Forum Discussion
NimbostratusF5 Pool Members flapping issue
Dear All,
We are facing issue with monitoring of nodes in one of our virtual server pool, however when we check on the server side we didn’t found any discrepancy on server port side. Due to this F5 keep flipping those servers out of pool and hence we are facing issue . Appreciate please do let us know and what are the fix for this in case any bug or hotfix. Please do let us know in case if you required any further information
please check the log : size 128KB download here on google drive
thank you
26 Replies
GaganDIt will be interesting to check the tcp dump. can you run a tcp dump on F5 by running tcpdum -ni "vlan/interface" dst host 10.64.32.16 and src host "F5 self IP" -w . It seems like tcp health check's timeout is expiring before server responds. But then again maybe I am stating the obvious. Are the timers on tcp health check default? or were they fine tuned at any stage?
adithyodw_18563deleted
- GaganD
Hi Buddy, Your destination port in tcp dump is always changing. What is the port number on which pool members of this pool are listening? Can you run following commands from tmsh and provide the input 1) list /ltm monitor tcp 2) list /ltm pool "pool_name" I am assuming that you are using tcp monitor for your health check, but if you are using some other health check please change its name instead of tcp.
- adithyodw_18563
Hi bro, yes im using TCP for monitor, is it wrong?
ravi@(F5_1-PRD-Tibco)(cfg-sync In Sync)(Active)(/Common)(tmos) list /ltm monitor tcp ltm monitor tcp tcp { destination *:* interval 5 time-until-up 0 timeout 16 } ltm monitor tcp tcp_7456 { defaults-from tcp destination *:* interval 5 time-until-up 0 timeout 16 } ltm monitor tcp tcp_8081 { defaults-from tcp destination *.tproxy interval 5 time-until-up 0 timeout 16 } ltm monitor tcp tcp_8085 { defaults-from tcp destination *.8085 interval 30 time-until-up 0 timeout 91 } ltm monitor tcp tcp_8181 { defaults-from tcp destination *.8181 interval 5 time-until-up 0 timeout 16 } ravi@(F5_1-PRD-Tibco)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool P_VAS_Query_44070 ltm pool P_VAS_Query_44070 { members { 10.64.32.15:44070 { address 10.64.32.15 session monitor-enabled state up } 10.64.32.16:44070 { address 10.64.32.16 session monitor-enabled state up } 10.64.32.29:44070 { address 10.64.32.29 session monitor-enabled state up } 10.64.32.29:44071 { address 10.64.32.29 session monitor-enabled state down } 10.64.32.30:44070 { address 10.64.32.30 session monitor-enabled state down } 10.64.32.30:44071 { address 10.64.32.30 session monitor-enabled state down } Mumwin03:44070 { address 10.64.32.25 session monitor-enabled state up } Mumwin04:44070 { address 10.64.32.26 session monitor-enabled state up } Mumwin04:44071 { address 10.64.32.26 session monitor-enabled state up } Mumwin04:44072 { address 10.64.32.26 session monitor-enabled state down } Mumwin09:44070 { address 10.64.32.12 session monitor-enabled state up } Mumwin09:44071 { address 10.64.32.12 session monitor-enabled state down } Mumwin09:44072 { address 10.64.32.12 session monitor-enabled state down } Mumwin09:44073 { address 10.64.32.12 session monitor-enabled state down } } monitor tcp } (END) 
Brad_Parker_139Nacreous
Change your tcpdump to
so you can see the response or lack there of coming back from your pool members. If they don't respond within 16 seconds they will be marked down based on the timeout of 16 seconds in your default tcp monitor. Also, have you enabled monitor logging for one of your flapping pool members to see why its being marked down? Once you do that each pool member that has that enabled will have a log at /var/log/monitors/.tcpdump -i 1.15 -ni vlan_internal host 10.64.32.16 and host 10.64.32.35- Brad_Parker_139Also, what version of Big-IP are you on? Could you be suffering from this bug, https://support.f5.com/kb/en-us/solutions/public/15000/900/sol15907.html?
- Brad_Parker
Cirrus
Change your tcpdump to
so you can see the response or lack there of coming back from your pool members. If they don't respond within 16 seconds they will be marked down based on the timeout of 16 seconds in your default tcp monitor. Also, have you enabled monitor logging for one of your flapping pool members to see why its being marked down? Once you do that each pool member that has that enabled will have a log at /var/log/monitors/.tcpdump -i 1.15 -ni vlan_internal host 10.64.32.16 and host 10.64.32.35- Brad_ParkerAlso, what version of Big-IP are you on? Could you be suffering from this bug, https://support.f5.com/kb/en-us/solutions/public/15000/900/sol15907.html?
- adithyodw_18563
deleted tcpdump
- Brad_Parkerls /var/log/monitors/. Please, don't post a screen capture of packets, its impossible to read. If you want to share captures send them to a pcap file using -w /shared/tmp/name.pcap so you can analyse them off box. The monitor log will be very beneficial to try to isolate down why the monitor would be going down. To turn on monitor logging for a pool member, go into a pool, and click on a member. There should be a check box to enable monitor logging.
- adithyodw_18563
deleted tcpdump
- adithyodw_18563
deleted tcpdump
- adithyodw_18563
ls /var/log/monitors/. Please, don't post a screen capture of packets, its impossible to read. If you want to share captures send them to a pcap file using -w /shared/tmp/name.pcap so you can analyse them off box. The monitor log will be very beneficial to try to isolate down why the monitor would be going down. To turn on monitor logging for a pool member, go into a pool, and click on a member. There should be a check box to enable monitor logging.
Hi Brad, thank you for still helping me,im newbie in F5.
1) i cant find ls /var/log/monitors
2) i cant find how to check logging for pool member, so how can i enable it, and see the log when the pool is down anyway
3) here the tcpdump -i 1.15 -ni vlan_internal host 10.64.32.16 and host 10.64.32.35 -w /shared/tmp/testaja.pcap tcpdump googledrive
- Brad_Parkerclick on the members tab at the top of this screen capture, then click on an actual pool member. You should then see the check box.
- adithyodw_18563i think this one bro? Local Traffic > Profiles > Other > Request Logging
