Forum Discussion
CirrostratusInet port exhaustion: no virtual involved
We opened a support case because ltm logs were showing Inet port exhaustion. No virtual is involved: non-floating self-ip sending UDP syslog traffic (iRule for w3c logging from devcentral).
I found the cause to be at least indirectly related to the self-ip's VLAN having cmp-hash set to source-ip instead of default. Has anyone else seen this? Switch vlan to default and problem goes away completely; repeatable. There is very little traffic going to the syslog server - 5 lines per second peak. Tcpdump during reported port exhaustion shows nothing unusual.
The exhaustion is happening on a Viprion with a single B2250 blade running 11.5.1 HF10. I'd like to find a workaround because we'll need cmp-hash set to source-ip for effective bandwidth controller profiles.
3 Replies
B_EarpAltocumulus
Hi. Did you get an answer to this?
Brad_ParkerCirrus
This could probably be easily rectified if you could assign an UDP profile with a idle timeout to imediate to HSL, but that doesn't seem feasible. Would also be great if HSL could leverage a stateless VS so this would never be an issue. I would suggest a case to be open with support and see what they say. My guess turning off cmp-hash just gives you more headroom that you could still eventually exhaust ports on as well if load increased.
- B_Earp
452443-2 : DNS cache resolver cannot send egress traffic on a VLAN with src-ip or dst-ip cmp hash configured https://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/related/relnote-supplement-bigip-11-6-1.html?sr=53630199A452443-2
