Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

girishb's avatar
girishb
Icon for Cirrus rankCirrus
6 years ago

TCPDUMP capture for Performance Virtual Server

Hi Team,   We are having issue with VIP which is configured with Performance(Layer 4) Virtual Server.   Issue: Application hosted on back-end server is not accessible through VIP. but when we di...
application delivery
big-ip
LTM
tcpdump
girishb's avatar
girishb
Icon for Cirrus rankCirrus
6 years ago

Thanks Dario...

 

I tried with enabling the Automap

on VIP. But it did not work. .

 

Also captured the tcpdump.. We

found that destination server(backend server) is trying to send multiple

re-transmission SYN-ACK packets as its not receiving ACK packet for SYN-ACK

packets and finally session ending with RST packet from backend server..

 

We suspect that reverse route

from F5 LTM to back source (client) is having issue. We are checking with

firewall team and also network team to check path

Dario_Garrido's avatar
Dario_Garrido
Icon for Noctilucent rankNoctilucent
6 years ago

If auto-map is not working, this could be because you are filtering the source IP in one of your firewalls.

 

Also, take into account that if your SYN-ACK is not reaching your client this could be because your response is sending to the client using a different path (asymmetric traffic) which could be filtering by spoofing in your firewall.

 

The better way to troubleshoot this is to use tcpdump in any other devices trying to figure out the current path.

 

BTW, if my last answer was helpful, please remember to set it as "the best" or give me some upvotes.

 

KR,

Dario.