Forum Discussion

James_Crivellon's avatar
James_Crivellon
Icon for Nimbostratus rankNimbostratus
Nov 28, 2012

BigIP 1000 Altering Packets

We recently migrated an older BigIP 1000 to another datacenter facility. Running

 

BIG-IP 9.3.1 Build 69.0

 

, LACP, and handling load balancing on a few legacy JBOSS applications we have running.

 

During the move we configured LACP, and have it connected to our Cisco backend.

 

The Core network lives on the 192.168.X.X subnets (we have several) and the network behind the F5 sits on the 10.32.41.X subnet.

 

Since the move we have been seeing issues where the BigIP is altering packets and not allowing RDP, HTTP, basically any TCP/UDP connection (ICMP works fine). This is the last BigIP we have in production and while we are near retiring it I'd like it to work in the meantime before our new in house solution is constructed.

 

 

Note that any traffic it directly controls, IE the load balancing, works fine, its any traffic that is simply being routed from 192.168.X.X to 10.32.41.X

 

 

Any help would be greatly appreciated!

 

config
design

4 Replies

  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Nov 28, 2012
    Hi James,

     

     

    Do you have a virtual server configured on the 192.168.x.x subnet(s) to pass the TCP and UDP traffic? What do you see if you capture a tcpdump on 0.0 filtering for the client's destination IP address?

     

     

    Aaron
  • James_Crivellon's avatar
    James_Crivellon
    Icon for Nimbostratus rankNimbostratus
    Nov 29, 2012
    Hi Aaron, I never had a virtual server configured on the 192.168.x.x subnet, we always it configured as a blanket 0.0.0.0 ip _forward.

     

     

    Here is a screenshot. If that appears to be the issue I'll create a new virtual server

     

     

    http://www.r3vlimited.com/gallery/files/7/4/1/3/f5_config.jpg
  • James_Crivellon's avatar
    James_Crivellon
    Icon for Nimbostratus rankNimbostratus
    Nov 29, 2012
    So I created 2 virtual servers, one for UDP and TCP, however it appears that blanket forward (I posted the screenshot above) is still aquiring all the traffic) and I still cannot connect to my resources.

     

     

    Should I remove the 0.0.0.0 blanket vs?
  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Nov 30, 2012
    I think this should have worked with the VS you posted the screenshot for although normally it's best practice to have a dedicated VS for TCP and UDP. Do you have the routing setup correctly, I'm guessing you do or the load balancing parts wouldn't work but it's worth checking. Equally, do the surrounding network devices have the correct routes back to the F5 etc.