Forum Discussion

er_sandy_27437's avatar
er_sandy_27437
Icon for Nimbostratus rankNimbostratus
Mar 29, 2012

TCP connection resets on LTM

Hello All, I am facing a issue with F5, here's the case: We created a VIP 192.168.16.68:443 for ssl handshake on F5. there are 2 pool members. 192.168.16.100:80 & 192.168.16.25:80. The setup from F5 ...
config
design
smp_86112's avatar
smp_86112
Icon for Cirrostratus rankCirrostratus
Mar 29, 2012
I am a bit confused by the evidence you are providing. One one hand, you claim you are using curl to connect to an HTTPS VIP. On the other hand, the trace you provided shows a connection to port 80 - not port 443. That's why hoolio asked which side of the ltm was the trace you provided taken on - the external (i.e. client) side, or the internal (i.e. server) side? If the trace was taken on the client side, then of course the LTM sent a RST because the connection from the client was HTTP (port 80), not HTTPS (port 443), and you probably don't have an HTTP (port 80) VIP. But if the trace was taken on the server side, then it was the Pool Member who is sending a TCP RST - not the LTM. That was why I advised you to attempt to telnet to the pool member on port 80 from the LTM - it will validate whether or not a TCP connection with the Pool Member is being acknowledged.

 

 

So something isn't adding up. Which side of the LTM was the trace taken on - the client side or the pool member side?