Forum Discussion
Swap_F5_133333
Nimbostratus
NimbostratusClient and server disconnects frequently
Hi, I have client and server in two different locations. Client use tcp 443 traffic to authenticate with server.below the flow Client--->LTM--->FW--->RTR--->Internet--->RTR--->FW--->LTM---> Server Client use SNAT to communicate with Servers. I am experiencing Connection failure randomly from Client to server. What could be possible factors from LTM point of view to check ?
Thanka swap
Terje_GravvoldHi,
It's a bit difficult to deepdive without knowing more about your configuration on the BIG-IPs. One thing to check if you are using iRules would be TCL errors in the iRule - "cat /var/log/ltm | grep TCL". TCL errors in iRules could result in resets.
Brad_ParkerCirrus
How many connections do you have at the time? Do you have anything in your LTM log that looks suspicious? Have you done any packet captures using TCPDUMP? You will have to narrow down where the connection is failing. i.e. client to LTM or LTM to server. TCPDUMP can help with that.
Swap_F5_133333I did a packet capture at both end ( Source and destination ) of the LB, but i do not see any abnormalities. A perfect 3 way hadshake, Completed SSL handhsake and then data transfer. Only suspect i can get is, a bunch of TCP retransmission packet from Source machine. connection at LB is very much minimal compare to its maximum limit.- Swap_F5_133333i even did a capture in source and destination machine and do not see any abnormalities, except a FIN ACK packet from Destination. When transaction is successfull i can see a FIN ACK packet where as in failure i do not see a FIN ACK packet.
- Swap_F5_133333as per a packet capture from source machine, i can see source machine is sending ACK packet 5 times and as it is not getting any response, it is sending a "RESET" packet. i have SSL certificate installed on Destination server and not in LTM.
- Brad_Parker_139
Nacreous
How many connections do you have at the time? Do you have anything in your LTM log that looks suspicious? Have you done any packet captures using TCPDUMP? You will have to narrow down where the connection is failing. i.e. client to LTM or LTM to server. TCPDUMP can help with that.
- Swap_F5_133333I did a packet capture at both end ( Source and destination ) of the LB, but i do not see any abnormalities. A perfect 3 way hadshake, Completed SSL handhsake and then data transfer. Only suspect i can get is, a bunch of TCP retransmission packet from Source machine. connection at LB is very much minimal compare to its maximum limit.
- Swap_F5_133333i even did a capture in source and destination machine and do not see any abnormalities, except a FIN ACK packet from Destination. When transaction is successfull i can see a FIN ACK packet where as in failure i do not see a FIN ACK packet.
- Swap_F5_133333as per a packet capture from source machine, i can see source machine is sending ACK packet 5 times and as it is not getting any response, it is sending a "RESET" packet. i have SSL certificate installed on Destination server and not in LTM.