Forum Discussion
NimbostratusBackend Server respond with * LibreSSL SSL_read: Connection reset by peer, errno 54
MVPTry to log the reset cause (https://my.f5.com/manage/s/article/K13223) and see if F5 provides any cause for the reset packet.
Since the iRule logs goes up to the HTTP request, I suspect either a connection problem with the server or a pool member selection failure, the reset logs will tell you
NimbostratusThank you so much for the feedback.
After I enabled it, this is what I am seeing.
-------------------------------------------
TCP/IP Reset Cause
RST Cause: Count
-------------------------------------------
Flow expired (sweeper) 4
No flow found for ACK 1
No local listener 32027
No server selected 1
RST from BIG-IP internal Linux host 187450
TCP RST from remote system 3
TCP retransmit timeout 172
handshake timeout 4
- Amine_Kadimi
These are only statistical counters, you need to look at /var/log/ltm or tcpdump to find the message related to the reset cause
- pullb0x
Appreciate all your help. I am a novice in reading pcap files.
Below screenshot of the traffic
ip ending
...209 = F5
...35 = my endpoint
.6 = mobile device
per the screenshot traffic from .6 (mobile device) to .35 (endpoint) is TCP retransmission.
What do I have to look at to see what is causing this?
Apologize again if this is kind of a stupid question but I am a noob in this.
Appreciate pointing me in the right direction.
Thank you- Amine_Kadimi
This capture does not show any RST packet but instead it shows a weird problem: the TCP connexion is not correctly established between 192.168.83.209 (the self ip doing monitoring?) and 192.168.83.35, you have SYN, SYN-ACK but no ACK which is mandatory for the TCP 3-way handshake, could it be the problem? I can't tell with the few amount of information about your setup. But I can see few things that may be worth troubleshooting: you don't have source address translation enabled in your VS which causes the traffic not getting back from the backend, and it seems that the VS address is the same as your self IP, this later is technically possible but sometimes it may cause problems.
