Forum Discussion

JayP_46820's avatar
JayP_46820
Icon for Nimbostratus rankNimbostratus
Jan 08, 2013

F5 LTM Health check source IP issue

We have pair of 8900 LTM in active/standby mode. They are running multiple partitions with multiple route domains. Virtual Server are in public range, real servers are in RFC1918 range. In one route domain, we have two VLAN which connect to internal network. These are on dot1q trunk.

 

- VLAN1 using self IP 172.26.255.1/28, VLAN100 using 172.26.255.17/28.

 

- Routing = 172.26/16 -> 172.26.255.14,

 

= 172.26.100/24 -> 172.26.255.30.

 

- VIP = 200.200.200.200.

 

- Pool member = 172.26.100.100:80

 

- Node = 172.26.100.100

 

 

For health monitor , the source IP address used to check node 172.26.100.100 is 172.26.255.1, which means the return path is asymmetrical (goes out VLAN100, comes back VLAN1). I was expecting it to use the outgoing interface IP of 172.26.255.17.

 

 

Is this normal behaviour or some bug. I should note that VLAN1 was configured first, and VLAN100 is only a recent addition.

 

 

Thanks

 

basic
getting started
new to f5

3 Replies

Sort By
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jan 08, 2013
    I was expecting it to use the outgoing interface IP of 172.26.255.17.i expect it too. have you tried to restart bigd?

     

     

    tmsh restart sys service bigd
  • Chura_16140's avatar
    Chura_16140
    Icon for Nimbostratus rankNimbostratus
    Jan 08, 2013
    How did u see it ?

     

    Can you run tcpdump to check the actual source ?
  • JayP_46820's avatar
    JayP_46820
    Icon for Nimbostratus rankNimbostratus
    Apr 08, 2013

    This was caused by a bug, apparently v10 and multiple route domains have many issues.

     

    Better to upgrade to v11.

     

     

    sol14048: The BIG-IP system may fail to use a self IP address from the same subnet as the pool member being monitored

     

    https://support.f5.com/kb/en-us/solutions/public/14000/000/sol14048.html?sr=26997749