Configure VIP

Vss_DVss_D Member
in ADC - Application Delivery

Hi All,


I have a model with Trunk, VLAN, LACP configured on 2 ports connecting to 2 Firewall servers and clients. However, from A10 I can ping the server and client. From the client I can ping the VE on A10, but cannot ping the VIP.

Thanks

Tagged:

Comments

  • boteyeboteye Member, A10ers

    Can you check the VIP status? It will not respond if the virtual-server state is disabled.
    Can you share the packet capture on Thunder device?

  • boteyeboteye Member, A10ers

    #show slb virtual-server vs52 ← command to show virtual server status
    Virtual server: vs52 State: Disb IP: 10.x.x.52
    Port Curr-conn Total-conn Rev-Pkt Fwd-Pkt Peak-con
    Virtual Port:80 / service: / state:Disb

  • boteyeboteye Member, A10ers

    If you still see the issue please contact A10 Tech Support at: +1-888-822-7210

  • Vss_DVss_D Member

    Sorry boteye,

    But the VIP have status enable

  • mdunnmdunn Member, A10ers ✭✭✭

    If the VIP is enabled but the service-group members are down, then the VIP will not respond to ping. Can you share the output of "show slb virtual-server vip_name"?

    Another possibility is the VIP address is in a different subnet than the VE interfaces. If that is the case, does the backend server have a L3 route to the VIP address?

  • Vss_DVss_D Member

    Hi mdunn. Sorry for the late reply

    I checked and all servers are up. - A10 is built in Inline mode (2 Arm). That means the 2 ends of A10 will configure 2 gateways to Firewall (Server VLan area 222) and Firewall (Client Vlan area 221). I have configured VE on these 2 areas in the same subnet (VLan 221:10.10.0.0/29 and Vlan 222: 10.10.0.8/29). My VIP is 10.10.0.5

    ThankThanks

  • mdunnmdunn Member, A10ers ✭✭✭

    Are there firewall rules blocking the traffic to the VIP address? Can you try to telnet or netcat to the VIP virtual port?

    You can also try axdebug to perform TCPDUMP on the traffic. Create a filter for the VIP address or client and see what comes across:

    axdebug
filter 1
ip 10.10.0.5 /32
exit
filter 2
ip client.ip.address.here /32
exit
capture brief

  • Vss_DVss_D Member

    Thanks

    But I use the command 'axdebug' but I don't see the capture. Checking the status, it says 'axdebug is disabled'. Is there any way to enable axdebug?

  • mdunnmdunn Member, A10ers ✭✭✭

    After configuring the filters, "capture brief" enables axdebug, starts the capture, and will display the packets on the screen. Alternatively, you can also save the capture to a file with packet display "capture brief save mypcap" or without packet display "capture save mypcap".

    image.png

    Can you share your output of the commands you entered or screenshot?

Sign In or Register to comment.

© Copyright 2024 - A10 Networks Community - All Rights Reserved. | Legal