Forum Discussion

pullb0x's avatar
Icon for Nimbostratus rankNimbostratus
Oct 20, 2023

Backend Server respond with * LibreSSL SSL_read: Connection reset by peer, errno 54

I am new to F5 and LTM and apologize if this is the wrong forum or if I am not providing the appropriate information etc.

I have a custom mobile app I wrote where via custom headers I want to filter via Irule if the traffic is allowed to my backend server. 

I configured a virtual server accepting HTTPS traffic on port 443. I added a SSL profile for my certificates (self signed) to the Client SSL Profile.  I did specify the default serverssl profile for the Server SSL profile.

I created a pool with two nodes ( both pointing to the same server one via Ip the other via FQDN both for HTTPS)

I added the Pool to the virtual server and add my irule to the virtual server.


When I

  • working: open in a browser the virtual server IP, I can see that the Irules are parsed (LTM log) and the irules exception is shown in the browser. Due to the nature of the irule it does not forward to the pool but I get the "missing values" response from the irule. 

  • working: I can curl the virtual server and receive the same results as above
  • no working: If I point my mobile App to the virtual server I can see the irule being parsed "successfully" (below snipped is from the ltm log) but I receive then (after several seconds)  "webpage not available ERR_CONNECTION_RESET"
    Oct 20 14:43:32 bigip1 info tmm1[16591]: Rule /Common/MobileBot <HTTP_REQUEST>: Valid request
    Oct 20 14:43:32 bigip1 info tmm1[16591]: Rule /Common/MobileBot <HTTP_REQUEST>: Success going to pool now!
  • working: If I curl the endpoint directly I get the correct response from the server.
  • working: If I open the endpoint in a browser  I am served the correct website.
  • not working: If I remove the Irules and point to the virtual server I see the same result as when I use my custom mobile App, after several seconds I get Connection reset by peer, LibreSSL SSL_read: Connection reset by peer.
  • not working: Curl to the virtual server w/o irules receive the same error as above. 

It is not a network/routing issue as I can curl the backend server successfully directly from the F5 terminal.
I have to assume that I have a F5 configuration issue and I would appreciate it if someone could point me in the appropriate direction.

I very much appreciate any help and apologize for the long post.

Thank YOU pullbox


8 Replies

  • Try to capture the traffic via tcpdump and see if you can see any bloackage 3-Handshake.

    if you have time just remove ServerSSL and add serverssl-insecure-compatible. if any issue with server SSL error. Give one try and share result.

    • pullb0x's avatar
      Icon for Nimbostratus rankNimbostratus


      thank you for the feedback.
      serverssl-insecure-compatible did not change anything.
      Still have to pull the tcpdump.

  • Try to log the reset cause ( and see if F5 provides any cause for the reset packet.

    Since the iRule logs goes up to the HTTP request, I suspect either a connection problem with the server or a pool member selection failure, the reset logs will tell you

    • pullb0x's avatar
      Icon for Nimbostratus rankNimbostratus

      Thank you so much for the feedback.
      After I enabled it, this is what I am seeing.

      TCP/IP Reset Cause
      RST Cause: Count
      Flow expired (sweeper) 4
      No flow found for ACK 1
      No local listener 32027
      No server selected 1
      RST from BIG-IP internal Linux host 187450
      TCP RST from remote system 3
      TCP retransmit timeout 172
      handshake timeout 4

      • These are only statistical counters, you need to look at /var/log/ltm or tcpdump to find the message related to the reset cause