You initiate the connection again and lo and behold you see traffic hitting the FE server but it is coming from a different IP address. You decide to change your filters on the FE server from filtering on a specific IP to filtering on a specific port. You see the traffic leaving the BE server but you don't see it arrive at the BE. On the BE server you filter traffic to only show traffic to and from the FE server and vice versa. Luckily you have a packet capture utility installed on both the back end and front end servers. Sure you can look at server logs but these will not tell you anything if your problem is Layer 4 or lower (TCP/UDP, IP, MAC, Physical) Without the ability to read a packet capture you are left with only guessing at what the issues may be in the first half of the OSI layer. Imagine a scenario where you are installing a set of new servers in a VLAN and these servers need to transit across a router to connect to a FE web server. I understand that packet captures may seem daunting to read but without the capacity to look at traffic coming in and out of your servers then you are troubleshooting partially blind. I cannot explain how frustrating this can be as a network engineer tasked with implementing services that typically require switch and firewall changes to implement. And I can count on one hand the number who have had a packet capture utility installed on their Windows servers. I work with Sysadmins from a variety of companies on a daily basis.
0 kommentar(er)
