On the R4800 series, sometimes ICMP does not work properly. Reboot fixes the problem
Problem definition. Tenant A is deployed in Box X, Tenant B is deployed in Box Y. (L2 syncro vlan is done between the two boxes) Tenant A pings Bye and gets a response, while Tenant B pings A and gets an unreachable message. When Box Y is rebooted, everything starts to work normally for a while, but after a while the connection is lost again. Has anyone ever encountered this problem?
Problems connecting to vpn after upgrading to ubuntu 24.04
good afternoon, I have upgraded ubuntu to 24.04 and since then I can no longer connect correctly to the vpn with the f5 client. In the client it appears that I am connected to the vpn, but then I do not reach any of the sites and servers that with the 22.04 version if it arrived. Can you help me.Forward ASM event logs to Virtual server
Greetings. I want to forward the logs coming to ASM Policies to 2 syslog servers for the purpose of Failover Load balancing. For this I created a VS running on port 514 and I send to the pool running on port 514 but it doesn't go. When I send it with a regular log profile, the logs are forwarded to me, but it needs to go from VS as a load balance (fail-over).
Single node serving more traffic than other nodes in the pool.
Hi Team - I have a question on the below setup, i am a starter in F5 and recently came across in F5 that one node in the pool is serving more traffic than others. - load balancing method is - Round robin no Persistance configured. I am not sure what is making one node to send and receive more traffic than other nodes. Can someone let me know the reason for this behavior.. Thanks in advance.
robots.txt rule?
Hello, Bear with me if this has been answered elsewhere, I've found threads that seem similar but nothing exactly like what I'm trying to do and none of the related examples seem to work. I'm trying to present a robots.txt file in front of a VIP using an uploaded file and a simple iRule. The VIP in question is actually just a group of other iRules with no actual root directory on a server that I could otherwise drop this file into. In fact I'd like to use this robots.txt file in front of other web services whether or not the VIP points at an actual root directory, and whether or not it has other iRules in place. It seems like this should be simple: when HTTP_REQUEST { if { [HTTP::uri] == "/robots.txt" } { HTTP::respond 200 content [ifile get robots.txt] } } And the above works, if it's the only iRule on the VIP. If I point a browser at https://host.foo.orgI get the real server behind the F5 and if I point it at https://host.foo.org/robots.txt I get the contents of the robots.txt file. But if I add it to a VIP with other iRules, while the later iRules work, the first rule in the list fails. That is, if I add it with a second rule like: when HTTP_REQUEST { if { [HTTP::uri] == "/gopher.jpg" } { HTTP::respond 200 content [ifile get gopher.jpg] } } and then try my browser at https://host/.foo.org/I get the real server behind the F5. If I point it athttps://host.foo.org/gopher.jpg I get the gopher. But if I point it athttps://host.foo.org/robots.txt I getERR_CONNECTION_RESET I'd like to do this with one rule that sits on multiple VIPs whether or not it's added to other iRules. It seems like it should be simple. What am I missing? Thanks, Randy in Seattle
About HTTP2 communication error
Hello! I am experiencing an HTTP2 protocol error and need some assistance. Our setup is Client - F5 LB - WAF - SERVER. The error occurs when communicating via HTTP2 between the Client and F5. The communication paths are: Client <-> F5: HTTP2 WAF <-> SERVER: HTTP1.1 When F5 is removed from the setup, there are no communication errors, and everything works with HTTP1.1. F5 has an HTTP2 profile applied only to the Client side, and MRF is disabled. HTTP2 errors frequently occur when refreshing the browser or using "Clear Cache and Hard Reload" in Chrome's incognito mode. Could you help identify why these HTTP2 errors are happening and what I should check?
Unable to "accept" a HTTP protocol compliance failed violation that is of "HTTP Parser Attack type
While- I try to "accept" the HTTP protocol compliance violation for HTTP Parser attack type, I find the "accept" button greyed out and instead I getting the message "unlearnable request". How do I understand and allow these kind of requests, so that I can ensure that these requests are not blocked.
