to have solved anything. The WA profile is only set to cache and serve up static CSS and JS files. The major issue, we believe, is that the client fails to receive some of the Javascript that is necessary for the page to render correctly. This was the case prior to the WA profile being applied as well as after. The application used to be load-balanced, in a very rudimentary way, by iptables and these issues were not seen then. I'm very keen to find any clue as to where to look on the F5 for what could be causing the problem. I'm considering changing the profile to Perf L4 to see if it helps but there are two problems with that: 1. I don't get to learn what was causing the problem 2. I think the client wants to have the F5 do SSL offload in the near future Any help would be greatly appreciated. Thanks in advance, Ben4.4KViews0likes22Commentshigh cpu usage independent from Traffic
Hello, we've recognised since a few weeks every day for about 4 hours from 9 to 13 very high cpu-usage on Control-Plane and Analysis-Plane. Overall concurrent Client-side connections between 1200 and 1800 That's also on the standby-Machine, so it's independent from Traffic (this F5 is for Traffic from Web and terminates ssl) the hardware is i4800, but it's the same on our virtual Test-Machine Version: 16.1.3.3, on Test: 16.1.3.4 Any hint, where to look for the cause? Thank you KarlSolved4KViews0likes13CommentsPool members with fully-qualified domain names (FQDNs): How does this work?
From release notes of v11.6.0 (on new features): Populate pools by FQDN This release includes the ability to configure a BIG-IP system with nodes and pool members that are identified with fully-qualified domain names (FQDNs). When configuring pool members with FQDN, addresses dynamically follow DNS changes. Fully dynamic DNS-managed pools may even be created. How does this work? When the fqdn resolves to multiple addresses, how is LB handled?3.9KViews0likes8CommentsAPM logon page redirect loop
When i connect to my vserver using APM, i recieve the below message. Your session could not be established. BIG-IP can not find session information in the request. This can happen because your browser restarted after an add-on was installed. If this occurred, click the link below to continue. This can also happen because cookies are disabled in your browser. If so, enable cookies in your browser and start a new session. Thank you for using BIG-IP. To open a new session, please click here. clicking 'here' just redirect loops back to this page over and over. I've cleared the sessions and even rebooted the bigip, and i get the same thing. any ideas? thanks,3.7KViews0likes11CommentsSSL VPN Disconnect Issue
We currently have an issue with our SSL VPN connection disconnecting on random intervals. I do have a open support case and unfortunately not making any drastic headway, so reaching out here to see if anyone has had this issue or possibly something else I can try. We previously were using Juno Pulse and did not have this issue with any clients. I am able to re-produce the disconnect by doing a simple file copy from one of our systems to my PC. Below is all the information that shows in the APM log, unfortunately there does not appear to be any further debug with PPP tunnels. 2014-08-15 06:59:05 Assigned PPP IPv4: 192.168.0.57 Tunnel Type: VPN_TUNNELTYPE_TLS NA Resource: /Common/VPN 2014-08-15 06:59:05 PPP tunnel 0x57025106e400 started. 2014-08-15 07:10:07 PPP tunnel 0x57025106e400 closed. Next we went to wireshark where we are seeing a lot of TCP zero window packets, so I set the zero-window-timeout to infinite to rule out zero window disconnects. The issue still occurs after making this change. Currently I am working on a client side capture to compare with the tcpdump on the appliance, but I am not seeing anything in the capture that stands out as a red flag (I am no wireshare expert by any means so digging though these captures is pretty slow). Any thoughts or information is greatly appreciated, also please let me know of other info that would be of use.Solved3.6KViews0likes18Comments