Forum Discussion
NimbostratusF5 LTM Health check source IP issue
We have pair of 8900 LTM in active/standby mode. They are running multiple partitions with multiple route domains. Virtual Server are in public range, real servers are in RFC1918 range. In one route domain, we have two VLAN which connect to internal network. These are on dot1q trunk.
- VLAN1 using self IP 172.26.255.1/28, VLAN100 using 172.26.255.17/28.
- Routing = 172.26/16 -> 172.26.255.14,
= 172.26.100/24 -> 172.26.255.30.
- VIP = 200.200.200.200.
- Pool member = 172.26.100.100:80
- Node = 172.26.100.100
For health monitor , the source IP address used to check node 172.26.100.100 is 172.26.255.1, which means the return path is asymmetrical (goes out VLAN100, comes back VLAN1). I was expecting it to use the outgoing interface IP of 172.26.255.17.
Is this normal behaviour or some bug. I should note that VLAN1 was configured first, and VLAN100 is only a recent addition.
Thanks
3 Replies
- nitass
Employee
I was expecting it to use the outgoing interface IP of 172.26.255.17.i expect it too. have you tried to restart bigd?
tmsh restart sys service bigd 
Chura_16140How did u see it ?
Can you run tcpdump to check the actual source ?
JayP_46820This was caused by a bug, apparently v10 and multiple route domains have many issues.
Better to upgrade to v11.
sol14048: The BIG-IP system may fail to use a self IP address from the same subnet as the pool member being monitored
https://support.f5.com/kb/en-us/solutions/public/14000/000/sol14048.html?sr=26997749
