I have F5 VE, iOS 13.1v, interface 1.1 is used only for data traffic.
Two vlans created and tagged with interface 1.1, both vlans are on different RD.
Standard type for HTTPS traffic
Pool is associated, Pool member listen on custom port 8000
Source persistence is applied
Default route is configured to reached backend servers
Address and port Translation is enabled
No https traffic forwarded to backed servers.
Pcap captured to analyse the issue.
TCP and SSL handshake is successful.
immediate of SSL handshake next packed is Reset in wireshark.
In wireshark, **F5RST: No route to host**
Ping is successful to backend servers but while tracepath it is reached to backend server via mgmt gateway.
VS, Self-IP and Floating-IP of Vlan X and Backend Servers of Vlan Y.
To reached Backend Server route is configured as default route via gateway of Vlan X.
In tracepath it take from Management.
Can any one help to resolve this issue!!
"both vlans are on different RD." This sounds like the problem - traffic can't cross into different route domains.
You can do one of two things - set the source RD to have Strict Isolation disabled, or put the servers into a separate RD and have it as the parent of the source RD.
No, F5 has only one VLAN X and Self-IP, Floating-IP is of same VLAN-X.
Backend Servers are in different VLAN-Y, their is no Self or floating IPs configured in f5.
To reach Backend servers, we have routing. which is default route.
It reach the backend servers but via management network (Control Plane).
Where find an issue, after adding default route gateway of VLAN-X