Forum Discussion

dean0's avatar
dean0
Icon for Nimbostratus rankNimbostratus
Oct 13, 2022

tcp-server-rst

I have seen quite a few discussions about this little mishap but no real clue as to what to do re solving the issue. I have a firewall directing traffic to an F5 VIP and the rst message showing up in the firewall logs and no traffic from the F5 / VIP being returned.

Logged a case with F5 and was amusingly advised that because this is a new F5, I have to go speak to Professional Services, pay them a handsome sum and they might fix it. You only get support if something breaks and it was working but then stopped working.....

Any ideas where to head re tcp-server-rst and absolutely no traffic crossing the F5 nic to the server pool?

  •  

    F5 support scope is to provide assistance on break-fix issues, if you told them this was a new configuration I'd expect them to address you to PS because you'll be able to receive assistance on solution design. 

    There's a lot that could be going on here and little information, when did you notice the issue? Has this ever been working before? What changed since? Have you performed traffic captures? Where are packets stopping?

    Most common cause of a RST is that SYN packets are being sent to a closed port or an unavailable service. If you don't see this packets on the F5 nic there might as well be another firewall in-between that's dropping them, or routing that needs to be fixed.

  • dean0Things I would check.

    1. When you run a tcpdump on the F5 are you seeing the connection arrive?
    2. If the firewall is issuing a RST to the F5 that means the F5 is not sending the connection anywhere and the firewall is most likely resetting the connection after the protocol timeout has occurred.
    3. Check for asymmetric routing on the firewall and F5.

    If these do not reveal anything to you can you please provide a topology and a configuration output for your F5 while redacting any sensitive information so we can have a look and see what we can find?