Forum Discussion

benmgood36's avatar
benmgood36
Icon for Nimbostratus rankNimbostratus
Dec 09, 2015

Source port being changed when nothing else appears to be using the port

I've got some devices (Infoblox DNS) which use OpenVPN UDP port 1194 to communicate. The devices expect the source and destination port to be 1194. On the devices that are behind my F5 10200v devices...
application delivery
BIG-IP
LTM
Brad_Parker's avatar
Brad_Parker
Icon for Cirrus rankCirrus
Dec 09, 2015

Yes, we have seen similar with the new MSSQL availibility groups. We did just as you suggest, create a forwadingIP UDP VS with preserve strict. Since you are using a 5 second timeout you may benefit more from using stateless virtual servers for this UDP traffic, but you will need on for both directions of the traffic flow.

 

https://support.f5.com/kb/en-us/solutions/public/13000/600/sol13675.html

 

  • benmgood36's avatar
    benmgood36
    Icon for Nimbostratus rankNimbostratus
    Dec 09, 2015
    After reading this, I suppose I should have a stateless VS for 0.0.0.0/0 for UDP instead of IP forwarding. I followed the guidelines in https://support.f5.com/kb/en-us/solutions/public/7000/500/sol7595.html and set up a forwarding VS for TCP, UDP, and non-TCP/UDP with their own fastL4 profiles.