smp_86112
May 04, 2009Cirrostratus
tcpdump and Forwarding (IP) Virtual Servers
I am trying to isolate a problem which is resulting in packet loss. The source device is in an external VLAN, and the destination is in an internal VLAN. Simultaneous traces show that the source is sending segments which are not being received by the destination. The problem I've got is that I need to prove that the LTM isn't receiving the lost packets - that the source of the drops is upstream of the LTM. But the traffic destined for the internal VLAN is routed through a Forwarding (IP) virtual server, and I can't use tcpdump to capture it - so I can't prove the LTM isn't at fault. I've tried using the external vlan, the interface number of the external vlan, and interface 0.0 - none are capturing the traffic. Yet if I run tcpdump in the destination directly, I see the traffic being received (with the exception of the lost packets) so I know the LTM is routing it.
I've noticed in other cases this inability to capture tcpdump traces when a Forwarding (IP) virtual server is involved. Can someone explain to me why I can't see this traffic?
In addition with normal virtual server communication, the LTM maintains seperate client and server TCP connections which can be managed independently with seperate TCP profiles. Does the LTM manage also seperate TCP connections in Forwarding (IP) Virtual Server traffic in a similar manner, or are these TCP connections not managed at all?