Forum Discussion

Tom_K's avatar
Tom_K
Icon for Nimbostratus rankNimbostratus
Oct 19, 2017

Any way to get traffic data from virtual server that has no pool and no nodes ?

I have a virtual server that has no pool and no nodes. Is there a way to use some tmsh command to get traffic information about the cs-client-addr ? I can see all the traffic for the virtual server from the gui statistics tab but I need to see what connections are generating all the traffic. I use a command like tmsh show sys connection cs-server-addr xx.xx.xx.xx to see all the connections but cannot see cs-client-addr traffic. Below is the virtual server configuration. 

ltm virtual /Common/general_proxy {
    description "general proxy for ports 80 and 443"
    destination /Common/xxx.xx.xxx.xxx:3128
    ip-protocol tcp
    mask 255.255.255.255
    profiles {
        /Common/umn_http { }
        /Common/umn_tcp-lan-optimized {
            context clientside
        }
        /Common/umn_tcp-wan-optimized {
            context serverside
        }
    }
    rules {
        /Common/https_proxy_general
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    translate-address enabled
    translate-port enabled
}

Thanks, Tom

application delivery
BIG-IP
LTM

4 Replies

Sort By
  • Kevin_Davies's avatar
    Kevin_Davies
    Icon for MVP rankMVP
    Oct 19, 2017
    tmsh show sys connection cs-server-addr xxx.xx.xxx.xxx

    Your using the correct command. The output of that will show the client addresses. The cs stands for clientside. The server means the server end of that connection, eg the F5. The addr means the IP address.

    So cs-server-addr x.x.x.x is showing you all the clientside connections to your virtual server.

  • Tom_K's avatar
    Tom_K
    Icon for Nimbostratus rankNimbostratus
    Oct 19, 2017

    Kevin - thanks for the prompt reply. Sorry that I was not very clear about what I am looking for. Yes, I am able to see all the client side IP addresses. What I would like to see in addition is like the virtual server statistics shows on the GUI, like bits in and out, packets in and out for each client side IP address. Thanks, Tom

     

  • Kevin_Davies's avatar
    Kevin_Davies
    Icon for MVP rankMVP
    Oct 19, 2017

    Alternatively you can add a one line iRule.

    when CLIENT_ACCEPTED {
  log local0. "Connection from [IP::client_addr]"
}

    This will log an entry for every connection. If you have many thousands of connections then you can use the rule below to store connection information in session tables which can be retrieved later with a reporting iRule.

    when CLIENT_ACCEPTED {
  table incr client-[IP::client_addr] 
  table timeout client-[IP::client_addr] 3600
  table add -subtable client-tracking client-[IP::client_addr] 3600
}

    Client connection information is stored for up to an hour, adjust this with the 3600 seconds above. If we don't see that client come back in an hour then it is automatically expired from the session table.

    The reporting iRule below gives you the output from the collected stats above. It can be attached to any virtual server on the same F5. You trigger it with and it will display a page of collected connection information.

    when HTTP_REQUEST {
  if {[HTTP::uri] ne "/connections" } { return }
  set response "Connections\r\n"
  foreach key  [table keys -subtable client-tracking] {
    append response "$key = [table lookup $key]\r\n"
  }
  HTTP::respond 200 content $response Content-Type "text/plain" Connection Close
  event disable
}
  • amintej's avatar
    amintej
    Icon for Cirrus rankCirrus
    Oct 20, 2017

    Hello,

     

    Do you have AVR provisioned ? AVR gathers statistics in VS with http profile (since 11.5.1) or TCP (since 12.1) by remote ip.

     

    AVR