Jump to content

Show Connections on F5



Here are some commands you can use to troubleshoot connections on your F5 

With the following command it will help you see how many Active connections to the F5 total and break it out by Client and Server.

tmsh show sys performance connections
Sys::Performance Connections
Active Connections           Current  Average  Max(since 03/02/14 08:13:41)
Connections                    11.9K    12.4K                         15.0K

Total New Connections(/sec)  Current  Average  Max(since 03/02/14 08:13:41)
Client Connections               648      617                           770
Server Connections               599      570                           729

HTTP Requests(/sec)          Current  Average  Max(since 03/02/14 08:13:41)
HTTP Requests                    156      633                          1.4K


Below are some more helpful commands

MAX Connections per VS: 

tmsh show sys connection | egrep -v ‘T|S’ | awk ‘{print $2}’ | sort -n | uniq -c | sort -n 

MAX Connections per VIP: 

tmsh show sys connection | egrep -v ‘T|S’ | awk ‘{print $2}’ | cut -d: -f 1 |sort -n | uniq -c | sort -n 


If you run the following command you get a large list of connections

tmsh show sys connection

Really display 1000 connections? (y/n) y
Sys::Connections        icmp  201  (slot/tmm: 1/2)  none  none      icmp  11   (slot/tmm: 1/2)  none  none  tcp   3    (slot/tmm: 1/2)  none  none 


So what does each column represent

[cs-client-addr:cs-client-port]	[cs-server-addr:cs-server-port]	[ss-client-addr:ss-client-port]	[ss-server-addr:[ss-server-port] [Protocol [Age] [Slot/TMM] [PVA Acceleration]

cs-client-addr:cs-client-port | cs-server-addr:cs-server-port | ss-client-addr:ss-client-port | ss-server-addr:ss-server-port
Computer IP & PORT            | Virtual Server IP & PORT      | SNAT IP & PORT                | Server IP & PORT

Client Side

cs-client-addr:cs-client-port  Computer IP:Computer Port

cs-server-addr:cs-server-port  F5 VirtualIP:F5 VirtualPort

Server Side

ss-client-addr:ss-client-port  F5 SNATip:F5 SNATport

ss-server-addr:ss-server-port  F5 POOLmember:F5 POOLmemberPORT


Show connections from User ( to Virtual Server ( 

tmsh show sys connection cs-server-addr cs-server-port 80 | grep 

Delete Connections on Virtual Server ( 

tmsh delete sys conn cs-server-addr


This is what I use if I want to find the addresses that are using a certain SNAT IP address because I can’t count on how many times we get a call from our help desk that say, we need have an issue and it shows the source IP is the F5 and they provide us an IP address from the SNAT Pool. 

EXAMPLE: They provide us SNAT address so I will run 

tmsh show sys connection ss-client-addr 


You can also try and do a tcpdump but it doesn’t seem to ever work 

tcpdump -nni 0.0 host




Recommended Comments

There are no comments to display.

Add a comment...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...

Important Information

Privacy Policy