Forum Discussion

rosarra's avatar
rosarra
Icon for Altocumulus rankAltocumulus
May 15, 2024

Reset cause

Hello,

someone can help me with this? I've a F5 LTM VM and the sho /net rst-cause command displays this situation:

TCP/IP Reset Cause
RST Cause:                            Count
-------------------------------------------
Flow expired (sweeper)               103387
No flow found for ACK                339414
No pool member available                  0
RST from BIG-IP internal Linux host  659163
SSL handshake timeout exceeded            3
TCP RST from remote system           114027
TCP retransmit timeout                   48
TCP zero window timeout                 136
Unknown reason                           57
handshake timeout                     52912

 

I have tried enabling the logs on LTM in order to understand the handshake timeout resets cause but I am quite confused. I can't figure out the cause of the TCP handshakes or how increase them in the tcp profile.

The LTM log returns me this error:
RST sent from 10.109.120.228:35681 to 10.1.29.237:8403, [0x2f3864d:271] {peer} handshake timeout

 

Thank you for your support.

LTM VE
  • Seattle2k's avatar
    Seattle2k
    Icon for Employee rankEmployee
    May 15, 2024

    Hi Rosarra,
    Try capturing the handshake failure with tcpdump. That should give you some clues as to why it's failing.

  • zamroni777's avatar
    zamroni777
    Icon for Nacreous rankNacreous
    May 16, 2024

    you also need to check the client and server side (depends on what side is 10.1.29.237)

    it seems the error message is caused by tls handshake time out.
    if there is ips/ids between f5 and client/server that does ssl proxy, you might need to check on them as well