Forum Discussion
Sarah_258804
Cirrus
CirrusCan I change the default ephemeral ports that the F5 uses for health monitoring?
Currently I see that my F5 is reaching out to the servers in my server pools on low ephemeral ports for health monitoring. For example, I have a health monitor for DNS so that the F5 reaches out to t...
ekaleidoCirrus
CirrusSame as you would on a linux host:
echo "49152 65535" > /proc/sys/net/ipv4/ip_local_port_range
Sarah_258804Cirrus
CirrusHm, so I have found that after a reboot the port range went back to using 32768 - 61000.
Furthermore, I'm seeing that the F5 monitors are reaching out on ports even lower than that (5612).
[ Wed May 11 16:44:37 2016 830113 usecs]: Src IP: 10.251.12.3, Dst IP: 10.251.113.11, Src Port: 5929, Dst Port: 80, Src Intf: port-channel11 , Protocol: 6
The source IP from the F5 is it's own self-IP on a port-channel interface. I'm not sure if that matters, but could there be another location where it's pulling its own source port range?
