Start a conversation Sign in
Start a conversation
  1. Skyvera Support
  2. PeerApp - User Guides
  3. Articles

Identifying Asymmetric Traffic

Overview

Retrieving asymmetric sessions using the inherent LLPF logs is required to localize networks generating asymmetric traffic. After obtaining this information, the end-users can proceed with further investigation and take corrective measures. Resolving asymmetric traffic issues is out of scope for the Support team.

This article describes the process of identifying and retrieving asymmetric traffic, which is critical for troubleshooting asymmetric traffic sessions.

 

Asymmetric Traffic Identification Processes

Important! Use these processes very carefully and only during off-peak hours!

The process for identifying asymmetric traffic varies depending on the version used.

 

Version 5.x

  1. Log in to the Cache Engine as root.

  2. Enter llpf to launch the LLPF menu.

  3. Browse to the Configure Debug Printout Groups section.

  4. Activate the printout group:

    • For versions up to 5.6, activate (connmgr+warning).

    • For versions 5.7 and later, activate (warning).

  5. Select Done to apply the changes.

  6. Check the debug logs under /var/log/messages.

  7. Locate the indicative log messages like the example shown below, which helps the customer to locate the asymmetric traffic source.

    Aug 13 10:52:12 ce-2 kernel: [connmgr 18 1574]: connection ##578282231 Asymmetric traffic recognized 1. 173.194.34.64.80-31.216.64.147.4037
    Aug 13 10:52:12 ce-2 kernel: [connmgr 18 1574]: connection ##578282232 Asymmetric traffic recognized 1. 173.194.34.64.80-31.216.64.147.4036

  8. Deactivate the printout group to free resources.

 

Version 6.0

  1. Log in to the Cache Engine as root.

  2. Execute the LLPF command to turn on the asymmetry logs for a few seconds.

    fp-cli llpf-config-debug warning on

  3. Wait a few seconds.

  4. Execute the LLPF command to turn off the asymmetry logs.

    fp-cli llpf-config-debug warning off

  5. Navigate to the PANG logs file under /opt/pang/logs/pang.log.

  6. Locate indicative log messages like the example shown below, which helps a customer to locate the asymmetric traffic source.

    22-02-17 04:28:30.906, 21774 [llpf:Warning] llpf_log_wrapper [utils.cpp:115] llpf wrapper: connection ##396678387 Asymmetric traffic recognized 1. 213.32.18.219.80-172.68.98.16.32966
    22-02-17 04:28:30.911, 21774 [llpf:Warning] llpf_log_wrapper [utils.cpp:115] llpf wrapper: connection ##396678396 Asymmetric traffic recognized 1. 138.201.110.46.80-190.219.248.217.52758
    22-02-17 04:28:30.913, 21773 [llpf:Warning] llpf_log_wrapper [utils.cpp:115] llpf wrapper: connection ##396678378 Asymmetric traffic recognized 2. 181.197.106.88.48650-200.75.200.221.80. con->syn : 1, con->syn_ack: 0, desc->h.tcph->ack: 16

 

Versions 6.2.x-7.x

  1. Log in to the Cache Engine as root.

  2. Edit the /opt/pang/conf/pang.conf file.

  3. Append the llpf_log_level LOG_DEBUG parameter at the end of the file.

  4. Run pkill -1 fp-rte to reload the configuration.

  5. Wait for a few seconds.

  6. Remove the llpf_log_level LOG_DEBUG parameter at the end of the file.

  7. Run pkill -1 fp-rte to reload the configuration.

  8. Search for the Asymmetric traffic recognized printouts in the /opt/pang/logs/pang.log file.

 

Back to the top

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted

Comments