Forum Discussion
andrew_C1
Nimbostratus
NimbostratusVIP with irule hosting HTTP response not responding to ARP
As per the title,
if i static arp on the client i get to the HTTP page and get the expected response. I have TCPDumped the interface and can see the incomming ARP frames, F5 just isn't responding.
12:08:57.957310 arp who-has 192.168.16.23 tell 192.168.16.145
12:09:00.769257 arp who-has 192.168.16.23 tell 192.168.16.145
12:09:01.458528 arp who-has 192.168.16.23 tell 192.168.16.145
12:09:02.457333 arp who-has 192.168.16.23 tell 192.168.16.145
12:09:06.767878 arp who-has 192.168.16.23 tell 192.168.16.145
12:09:07.457120 arp who-has 192.168.16.23 tell 192.168.16.145
12:09:08.457004 arp who-has 192.168.16.23 tell 192.168.16.145
12:09:17.133658 arp who-has 192.168.18.23 (ff:ff:ff:ff:ff:ff) tell 192.168.18.23
12:09:17.143121 arp who-has 192.168.18.23 (ff:ff:ff:ff:ff:ff) tell 192.168.18.23
12:09:17.152998 arp who-has 192.168.18.23 (ff:ff:ff:ff:ff:ff) tell 192.168.18.23
12:09:17.163152 arp who-has 192.168.18.23 (ff:ff:ff:ff:ff:ff) tell 192.168.18.23
12:09:17.173184 arp who-has 192.168.18.23 (ff:ff:ff:ff:ff:ff) tell 192.168.18.23
Yes ARP is enabled on the Virtual Address.
root@(dc1-f5-swg)(cfg-sync In Sync)(/S1-green-P:Eval:Active)(/GUEST-SWG-PARTITION)(tmos) list ltm virtual-address /GUEST-SWG-PARTITION/192.168.18.23%2
ltm virtual-address 192.168.18.23%2 {
address 192.168.18.23
mask 255.255.255.255
partition GUEST-SWG-PARTITION
traffic-group /Common/traffic-group-1
}
root@(dc1-f5-swg)(cfg-sync In Sync)(/S1-green-P:Eval:Active)(/GUEST-SWG-PARTITION)(tmos) list ltm virtual-address /GUEST-SWG-PARTITION/192.168.18.23%2 arp
ltm virtual-address 192.168.18.23%2 {
arp enabled
}
Anyone seen anything like this or have any ideas?
- 6 HF5
cheers
- Kai_Wilke
MVP
Hi Andrew,
could be a Route Domain related problem. If you compare your listings with ours...
ltm virtual-address 172.21.17.210%1 { address 172.21.17.210%1 mask 255.255.255.255 traffic-group traffic-group-1 }... you will see that our "address" does have a Route Domain suffix specified. Your "address" does not have a Route Domain, but your "virtual-address" name is including a %2 notation?
Cheers, Kai
andrew_C1Issue was fixed by rebooting (sigh). I was actual wrong above at first the VIP was answering, but later on it stopped responding completely(no idea why) and then traffic was being caught by another vip (0.0.0.0/0 vip).
On route domains, i always roll with a 1:1 mapping of route domains to partitions. Depending where i am on TMSH (/Common/ or somewhere else) the route domain id might or might not be there, but because of the 1:1 mapping i never specific directly route domain id's in addresses thus i never have that issue :).
cheers
