DX Application Performance Management

Expand all | Collapse all

MTP/TIM transaction monitoring

Jump to Best Answer
  • 1.  MTP/TIM transaction monitoring

    Posted 05-19-2016 02:14 AM

    Hello,

     

    APM/TIM 10.1 version

    MTP 9.2

    ADA 9.2

     

    I am trying to record some transactions using CEM. I can see some transactions are captured when we hit URL but some are not.

    I wonder why some are captured and some are not. There are no filters set to restrict IP's, protocols or ports.

     

    Is it due to where MTP is deployed on our network?

     

    Marking Hallett_German

    Thanks,

    Karthik



  • 2.  Re: MTP/TIM transaction monitoring

    Posted 05-19-2016 04:55 AM

    One of the old Tuesday tips states below,

     

    The MTP is collecting data but not seeing traffic from a particular server.

     

    The MTP appliance can do filtering at two locations:

    The MTP hardware filter (Administration>Logical port) is filtering out traffic from particular ports, VLANs, or IP subnets.

    The TESS Web Server filter does not include certain IP addresses so it is excluding traffic. With MTP appliances, it is recommended to do the filtering on the MTP side with the hardware filtesr rather than on the TIM side with the web server filters.

     

    But there are no Webservers filters set on TIM side and I hope there are no hardware filters too(have to double check)

     

    But under what scenarios MTP is not seeing traffic from a particular server when there are no filters set?



  • 3.  Re: MTP/TIM transaction monitoring

    Broadcom Employee
    Posted 05-19-2016 08:12 AM

    http://Hi Karthik:

     

    I take it the issue is not seeing it all of teh time versus not seeing at all.

    Counting/Recording inconsistency issues can be difficult and time consuming to resolve. I attached two draft documents that may help. If you are seeing transactions sometimes when recording and other times not, then I would check:

     

    - SSL decode failure rates/cipher suites

    - Traffic quality such as out of order packets, empty packets, going through a different set of servers, not seeing the round trip etc See if any patterns show up

     

    I would have my switch connection do the filtering followed by MTP and then TIM.

     

    Once you add a Web Server filter, then have to explicitly add them all.

     

    If you see the transaction (HTTP Request and Response in the TIM log), it should be able to record

     

    This likely will be a case. But I hope this is a good start.

     

    Thanks

    Hal German

    Attachment(s)



  • 4.  Re: MTP/TIM transaction monitoring

    Broadcom Employee
    Posted 05-19-2016 08:13 AM

    Please let me know if my answer was helpful, if you need further assistance, or this thread can be marked as closed



  • 5.  Re: MTP/TIM transaction monitoring

    Posted 05-19-2016 10:20 AM

    Hi Hal,

    I will check those steps, but if a specific server IP is not captured by MTP itself, do any one of the above cause still apply?

     

    I ran below command as well but there was no traffic for some specific server IP's. We also checked for this server IP in MTP analysis page but no luck

     

    tcpdump -i eth1 'tcp port 443'|grep ip_address

     

    Does this mean MTP did not capture traffic for this server IP? If its the case, what should we do?

     

    Thanks,

    Karthik



  • 6.  Re: MTP/TIM transaction monitoring
    Best Answer

    Broadcom Employee
    Posted 05-19-2016 10:32 AM

    Hi Karthik:

       So if you never see a server IP address in tcpdump/buildcap/tim logs then that means

    - Switch is not configured to capture IP address (filtered out/not included)

    - Something between switch and TIM is filtering out that IP

    - IP address is changing to another IP and you have to add the redirected IP to webserver filters

    - Need to add reverse proxy/loadbalancer/firewall IPs addresses to web server filters

    - SSL private key needs to be added to TIM

    - Traffic is one-way  or redirected

    - Other factors such as protocols used by router or application are in play

     

     

    Your network team can help determine the root cause and needed changes to send the server IPs to the TIM

     

    Thanks

    Hal German



  • 7.  Re: MTP/TIM transaction monitoring

    Posted 05-19-2016 10:38 AM

    Thanks, This is what I need. I will do further more analysis and come back.



  • 8.  Re: MTP/TIM transaction monitoring

    Broadcom Employee
    Posted 05-19-2016 10:45 AM

    Thanks Karthik. I will mark as answered. Depending on what you find, a case may be needed. But most of teh above are infrastructure issues not APM.