Forum Discussion

Mohammed_M_Irfa's avatar
Mohammed_M_Irfa
Icon for Nimbostratus rankNimbostratus
Nov 21, 2018

Issue: Traffic is not forward to real servers

Hi,

I have F5 VE, iOS 13.1v, interface 1.1 is used only for data traffic.

Two vlans created and tagged with interface 1.1, both vlans are on different RD.

Virtual Configuration:

Standard type for HTTPS traffic
SNAT enabled
Pool is associated, Pool member listen on custom port 8000
Source persistence is applied
Default route is configured to reached backend servers
Address and port Translation is enabled

Problem:

No https traffic forwarded to backed servers.
Pcap captured to analyse the issue.
TCP and SSL handshake is successful.
immediate of SSL handshake next packed is Reset in wireshark.
In wireshark, **F5RST: No route to host**

Troubleshoot:

Ping is successful to backend servers but while tracepath it is reached to backend server via mgmt gateway.
VS, Self-IP and Floating-IP of Vlan X and Backend Servers of Vlan Y.
To reached Backend Server route is configured as default route via gateway of Vlan X.
In tracepath it take from Management.

Can any one help to resolve this issue!!

Thanks!

Mohammed

1 Reply

  • "both vlans are on different RD." This sounds like the problem - traffic can't cross into different route domains.

     

    You can do one of two things - set the source RD to have Strict Isolation disabled, or put the servers into a separate RD and have it as the parent of the source RD.