Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
613
Views
0
Helpful
5
Replies

CSS11506 - show flows

a.veschak
Level 1
Level 1

‎05-09-2008 10:12 AM

Hello all,

I have a CSS11506 with the following config...

!************************** SERVICE **************************

service pas_main_uswrnsa0ptf01_11111

ip address 172.16.25.30

keepalive type tcp

keepalive port 11111

port 11111

active

service pas_main_uswrnsa0ptf02_11111

ip address 172.16.25.31

keepalive type tcp

keepalive port 11111

port 11111

active

service pas_main_uswrnsa0ptf03_11111

ip address 172.16.25.32

keepalive type tcp

keepalive port 11111

port 11111

active

service pas_main_uswrnsa0ptf04_11111

ip address 172.16.25.33

keepalive type tcp

keepalive port 11111

port 11111

active

!*************************** OWNER ***************************

owner PAS

content PAS-pas_main-2008-11111

vip address 123.123.130.222

protocol tcp

port 11111

url "/*"

balance aca

application ssl

add service pas_main_uswrnsa0ptf01_11111

add service pas_main_uswrnsa0ptf02_11111

add service pas_main_uswrnsa0ptf03_11111

add service pas_main_uswrnsa0ptf04_11111

active

!*************************** GROUP ***************************

group PAS-pas_Dgraphs

vip address 172.16.25.11

add destination service pas_main_uswrnsa0ptf01_11111

add destination service pas_main_uswrnsa0ptf02_11111

add destination service pas_main_uswrnsa0ptf03_11111

add destination service pas_main_uswrnsa0ptf04_11111

active

I can access my servers just fine, but when issuing the 'show flows' command, I do not see my traffic... even though I can see my hit counters incrementing.

NOTE: The 'application ssl' command is something new for us, so I thought it may be related to this.

Any ideas?

Thanks,

-Adam

Labels:
0 Helpful
5 Replies 5

Gilles Dufour
Cisco Employee
Cisco Employee

‎05-09-2008 12:29 PM

Try

llama

flow-agent show active_fcbs

exit

Or a

show flows 0.0.0.0

Gilles.

0 Helpful

a.veschak
Level 1
Level 1
In response to Gilles Dufour

‎05-09-2008 02:21 PM

Gilles,

Still not seeing the flows.

Anything else you could recommend? Could the 'application ssl' config have anything to do with this behavior?

Thanks,

-Adam

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to a.veschak

‎05-12-2008 10:49 PM

if you do not see any flow, there is no active flows !!

The flow-agent command does look at HW level for connections. If it does not return anything, it means there is no ACTIVE flow.

Gilles.

0 Helpful

a.veschak
Level 1
Level 1
In response to Gilles Dufour

‎05-14-2008 12:31 PM

Gilles,

The target IP is the content VIP 123.123.130.222 (as shown in my CSS config). However, I am testing from one of the four servers (services) associated with this content rule. Could that be causing the problem with the CSS not seeing these flows?

For example...

I am sitting on server uswrnsa0ptf01 and I test to the content VIP 123.123.130.222... and it works... but I see know flows in the CSS.

I've attached a drawing showing our network topology.

Thanks,

-Adam

Preview file
81 KB
0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to a.veschak

‎05-15-2008 04:38 AM

try to open a telnet session to your VIP IP:PORT.

Do not close the telnet session and check with a 'show flows 0.0.0.0' if you see any flow.

It should not matter if you open the connection from the server or not.

G.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents