Forum Discussion

C_Guillaume_187's avatar
C_Guillaume_187
Icon for Nimbostratus rankNimbostratus
Dec 03, 2013

RST/ACK sent by F5 loadbalancer to the client

Hello we actually have a problem on a specific VS. Context: my VS is a fastL4 profile with very standard configuration. This VS is called each second. And one time per hour we have an error, a TCP/RST is sent by the F5 to the client closing the actual connection.

 

What we have done: - creation of a specific autonat pool in order to avoid port famine - verification of TCP idle timeout => value is 300 sec

 

we are in version 10.2.0 which doesn't allow us to use advanced tcp/rst debug.

 

I am a little stucked at the moment.

 

Regards,

 

2 Replies

  • Could it be a setting on the server, or perhaps a firewall in the path? Are you 100% sure it's the F5 sending the RST and not something else?

     

  • yes, I made some tcpdump capture on the F5 to analyse more precisely the observed behavior. It's clear that the RST come from the F5. I checked health monitor and logs, and the server is always available.

     

    My architechture is the following: (A)IP client <-> (B)IP VS - (C)IP back F5 <-> (D)IP server

     

    I have two scenari of failure: first one connnection is established (at TCP level) and client/server are chatting during 10 sec there is no more traffic on the TCP connection D sends a FIN,ACK to C B relays the FIN, ACK to A A reply with an ACK to B B sends a RST,ACK to A <= this is my problem

     

    second one: connnection is established (at TCP level) and client/server are chatting during 1 sec there is no more traffic on the TCP connection A sends a HTTP POST request to B B sends a RST,ACK to A <= this is my problem

     

    If you want I can send the tcpdump (1Mo each)

     

    Regards,