For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Steve_Luke_8796's avatar
Steve_Luke_8796
Icon for Nimbostratus rankNimbostratus
Oct 15, 2010

ICMP/TCP Deny on Pool Down

I know this topic was discussed some time ago but i have not yet seen any solid answers, and am wondering if it made it to a feature request.     I want to be able to automatically deny the tcp ...
application delivery
dev
devops
iRules
Ben_95489's avatar
Ben_95489
Icon for Nimbostratus rankNimbostratus
Oct 15, 2010
Hey Chris,

 

 

This isn't necessarily the default behavior depending on the virtual server configuration. to my knowledge, the VS will *always* respond to ICMP - though there have been RFEs for this in the past. A vanilla virtual server should send a RST if no pool is available but a virtual server has an HTTP profile (or perhaps it depends on iRules attached to it - I can't recall for certain) it will establish the 3-way handshake before tearing down the connection.

 

 

As to the original question - I don't know if there has ever been any movement on the RFEs to change this behavior. It is probably worth reaching out to F5 Support and asking for the status and/or to have your request appended to the list.

 

 

// Ben