Etat des sessions

Les commandes accessibles dans /i/slb/session permettent de visualiser les sessions associées aux VIPs et aux règles de NAT.

Etat des sessions pour un serveur REAL

/i/slb/sess/real 192.168.1.20 

 Printing Sessions for SP 1
1,25: 213.246.214.133 26296, 172.200.228.50 http -> 10398 192.168.1.20 http age 2 v:901  E
1,25: 88.162.124.194 58296, 172.200.228.50 http -> 3624 192.168.1.20 http age 6 v:901  E
1,25: 87.88.230.37 52434, 172.200.228.50 http -> 6785 192.168.1.20 http age 8 v:901  E
1,25: 90.61.130.237 50546, 172.200.228.50 http -> 9072 192.168.1.20 http age 6 v:901  E
[...]

Etat des sessions pour un Internaute

/i/slb/sess/cip 86.65.145.98

 Printing Sessions for SP 1
1,25: 86.65.145.98 51464, 172.200.228.50 http -> 3274 192.168.1.20 http age 0 v:901 

Etat des sessions du filtre 90 NAT

Le filtre 90 étant une règle de NAT sortant, il est possible de voir les sessions en directe avec la commande suivante :

/i/slb/sess/filter 90

 Printing Sessions for SP 1
1,27: 192.168.1.5 51431, 213.218.142.12 http ->
      172.200.228.42 5522  NAT age 4 f:90  v:898  
1,27: 192.168.1.5 51494, 213.218.142.12 http ->
      172.200.228.42 11182  NAT age 2 f:90  v:898  E
1,27: 192.168.1.5 51398, 213.218.142.12 http ->
      172.200.228.42 6749  NAT age 0 f:90  v:898  
1,27: 192.168.1.5 51477, 213.218.142.12 http ->
      172.200.228.42 9084  NAT age 2 f:90  v:898  E
[...]

Légende des sessions

/i/slb/sess/help

The fields, (1)-(13), associated with a session, as identified in the
example below are described in the following.

3, 01: 1.1.1.1 4586, 2.2.2.1 http -> 3567 3.3.3.1 http age 6 f:10 v:1 ELNPSRtUW c:#
(1) (2) (3)     (4)  (5)      (6)     (7)   (8)    (9)  (10) (11) (12)(13)     (14)

3, 01: 1.1.1.1 4586, 2.2.2.1 http ->
(1) (2) (3)     (4)  (5)      (6)
       1.1.1.2 3567 3.3.3.1 http age 6 f:10 ELNPSRtUW c:#
        (7a)     (7)   (8)    (9) (10)  (11)  (12) (13)

------------------------------------------------------------------
(1) SP number:
    This field indicates which SP created the session.

(2) Ingress port:
    This field shows the physical port# of the client traffic that
    entered to the switch.

(3) Source IP address:
    This field contains the source IP address from client IP packet.

(4) Source port:                          
    This field identifies the TCP/UDP source port from client packet.

(5) Destination IP address:
    This is the destination IP address from client TCP/UDP packet.

    For load balancing, this address is the virtual IP address.
    For filtering redirect, this address is the destination server's address.

(6) Destination port:
    This field identifies the TCP/UDP destination port from client packet.

(7a)Proxy IP address:                     
    This field contains the proxy IP address substituted by the switch.

(7) Proxy port:                           
    This field identifies the TCP/UDP source port substituted by the switch.

    The switch does this substitution when Direct Access Mode is enabled or
    Proxy is enabled.

(8) Real server IP address:               
    For load balancing, this field contains the IP address of the real
    server that the switch selects to forward client packet to.
    If the switch does not find live server, this field is the
    same as destination IP address(5).

    e.g. 3,01: 1.1.1.1 1040, 2.2.2.1 http -> 3.3.3.1 http age 10
         3,01: 1.1.1.1 1040, 2.2.2.1 http -> 2.2.2.1 http age 10

    For filtering, this field also shows the real server IP address. No
    address is shown if the filter action is Allow, Deny or NAT.
    It will show ALLOW, DENY or NAT instead.

    e.g. 3,01: 1.1.1.1 1040, 2.2.2.1 http -> 3.3.3.1 http age 10 f:11
         3,01: 1.1.1.1 1040, 2.2.2.1 http ALLOW age 10 f:22

(9) Server port:                          
    For load balancing, this field is the same as destination port(6)
    except for the RTSP UDP session. For RTSP UDP session, this server
    port is obtained from client-server negotiation.

    e.g. 3,01: 1.1.1.1 1040, 2.2.2.1 http -> 3.3.3.1 http age 10
         3,01: 1.1.1.1 6970, 2.2.2.1 rtsp -> 3.3.3.1 21220 age 10 P

    For filtering, this field is the filtering application port.
    It is for internal use only. This field can be urlwcr, wcr,
    idslb, linkslb or nonat.
    e.g. 3,01: 1.1.1.1 1040, 2.2.2.1 http -> 3.3.3.1 urlwcr age 4 f:123
         2,07: 1.1.1.1 1706, 2.2.2.1 http -> 192.168.4.10 linklb age 8 f:10 E

(10) Age:
    This is the session timeout value. If no packet is received within
    the value specified, the session is freed.
    e.g. age 10    - The session is aged out in 10 minutes.
         age < 160 - The session is aged out in 160 minutes. This <
                     indicates that slowage is used(user configures
                     /cfg/slb/adv/slowage)

(11) Filter number:                       
     This field indicates that the session is created by filtering
     code as a result of the IP header keys matching the filtering
     criteria.

(12) VLAN number:
     This field is the ingress port's VLAN.

(13) Flag:
     E: Indicates the session is in use and will be aged out if no
        traffic is received within session timeout value.

     L: Indicates the session is a link load balance session.

     N: Indicates the session only translates the destination
        MAC when forwarding client traffic to the real server.

     P: Indicates the session is a persistent session and is not to
        be aged out. Fields (6), (7) and (8) are not shown for
        persistent session.

     S: Indicates the session is a persistent session and the
        application is SSL or Cookie Pbind.

     Rt: Indicates the session is TCP rate limiting per-client entry.

     Ru: Indicates the session is UDP rate limiting per-client entry.

     Ri: Indicates the session is ICMP rate limiting per-client entry.

     Vr: Indicates the session is a SIP REGISTER session.

     Vs: Indicates the session is a SIP SUBSCRIBE session.

     Vi: Indicates the session is a SIP INVITE session.

     Vm: Indicates the session is a SIP MESSAGE session.

     Vd: Indicates the session is a SIP NAT data session.

     Sc: Indicates the session is an opened server session
         used in connection pooling.

     U: Indicates the session is L7 delay binding and switch is
        trying to open TCP connection to real server.

     W: Indicates the session only translates the destination
        MAC when forwarding layer 7 WCR traffic to the real server.

(14) Persistent session user count:
     This counter indicates the number of client sessions created
     associated with this persistent session.

 
equrzo/etat_des_sessions.txt · Dernière modification: 2016/03/29 23:31 (édition externe)
 
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki