Regarding load bal resetting connection ....

Question

Hi, 
&nbsp;   I am having weird issue wrt F5 LTM settings. 
&nbsp;   I have F5 set up as SSL terminator, and there 2 Apaches behind virtual server configured on F5. Apache's are running on port 80. 
&nbsp;  
&nbsp;   Now, SSL is working well, and I could browse around the application in the browser on HTTPS. 
&nbsp;   But, at one point, application launches a popup, i.e. nothing but certain module of same app. The issue is, this popup shows correct data as long as data is coming from same server. If server for some reason returns 302, this popup shows a screen with message connection reset by server. 
&nbsp;   In Apache log, I do see 302 being sent in response. I added irule in LTM to see if load bal receives it or not, and surprisingly load bal did not receive this 302. 
&nbsp;  
&nbsp;   I am perplexed with this behavior as why this happens on 302s, and overall logic behind connection reset, and missing 302 from LTM logs. 
&nbsp;  
&nbsp;   I came across something called SNAT config, but not sure if that is right way to go as am at loss in coming up with logic for current behavior. Any help would be greatly appreciated. 
&nbsp;  
&nbsp; Regards, 
&nbsp; Dhananjay.

hooleylist · Answer

Hi Dhananjay, 
&nbsp;  
&nbsp; If Apache is sending a 302 response to the LTM but you don't see the response being parsed on LTM, I'd suggest capturing tcpdumps on the web server and each VLAN that the traffic passes the LTM through.  You can use syntax like: 
&nbsp;  
&nbsp; tcpdump -i 0.0 -s 0 -w /var/tmp/ltm.1.dmp host CLIENT_IP or host SERVER_IP 
&nbsp;  
&nbsp; If you need help capturing or analysing the tcpdump, you can open a case with F5 Support. 
&nbsp;  
&nbsp; Aaron

dj_22414 · Answer

Hi Aron, 
&nbsp; Thanks for the prompt response. 
&nbsp; I will certainly try this. There are no extra hops in between to swallow 302. 
&nbsp; But, could be the case that LTM is resetting connection for whatever reason, and also forgoing 302 from Apache. 
&nbsp; Is there need to have SNAT configured? 
&nbsp; Regards, 
&nbsp; Dhananjay.

hooleylist · Answer

If you get any response via the VIP to the Apache web server the routing should be fine.  tcpdumps should give you enough information to continue troubleshooting the issue. 
&nbsp;  
&nbsp; Aaron

dj_22414 · Answer

Hi Aaron, 
&nbsp;  
&nbsp;    Noticed a weird thing in tcpdump. 
&nbsp;  
&nbsp;    Followed by 302 form Apache, there is ACK. 
&nbsp;    But, there are 2 consecutive RSTs sent. It means that load bal closed the connection unexpectedly ...  
&nbsp;       
&nbsp;  
&nbsp;   is this correct interpretation, and any clues on what could be going on here? 
&nbsp;  
&nbsp; Regards, 
&nbsp; Dhananjay.

Forum Discussion

Regarding load bal resetting connection ....

4 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

After applied ASM Policy to Virtual Server, connections will reset with Internal error in log

Query Regarding extramb

BIGIP resets connecion

query regarding connection issues to a particular node in a pool

Question & Answer: Regarding CVE-2020-5902