Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

Are you an expert?    Interested in presenting at F5 AppWorld 2024?    Submit a proposal by Nov 29th!

problems connecting socket via F5

Zero27351
Altostratus
Altostratus

‎08-Nov-2023 01:52

Hi Folks,

So we have a setup where we have two VIPs for the same site https://something.domain.com/login.php on ports 443 and 10800. Connecting to the site works (on 443). Once logged there is another connection going to the 10800 and here the connection fails via the F5 with the error:
EventClient.js:23 WebSocket connection to 'wss://something.domain.com:10800/SWWebsocketServer' failed:
connect @ EventClient.js:23
(anonymous) @ EventClient.js:94

When you bypass the F5 (ie go to the site directly) everything works fine. We have tried tweaking alot of things but nothing seems to work.
The 10800 vip has the fowlling configuration (see attached screenshots).F5-1.png

F5-2.png
Anyone has any idea what this could be or has any suggestions?
Thanks in advance.

Labels:
0 Kudos
5 REPLIES 5

Lucas_Thompson
F5 Employee
F5 Employee

‎10-Nov-2023 10:47 - edited ‎10-Nov-2023 10:48

Be sure that the target pool of that virtual server is port 443 (one port) instead of 0 (all ports). If you use 0, the flow would look like this:

 client(S: ephemeral, d: 10800) --> <big-ip> --> server(S: ephemeral, d: 10800)

but if the pool was port 443 explicitly, the BIG-IP automatically translates the destination port on the server-side of the flow, 

client(S: ephemeral, d:  10800) --> <BIG-IP> --> server(S: ephemenal, d: 443)

 

F5-Enthusiast-X
Nimbostratus
Nimbostratus

‎15-Nov-2023 03:59

Hello,

you try to let the client establish a Websocket Connection. Websocket by itself is still part of http. 
So your Virtual Server is misconfigured. Please configure it like the *:443 Virtual Server. Also with required SSL Profiles. 

After that configure a websocket profile too on the *:10800 Virtual Server. Then this should work.

 

Regards

 

Zero27351
Altostratus
Altostratus

‎16-Nov-2023 06:02

Thanks guys, i tried both your suggestions but sadly had no effect, we are still seeing the same error presented. I am starting to wonder if this is a backend issue but then again it works fine if you bypass the f5 so..

0 Kudos

Lucas_Thompson
F5 Employee
F5 Employee

‎16-Nov-2023 09:59

Without packet capture analyis (don't send it on this forum), we're kind of guessing. You could try removing the HTTP profile and changing the vip to be Fast L4 to see if it's an L5-L7(ssl, http) or an L3-L4(ip, tcp) issue. 

If you can't get it worked out, Support can help by analyzing your config and a packet capture: https://my.f5.com/manage/s/article/K2633

 

0 Kudos

PSFletchTheTek
MVP
MVP

‎17-Nov-2023 01:39

You have turned on the websocket profile haven't you?
Otherwise the f5 wont know to allow bidirectional comms.

0 Kudos
Copyright © 2023 Khoros, LLC