Forum Discussion

girishb's avatar
girishb
Icon for Cirrus rankCirrus
Jul 24, 2019

TCPDUMP capture for Performance Virtual Server

Hi Team,   We are having issue with VIP which is configured with Performance(Layer 4) Virtual Server.   Issue: Application hosted on back-end server is not accessible through VIP. but when we di...
application delivery
BIG-IP
LTM
tcpdump
girishb's avatar
girishb
Icon for Cirrus rankCirrus

Thanks Dario...

 

I tried with enabling the Automap

on VIP. But it did not work. .

 

Also captured the tcpdump.. We

found that destination server(backend server) is trying to send multiple

re-transmission SYN-ACK packets as its not receiving ACK packet for SYN-ACK

packets and finally session ending with RST packet from backend server..

 

We suspect that reverse route

from F5 LTM to back source (client) is having issue. We are checking with

firewall team and also network team to check path

Dario_Garrido's avatar
Dario_Garrido
Icon for MVP rankMVP
Jul 26, 2019

If auto-map is not working, this could be because you are filtering the source IP in one of your firewalls.

 

Also, take into account that if your SYN-ACK is not reaching your client this could be because your response is sending to the client using a different path (asymmetric traffic) which could be filtering by spoofing in your firewall.

 

The better way to troubleshoot this is to use tcpdump in any other devices trying to figure out the current path.

 

BTW, if my last answer was helpful, please remember to set it as "the best" or give me some upvotes.

 

KR,

Dario.