tcp half open

Question

The f5 3400 box , we have has  BIG-IP 10.0.1 build 283.It seems like  when "tcp half open" monitor is set for a pool,F5 is not sending reset packets when it receives "syn-ack" from the pool member.
&nbsp;Any idea?misconfiguration or system bug ?&nbsp;

hoolio · Answer

Hi ysungur, 
&nbsp;  
&nbsp; According to SOL9812, LTM should send a RST after getting the SYN ACK.  If you're not seeing this, you could open a case with F5 Support and ask them if the expected behavior has changed in v10.x or if this is a bug. 
&nbsp;  
&nbsp;  
&nbsp; https://support.f5.com/kb/en-us/solutions/public/9000/800/sol9812.html 
&nbsp;  
&nbsp; Certain BIG-IP monitors use a TCP RST packet to close the monitor connection quickly. For example, the tcp_half_open monitor performs a simple check on the pool member service by sending a TCP SYN packet to the service port. When the monitor receives the SYN-ACK packet from the pool member, the monitor considers the service to be up, and sends a TCP RST packet to the service instead of completing the three-way handshake. The TCP RST packet is typically sent on the server side of the connection, and the source IP address of the reset is the relevant self IP address of the VLAN. 
&nbsp;  
&nbsp;  
&nbsp; Aaron

Forum Discussion

tcp half open

Recent Discussions

Kerberos Auth is not working after keytab file -

History Current Connections from Local pool Traffic.

Http / https health monitor issue

F5-SDK Get GTM Pool Server, Virtual Server, Unused Objects, and JSON Conversion for Data Processing

F5 DNS Generic Host

Related Content

US Tiktok ban, Salt and Twill, over Half billion in crypto stolen

AppWorld 2024 Call For Speakers open

Faster TCP: F5 Now Supports TCP Fast Open

Is 2015 Half Empty or Half Full?

Load Balancing TCP TLS Encrypted Syslog Messages

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS