Forum Discussion

Cirrostratus

Feb 04, 2025

Strange phenomenon seen in the tcpdump

Hi All, I grabbed a packet to find out the cause because there was a service outage, and I found that the connection is not connected to any virtual server, and the port is 0.67, but obviously th...

application delivery

boneyard

MVP

Feb 08, 2025

I understand the lack of understanding and don't have a direct answer.

I would look further, try looking at another virtual server, how does the tcpdump output look there.

Double check the IP address, try with the source instead of the destination. This looks like FTP, perhaps an FTP profile is somehow involved?

And of course if you have a support contract reach out to F5 support, they can look at your full configuration and that makes things easier.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Strange phenomenon seen in the tcpdump

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

How to configure ssh access by key on F5OS

Help with an iRule to disconnect active connections to Pool Members that are "offline"

Questions on R-Series 5800s

iRule Approach to Mask Authorization Header for Bot Defense Logging – Validation Needed

Cloud Apps Protection

Related Content

decrypted tcpdump capture without using an iRule and without using tshark

8. SYN Cookie: Troubleshooting tcpdump

Decrypting TLS with the tcpdump sslprovider

Tcpdump Capture

tcpdump portrange option

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS