cancel
Showing results for 
Search instead for 
Did you mean: 

F5 LTM TCP traffic can't be meet this require

xuwen
Cirrus
Cirrus

topology:

client( 30.1.1.1 )------->VS( 200.1.1.100:23)-------------->pool members(router1: 192.168.40.1:23 router2:192.168.40.2:23)

The scenario is as follows: vs 200.1.1.100 vs port 23, pool name pool_web, pool member 192.168.40.1:23 192.168.40.2:23, monitor tcp_22, tcp detects port 22, member is a router, and ssh telnet service is turned on, I found:

The client tries to telnet 200.1.1.100 23. He successfully logs in to the device and can execute network commands. However, when I shut down the router interface, the client will get stuck in telnet. The sys connection created by F5 (30.1.1.1:15332 200.1.1.100:23 30.1.1.1:15332 192.168.40.1:23), the idle timeout of tcp for 300 seconds. The session will be deleted when the timeout expires, and the rest will disconnect the client from the VS

My requirement is that when the router's tcp 22 service is stopped, the existing connection to port 23 is allowed, but when the device interface is down, that is, when the F5 to the router icmp is unreachable, let F5 take the initiative to delete the existing useless session, but the setting of Action On Service Down in the pool reject, drop, and reselect cannot meet this demand

1 REPLY 1

xuwen
Cirrus
Cirrus

In simple terms, when the pool member node icmp is unreachable, let F5 actively delete the exists sys session to the node. When tcp_22 is unreachable, mark the node as down, allowing connections to the node that already exist, and assigning new connections to the rest of the pool member