Route friendly virtual server

Question

In article - K7595 its discussed that the default routing behaviour of a virtual server is stateful. We got bitten by this once where a session apparently got out of state and got dropped (the traffic flow was a health check between an HA pair of devices so it caused a bit of chaos).

The fix was to create a new virtual server (fast l4) for the /29 subnet and follow the section "Emulate stateless IP routing with BIG-IP LTM forwarding virtual servers" which resolved the issue.

What I am interested in, can we see the packets being dropped somewhere in the cli? Our existing virtual server that was dropping this traffic is 10.0.0.0/8, I suspect its probably dropping a lot more than we know about, I am just interested in seeing what’s being dropped and whether I want to try and change the default setting of this catch all forwarder or not.

nikoolayy1 · Answer

&nbsp;
F5 for TCP traffic should send TCP RST not drop it and you can enable debug for this :K13223: Configuring the BIG-IP system to log TCP RST packets
https://my.f5.com/manage/s/article/K13223
&nbsp;
Still this may cause high cpu during working hours or log file getting too big and hard disk utlization, so better do this outide working hours.
&nbsp;
For UDP it is a bit harder .

Forum Discussion

Route friendly virtual server

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Create a virtual server on internal vlan

About Virtual Server's IP

Virtual server with port translation

APM what do virtual servers share?

Virtual Server and ICMP/PING

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS