Forum Discussion
seamlessfirework
Cirrostratus
CirrostratusiRule forwarding to Virtual Server not working
Hey guys, I manage a really old BIG-IP environment. Most of the configuration were not made by myself so I'll try to give you a brief overview what I have here. There is a BIG-IP cluster, some parti...
Paulius
MVP
MVPseamlessfirework The syntax in the iRule seems to be correct, supported on this code version, and I don't see any bugs relating to this specific action. You might consider running the following tcpdump and opening it up in wireshark to see what the F5 is doing with it.
tcpdump -nni 0.0:nnp host <first_virtual_server_IP> -w /shared/tmp/VS_Tshoot.pcap
This should show you exactly where the traffic is going if you look at the F5 field that will be added into the capture. It might be worth uploading a QKVIEW to iHealth and see if it can find anything as well.
seamlessfireworkCirrostratus
CirrostratusPaulius Thanks for your quick hint. An upload to iHealth is not possible. Sorry. But I did a capture and found something strange to me. The BIG-IP sends a TCP reset because of an iRule execution error. Have a look at the F5 trailer
F5 Ethernet Trailer Protocol
F5 Trailer Header - Version: 1
Magic: 0xf5deb0f5
Length: 122
Version: 1
Low Details
F5 Trailer Header, Provider: 1, Type: 1
Provider: 1
Type: 1
Trailer length: 44
Version: 2
Ingress: False (OUT)
Slot (1-based): 1
TMM (0-based): 2
Virtual Server: /Common/VirtualServer-443
Length: 32
Name: /Common/VirtualServer-443
Medium Details
F5 Trailer Header, Provider: 1, Type: 2
Provider: 1
Type: 2
Trailer length: 70
Version: 4
Flow ID: 0x00004001830ea800
Peer ID: 0x0000000000000000
Connflow Flags High Bits: 0x01202080
Connflow Flags: 0x04808024
Flow Type: 0x40
HA Unit: 0x01
Reserved: 0x00010008
Priority: 3
RST cause: [294f5e2:1864] iRule execution error
Length: 30
0000 000. = Version: 0 (0x00)
.... ...0 = Peer: 0
Value: 0x00000294f5e2
Line: 1864
Cause: iRule execution errorI've never seen that before to be honest.
- Paulius
seamlessfirework Are you seeing any errors generated in the F5 ltm logs for the iRule applied to either of the virtual servers?
- seamlessfirework
Paulius I had the same thought but there is no error in the log. I opened a support case. I'm curios what they say about this issue.
- Paulius
seamlessfirework At this point I think that would be best because that's definitely odd behavior. The nice part here is you probably already have the captures they want but you will most likely have to provide them a QKVIEW as well. Another note is to make sure you are on the newest recommended code version because that will be one of the first things they have you do if the issue is not easily found.