tcp half open

Question

The f5 3400 box , we have has  BIG-IP 10.0.1 build 283.It seems like  when "tcp half open" monitor is set for a pool,F5 is not sending reset packets when it receives "syn-ack" from the pool member.
&nbsp;Any idea?misconfiguration or system bug ?&nbsp;

hoolio · Answer

Hi ysungur, 
&nbsp;  
&nbsp; According to SOL9812, LTM should send a RST after getting the SYN ACK.  If you're not seeing this, you could open a case with F5 Support and ask them if the expected behavior has changed in v10.x or if this is a bug. 
&nbsp;  
&nbsp;  
&nbsp; https://support.f5.com/kb/en-us/solutions/public/9000/800/sol9812.html 
&nbsp;  
&nbsp; Certain BIG-IP monitors use a TCP RST packet to close the monitor connection quickly. For example, the tcp_half_open monitor performs a simple check on the pool member service by sending a TCP SYN packet to the service port. When the monitor receives the SYN-ACK packet from the pool member, the monitor considers the service to be up, and sends a TCP RST packet to the service instead of completing the three-way handshake. The TCP RST packet is typically sent on the server side of the connection, and the source IP address of the reset is the relevant self IP address of the VLAN. 
&nbsp;  
&nbsp;  
&nbsp; Aaron

Forum Discussion

tcp half open

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

TCP 3-WAY Handshake vs TCP Half-Open

Faster TCP: F5 Now Supports TCP Fast Open

Is 2015 Half Empty or Half Full?

Phishing, Malware, Breach and Open-Source Security

AppWorld 2024 Call For Speakers open

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS