Forum Discussion
dechir_21483
Nimbostratus
Nimbostratusproblem with FTP access on BIG IP V11.2.0 HF1
Hi,
we have upgrade our 2 BIG IP on active/standby to version 11.2 HF1 and we met a problem with FTP access to our servers(vs ftp on port 21 and pool with members on ports 21), However the problem did not arise on version 11.1.0 HF2 despite that we used the same configuration (vs ftp on port 21 and pool with members on ports 21)
you have already met this problem?
are there any special configuration for FTP (Virtuel servers and pool)?
Thanks.
nitassEmployee
is the problem on ftp active or passive mode?
if it is active, is server using standard data port, i.e. 20, or custom one?
dechir_21483We use FTP actif. and we use 20 for data transfert. However I infom you that FTP access work normally on version 11.1.0 HF2 and since we have upgrade our version on 11.2.0 we can't do FTP acces to our server and after equiepemnts are restored with version 11.1.0 HF2 the FTP acces work.for resume:
FTP work with 11.1.0 HF2
FTP not work with 11.2.0 HF1.
Thanks.
- nitassthis is my testing.
root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) show sys version Sys::Version Main Package Product BIG-IP Version 11.2.0 Build 2451.0 Edition Hotfix HF1 Date Tue Jun 5 23:45:09 PDT 2012 Hotfix List ID387964 ID387843 root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm virtual ftpvs ltm virtual ftpvs { destination 172.28.19.252:21 ip-protocol tcp mask 255.255.255.255 pool ftppool profiles { ftp { } tcp { } } snat automap vlans-disabled } root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm pool ftppool ltm pool ftppool { members { 200.200.200.101:21 { address 200.200.200.101 } } } on client [root@centos251 ~] netstat -tan Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 172.28.19.251:33751 172.28.19.252:20 ESTABLISHED tcp 0 0 172.28.19.251:57367 172.28.19.252:21 ESTABLISHED 
Patrick_NordeHi dechir, i just found this topic. At this time I am working on a project for one of our customers and experience the same (almost) FTP problem. In my case the FTP communication flows from internal to the Internet (GTM link load balancing). In order to troubleshoot this problem I built a test environment using v.11.2.0 (NO HF1), this gives no problem. The problem starts with HF1.
I made some tcpdumps in internal as well as external interface and can clearly see that the BIG-IP is modifying the response of the server after the client sends a passive request.
This looks like some problem we had in the past with other releases.
Have you allready submitted a service request with F5 ?
Hervé_SCHLECHT_Hi Dechir,
I found the same problem when I upgrade my HA configuration from 10.2 to 11.2.0 HF1. We had not problem with the old release but the problem begin after the Upgrade. I have seen you had the same problem, did you found a solution to the problem ? Thanks for your help.
BRgds- Patrick_Norde
Hi Herve,
for the customer I was working on, this problem has been solved. Engineering provided us with a fix for V11.2.0 / HF2. Note, this was an engineering hotfix and not a publicly available fix !
After implementing the fix, the problem was solved !
I think you should contact F5 support in order to get the fix for your environment.
Kind regards, Patrick.
- ccbHi Patrick,
Do you remember the bug ID number that was associated to your issue and which was fixed by the Engineering Hotfix?
Thanks - Patrick_Norde
Hi ccb, the bug ID is "398593".
hooleylistCirrostratus
BZ398593 should be fixed in the upcoming 11.3 release. And as Patrick said, there should also be an engineering hotfix available for 11.2.x. You could request this be added to the next cumulative hotfix as well.
Aaron
