Forum Discussion

R_Marc_77962's avatar
R_Marc_77962
Icon for Nimbostratus rankNimbostratus
Nov 18, 2014

Clone pools, not seeing any traffic to the pool

I'm trying to set up clone pools. Here's the configs I've tried:

ltm virtual rmarc-test-virtual {
    clone-pools {
        rmarc-test-clone-pool {
            context clientside
        }
        rmarc-test-clone-pool {
            context serverside
        }
    }
    destination 10.0.0.182:https
    ip-protocol tcp
    mask 255.255.255.255
    pool rmarc-test-pool
    profiles {
        clientssl {
            context clientside
        }
        http { }
        serverssl {
            context serverside
        }
        tcp { }
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 18
}

I've tried both (as above), just client and just server. In all cases I see no traffic going to my clone pool. Not sure what I'm doing wrong here. Suggestions would be appreciated.

11.6 HF1.

application delivery
LTM

3 Replies

Sort By
  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Nov 19, 2014

    How are you observing this lack of traffic please?

     

    Are the clone pool members layer two adjacent (i.e. on a vlan the F5 is also on)?

     

  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Nov 19, 2014

    Ahh. The cloned traffic will still have the original destination address specified, not the clone pool member address. Instead the F5 'routes' the traffic to the clone pool member MAC address. Hence the need for the clone pool to be layer two adjacent. \

     

    You'll need to use ether dst 'MAC_Address' in your tcpdump filter expression.

     

  • sljohnson80's avatar
    sljohnson80
    Icon for Altostratus rankAltostratus
    Jun 05, 2018

    I'm working with a customer with a similar issue. I think we were able to get the Clone Pool feature to support them but they're saying they're not seeing cloned traffic on their test clone servers. We're seeing connections and data increasing on their cloned servers so I know that we're forwarding data onto the clone pool members. Is there a way to actually tell if the clone pool is receiving cloned traffic from it's primary pool? Is there a tcpdump syntax that I can use?