For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

f5mkuDefault's avatar
f5mkuDefault
Icon for Cirrus rankCirrus
Feb 26, 2021

WEBSERVICES becomes inaccessible when failover

Hi experts,   I would like to get some help with this issue we've been trying to resolve that even F5 TAC is unable to find the root cause until now for several months already.   We have an F...
application delivery
ASM Advanced WAF
LTM
PeteWhite's avatar
PeteWhite
Icon for Employee rankEmployee
Mar 02, 2021

Have you checked the ARP tables on the Firewall? It is common for firewalls to drop GARP packets because of the risk of ARP cache poisoning attacks. ie the request may be coming through the BIG-IP, through the firewall and to the server, then the response gets back to the firewall which sends it to the standby BIG-IP. This then depends on the firewall ARP cache to time out ( which explains the time variance ) before it does an ARP request and receives the MAC address for the correct BIG-IP. Worth taking a look ( or configuring MAC masquerading on the traffic group, which is the best solution )