Connection loss Client -> F5 BIGIP LTM
I am currently experiencing an issue with an application that is being used on 3 application servers (windows server 2003), loadbalanced behind the F5 BIGIP.
Users are sometimes losing connection to the server, which makes the application crash.
I have launched a capture for one of these clients and I'm seeing the following when this issue occurs (capture.png):
Client: 10.229.237.235, IP of virtual server on BIGIP: 172.20.5.41
From what I can see there is no SYN-ACK being returned from BIGIP.
There are also a lot of messages in the log containing TCP Window Full & TCP out of order.
When we let the user connect directly to an application server instead of passing through BIGIP, they have no issues. The capture is also very clean in that case, no retransmissions, no duplicate acks or TCP resets..
The TCP protocol being used is Protocol Profile (Client) - TCP LAN Optimized and for Protocol Profile (Server) - TCP WAN Optimized.
Does anyone have an idea why BIGIP doesn't send a SYN-ACK in this case?
I was thinking maybe an issue with receiving window & send buffers.. Or would I need a capture on the virtual server to further analyze this behaviour?
Any help would be greatly appreciated!