cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

F5 Big IP resets the connection after receiving SynAck

Msaad
Nimbostratus
Nimbostratus

Hello,

 

I'm trying to create a pool that includes two members listening on port HTTPS customized port 7000, I'm using https monitor but pool never comes up. they are working only with ICMP. After troubleshooting I found that F5 Big IP is sending tcp resets to the pool members.

 

PCAP summary:

F5 internal <------SYN---------> pool member

pool member <------SYNACK---------> F5 Internal

F5 internal <------RST---------> pool member

 

TCP RST Reason Logs:

BIGIP-1 err tmm1[18512]: 01230140:3: RST sent from 172.16.120.100:61333 to 10.50.60.170:7000, [0x286ee03:2392] No flow found for ACK

BIGIP-1 err tmm[18512]: 01230140:3: RST sent from 172.16.120.100:61333 to 10.50.60.170:7000, [0x28448cd:263] {peer} handshake timeout

BIGIP-1 err tmm2[18512]: 01230140:3: RST sent from 10.50.60.170:7000 to 172.16.120.100:2554, [0x28449e5:985] RST from BIG-IP internal Linux host

 

Any thoughts ?

 

Thanks

 

1 REPLY 1

Hello Msaad.

 

This could be caused by a bug:

https://cdn.f5.com/product/bugtracker/ID773229.html

https://cdn.f5.com/product/bugtracker/ID536563.html

https://cdn.f5.com/product/bugtracker/ID652977.html

 

I would also check that you are not reaching more than 65k connections for that internal IP.

Just in case, are you using a 'tcp_half_open' monitor?

 

Please, share some more info (release, monitor config, etc).

 

Regards,

Dario.

Regards,
Dario.