Forum Discussion
ltp_55848
Jul 01, 2011Nimbostratus
Hi Bhattman,
I've reread through the PBR documentation but don't understand your test configuration above; this would deny requests directly to the nodes from the 10.4.0.0/16 network, correct? (I've probably grossly misunderstood it).
I want to allow connections from the 10.4.0.0/16 network to the nodes (for monitoring and testing purposes) and from what I can see, return traffic is hitting the F5's. Below is a sanitised capture of return traffic from a direct request form a 10.4.0.0/16 client to the node:
11:48:20.427729 IP test.test.com.http > 10-X-X-X.test.com.38557: S 1328028531:1328028531(0) ack 2177636694 win 5792
Unfortunately, after hitting the F5's the traffic seems to be dropped either by the F5's or lost in the ether. The statistics of the wildcard forwarding virtual server shows the incoming traffic counters incrementing but does not register an equivalent outgoing flow.