Forum Discussion

Cirrus

Nov 22, 2022

F5 Bigip LTM NAT64 config

Hi everybody, I have a problem with VS using IPv6 and Pool, Node IPv4. My config : - VS type is Performance Layer 4; - Source Address Translation: none - Address Translation: enable - Port Tr...

application delivery

longnv
Nov 23, 2022
This problem has resolved. TCP conection from F5 to internal over 64k connection, so a new tcp session is started with the same ports => tcp connection reset. Need SNAT with other self ip connection to internal.

mihaic

MVP

Nov 22, 2022

something like this will capture both the client and server side:

tcpdump -ni 0.0:nnnp -s0 -c 100000 -w /var/tmp/capture.pcap host 2001:df1:1f40::11

https://support.f5.com/csp/article/K13637

longnv
Cirrus
Nov 22, 2022
My ipv6 to test is 2401:d800:5357:50b6:98:f028:b92e:3d44
20:23:18.757233 IP6 2401:d800:5357:50b6:98:f028:b92e:3d44.43366 > 2001:df1:1f40::11.443: Flags [S], seq 1503358393, win 65535, options [mss 1360,sackOK,TS val 19118655 ecr 0,nop,wscale 8], length 0 in slot1/tmm2 lis=
20:23:18.757248 IP6 2001:df1:1f40::11.443 > 2401:d800:5357:50b6:98:f028:b92e:3d44.43366: Flags [R.], seq 0, ack 1503358394, win 0, length 0 out slot1/tmm2 lis=/Common/VS_IPV6_p443
20:23:18.798124 IP6 2401:d800:5357:50b6:98:f028:b92e:3d44.43368 > 2001:df1:1f40::11.443: Flags [S], seq 990884170, win 65535, options [mss 1360,sackOK,TS val 19118666 ecr 0,nop,wscale 8], length 0 in slot1/tmm1 lis=
20:23:18.798140 IP6 2001:df1:1f40::11.443 > 2401:d800:5357:50b6:98:f028:b92e:3d44.43368: Flags [R.], seq 0, ack 990884171, win 0, length 0 out slot1/tmm1 lis=/Common/VS_IPV6_p443
20:23:18.813194 IP6 2401:d800:5357:50b6:98:f028:b92e:3d44.43370 > 2001:df1:1f40::11.443: Flags [S], seq 2676317898, win 65535, options [mss 1360,sackOK,TS val 19118666 ecr 0,nop,wscale 8], length 0 in slot1/tmm3 lis=
- mihaic
  MVP
  Nov 22, 2022
  it seems the F5 sends you back a Reset every time you send a SYN.
  Here is an article with possible reasons why an F5 sens Reset:
  https://support.f5.com/csp/article/K9812
  "You can associate the FastL4 profile with the following virtual types:
  Performance (Layer 4)
  Forwarding (Layer 2)
  Forwarding (IP)
  Internal"
  So try changing the VIP from standard to performance (Layer4).
  - longnv
    Cirrus
    Nov 22, 2022
    As my talk on top, my
    My config :
    - VS type is Performance Layer 4; not type Stand

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

F5 Bigip LTM NAT64 config

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Re: BigIP Report

F5 BIGIP WAF AND F5 DNS

BIGIP UPGRADE

BIGIP resets connecion

Upgrade BigIP using Ansible

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS