Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
591
Views
0
Helpful
8
Replies

Error message on connections with CSM Natpool?

jcmattos1
Level 1
Level 1

‎11-01-2006 04:41 PM

We have a CSM 4.1.6 with a set of reals which is trying to access the vip from the same subnet behind the csm and connections keep receiving this error upon SYN only thru the natpool. Any ideas?

Labels:
6372-cisco.ibm590b6.pcap
6371-cisco.ibm590a2.cap
6370-cisco.dev10ux.cap
0 Helpful
8 Replies 8

Gilles Dufour
Cisco Employee
Cisco Employee

‎11-02-2006 12:42 AM

this is a weird one.

Could you get us the config, csm arp table, show mod csm x vserver name det.

Also, if you control one source, enable the following debug :

'debug mod ContentSwitchingModule x packet x.x.x.x/32'

Get a show tech before and after the test as well as the 'show mod csm x vser ...' cmd above.

Thanks,

Gilles.

0 Helpful

jcmattos1
Level 1
Level 1
In response to Gilles Dufour

‎11-02-2006 08:38 AM

Here is the info you requested it is all in one file. One thing I did notice is that in the client capture (dev10ux) i notice an immediate RST by the VIP 172.23.3.227 with mac of 4b:e6 and another SYN/ACK response from the same VIP but different mac 1a:02. Is this normal?

6373-SHCSMALL.log
0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to jcmattos1

‎11-03-2006 03:11 AM

I also noticed the difference in source mac address. This is really a weird issue.

Is it happening for other client ip ?

Could you get a 'sho mod csm x arp | i 172.23.'

Also, could you try to enable the debugging mentioned before.

Thanks,

Gilles.

0 Helpful

jcmattos1
Level 1
Level 1
In response to Gilles Dufour

‎11-03-2006 09:34 AM

Giles, I really appreciate your help...I was able to get the arp info you requested im hitting the vip but im not receving any debug packets? I enabled logging on, term mon, is there something else im missing?

6374-SHCSMALL2.log
0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to jcmattos1

‎11-03-2006 10:06 AM

I'm sorry I can't solve the issue immediately, but this looks like a new issue and therefore we have to go step by step.

I'm being assisted by another developpers and we're trying to identify where is the problem.

Could you collect the following command from the csm venus prompt [you have to session to csm slot and then enter the command 'venus' or be on the csm console].

find_nat_encaps

Thanks,

Gilles.

0 Helpful

jcmattos1
Level 1
Level 1
In response to Gilles Dufour

‎11-03-2006 01:28 PM

I tried those commands and it doesn't seem to allow me to session to the module...I can do it to the standby csm but not the active. Any ideas as to why?

6375-SHCSMALL3.log
0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to jcmattos1

‎11-06-2006 03:20 AM

from the csm not giving you the prompt, could you try to enter the following commands [even if you do not get prompt]

venus

tracelog_off

If you get the prompt after that, then capture the command that we need.

If you still do not get the prompt, unfortunately there is not much we'll be able to do on this csm, so I would suggest to failover to the backup and then reload this csm.

Gilles.

0 Helpful

valerie_devera
Level 1
Level 1

‎11-06-2006 11:09 PM

hi Gillies,

I heard of the new ACE (application control engine) and interested to know which Cisco course tackles this module

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card