Forum Discussion
laurika_107393
Nimbostratus
Nimbostratusproblem syn/ack to client Instead of RST
Hello:
I have a one problem.
Despite my vserver this down, my client sends the SYN packet to connect to the VIP, f5 responds with a SYN / ACK, the client sends ACK y the F5 respo...
nitass
Employee
Employeeare you using irule? if not, can you try verified accept setting under tcp profile?
[root@ve10:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.19.252:443
ip protocol 6
profiles {
clientssl {
clientside
}
http {}
mytcp {}
}
}
[root@ve10:Active] config b pool foo list
pool foo {
members 200.200.200.101:80 {}
}
[root@ve10:Active] config b profile mytcp list
profile tcp mytcp {
defaults from tcp
verified accept enable
}
[root@ve10:Active] config tcpdump -nni 0.0 -s0 port 443 or port 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes
17:46:02.057096 IP 172.28.19.251.34969 > 172.28.19.252.443: S 1618116666:1618116666(0) win 5840 in slot1/tmm0 lis=
17:46:02.057204 IP 200.200.200.10.34969 > 200.200.200.101.80: S 1873592754:1873592754(0) win 4380 out slot1/tmm0 lis=bar
17:46:02.058188 IP 200.200.200.101.80 > 200.200.200.10.34969: R 0:0(0) ack 1873592755 win 0 in slot1/tmm0 lis=bar
17:46:02.058208 IP 172.28.19.252.443 > 172.28.19.251.34969: R 3667334011:3667334011(0) ack 1618116667 win 4380 out slot1/tmm0 lis=bar
