In article - K7595 its discussed that the default routing behaviour of a virtual server is stateful. We got bitten by this once where a session apparently got out of state and got dropped (the traffic flow was a health check between an HA pair of devices so it caused a bit of chaos).
The fix was to create a new virtual server (fast l4) for the /29 subnet and follow the section "Emulate stateless IP routing with BIG-IP LTM forwarding virtual servers" which resolved the issue.
What I am interested in, can we see the packets being dropped somewhere in the cli? Our existing virtual server that was dropping this traffic is 10.0.0.0/8, I suspect its probably dropping a lot more than we know about, I am just interested in seeing what’s being dropped and whether I want to try and change the default setting of this catch all forwarder or not.