Forum Discussion

Msaad's avatar
Msaad
Icon for Nimbostratus rankNimbostratus
Dec 29, 2020

F5 Big IP resets the connection after receiving SynAck

Hello,

 

I'm trying to create a pool that includes two members listening on port HTTPS customized port 7000, I'm using https monitor but pool never comes up. they are working only with ICMP. After troubleshooting I found that F5 Big IP is sending tcp resets to the pool members.

 

PCAP summary:

F5 internal <------SYN---------> pool member

pool member <------SYNACK---------> F5 Internal

F5 internal <------RST---------> pool member

 

TCP RST Reason Logs:

BIGIP-1 err tmm1[18512]: 01230140:3: RST sent from 172.16.120.100:61333 to 10.50.60.170:7000, [0x286ee03:2392] No flow found for ACK

BIGIP-1 err tmm[18512]: 01230140:3: RST sent from 172.16.120.100:61333 to 10.50.60.170:7000, [0x28448cd:263] {peer} handshake timeout

BIGIP-1 err tmm2[18512]: 01230140:3: RST sent from 10.50.60.170:7000 to 172.16.120.100:2554, [0x28449e5:985] RST from BIG-IP internal Linux host

 

Any thoughts ?

 

Thanks

 

1 Reply

  • Hello Msaad.

     

    This could be caused by a bug:

    https://cdn.f5.com/product/bugtracker/ID773229.html

    https://cdn.f5.com/product/bugtracker/ID536563.html

    https://cdn.f5.com/product/bugtracker/ID652977.html

     

    I would also check that you are not reaching more than 65k connections for that internal IP.

    Just in case, are you using a 'tcp_half_open' monitor?

     

    Please, share some more info (release, monitor config, etc).

     

    Regards,

    Dario.