Hi, We have some problems with the comunications of some server. The situation is below: Server A on VLAN 1 with IP 192.168.1.1/24Server B on VLAN 1 with IP 192.168.1.3/24Server C on VLAN 1 with IP 192.168.1.5/24Virtual Server on VLAN 2 with IP 192.168.3.2/24 (its nodes are servers A and B) The service is over http and https, and we are not using SNAT. When clients from Internet try to connect to the Service there is no problem; but when server C ask for virtual server service, the connections never reach the server A or B. We just have this problem with connections over servers are in the same VLAN. If we do a tcpdump we can see: 12:00:15.139092 IP 192.162.1.5.dyna-lm > 192.162.3.2.http: S 1702227370:1702227370(0) win 65535 <mss 1460,nop,nop,sackOK> But the connection seems it doesn´t go out from the BIG-IP since in the servers A and B we cannot see any connection from server C or Virtual Server. Any idea? Could you help me? Thanks Regards

some questions: - what is the default gateway of the servers? does that device know the route to 192.162.3.0/24? - is virtual server 192.162.3.2 enabled on vlan1? - where did you make that tcpdump and with which arguments? without more background i could imagine the reply from server A or B won't go via the BIG-IP as it is in the same network as server C and SNAT isn't used. so server A or B might go directly to server C. have you checked that is possible and happening?

The default gateway of the servers is the BIG-IP. Yes, this IP is enabled on both VLANs. The tcpdump we have done is on the BIG-IP with this options: tcpdump -i any src host 192.168.1.1 or dst host 192.168.1.1 or src host 192.168.1.2 or dst host 192.168.1.2 or src host 192.168.1.5 Thanks !!!

Can you add the -e flag to tcpdump to verify which interface and the correct tagging of the packets. H

could you make it simpler and add Hamish flag to be sure we don't miss something: tcpdump -i 0.0 -nn -e host 192.168.1.1 or host 192.168.1.3 or host 192.168.1.5 and try again also is it possible to capture packets on the actual servers to see if they communicate between themselves?

Now we have this on the tcpdump: 08:51:34.775753 00:1f:29:0b:21:a6 (oui Unknown) > 00:01:d7:92:e4:87 (oui Unknown), ethertype 802.1Q (0x8100), length 66: vlan 32, p 0, ethertype IPv4, 192.168.1.5.drmsfsd > 192.168.3.2.http: S 867528809:867528809(0) win 65535 In the servers (A and B), we don´t see any packet from the BIGIP or from server C, there is no connection between them.

Communications problems between servers

33 Replies

Edu_50128
Nimbostratus
Aug 26, 2013
Yes, it´s true, let me try it and let you know
Edu_50128
Nimbostratus
Aug 26, 2013
Done !!! And it works !! Thanks so much !!

Its strange, and now the web page is loaded but it is loaded so slow... and from Internet there is no problem on it...

nitass

Employee

Aug 26, 2013

Its strange, and now the web page is loaded but it is loaded so slow

you may run tcpdump on bigip to see what is going on.

 tcpdump -nni 0.0:nnn -s0 -w /var/tmp/output.pcap host x.x.x.x or host y.y.y.y or host z.z.z.z and port 80

x.x.x.x is client ip
y.y.y.y and z.z.z.z are pool member/server ip

Edu_50128
Nimbostratus
Aug 26, 2013
With your tcpdump it doesn´t capture nothing...

With this one, it works:

tcpdump -i 0.0 -nn host 192.168.1.5 or host 192.168.1.3 or host 192.168.1.1
Edu_50128
Nimbostratus
Aug 26, 2013
It was a free space problem on the BIG-IP, sorry. I´m going to analize the capture

Thanks
Edu_50128
Nimbostratus
Aug 26, 2013
Just analyze the capture we don´t see any issue with the traffic; we don´t see the responde from server 192.168.1.1 to server 192.168.1.5 because of the problems with the asymetric traffic you commented before.

But, could it impact on the loaded webpages? Why is so slow the loading from comunications between servers and not from clients on Internet?

Any idea or suggestion?

Thanks
nitass
Employee
Aug 26, 2013
we don´t see the responde from server 192.168.1.1 to server 192.168.1.5

i understand packet flow should look like this:

1) 192.168.1.5 -> 192.168.3.2

2) floating selfip on server vlan -> 192.168.1.1/192.168.1.3

3) 192.168.1.1/192.168.1.3 -> floating selfip on server vlan

4) 192.168.3.2 -> 192.168.1.5

(1) and (4) are client-side (between client and bigip)

(2) and (3) are server-side (between bigip and server)
Edu_50128
Nimbostratus
Aug 27, 2013
Yes, it is this way.

We have setting up the irule and the traffic goes this way.

The problem we have now is the webpage is so slow loading... really really slow.

Could be any configuration in the VS which affect to this behavior?
nitass
Employee
Aug 27, 2013
The problem we have now is the webpage is so slow loading... really really slow.

in wireshark, you can show delta time between packet. can you check what causes the slowness?
boneyard
MVP
Aug 27, 2013
if it is slow then probably it is waiting for something, perhaps a link to another system which doesn't work correctly because of this setup. use a browser tool like fire bug or build in with chrome (right click, inspect element) or such to determine what causes the hold up.

Forum Discussion

Communications problems between servers

33 Replies

Recent Discussions

Find GSLB pool membership from vip IP

Pool Members communication with B-party via F5 VIP

Server 2 causing application slowness

F5Access | MacOS Sonoma

AS3 Deployments (shared objects)

Related Content

DevCentral Community Guidelines

DevCentral Community Ranking Explained

Community Learning Path: Multi-Cloud Networking

Community Highlights, Week 15 '23

Community Highlights, Week 48 '23