Virtual server is frequently getting disconnected with ERR_CONNECTION_RESET on BIG-IP 11.5.1 , Please Help!!

Question

Hi ,&nbsp;
We have a JBOSS based enterprise application hosted on F5 BIG-IP 11.5.1 with HF10 VE.&nbsp;
we have 2 virtual servers (https based) configured with same ip on different ports 8888 &amp; 8089.&nbsp;
we are terminating the ssl connectivity on F5 LB using clientssl &amp; serverssl ( we are using self signed certs for test purpose). &nbsp;
when i access my application with  ,sometimes it is loading my login page but sometimes i am receiving connection reset. if i login to my big-ip UI and remove http profie or add http profile or sometimes simply click on update on my virtual server configuration,i am getting the connection again.&nbsp;
it will work for some time and again getting reset.&nbsp;
The same application use to work nicely with out any issues with BIG-IP 11.31 VE.since we need TLSV1.2 suport we moved to the newer version.  &nbsp;
I have tried several troubleshooting information available in devcentral but could not break through. Please help me in resolving this issue.
Thanks
Rakesh&nbsp;

josiah_39459 · Answer

Is anything logged in /var/log/ltm when you get the reset?  If you capture both front and back end, is the reset coming from the backend server or from the vip?

hannes_rapp · Answer

If you're out of ideas, you can try implementing a few changes I have listed below. The app is already broken and unavailable anyway, right :)?&nbsp;
Personally, I'd start by enforcing the use of TLSv1.0 (seen as SSLv3.1 in SSLdump utility) on the serverssl profile you use for this particular Virtual Server. I have seen a number of issues with incapable end-servers that do not respond/downgrade if SSL handshake's ClientHello from BigIP comes in with a version that is not supported. A SSL handshake problem on the serverside is one of the possible reasons for receiving a TCP/RST on the clientside.&nbsp;
Another idea. Since your issue is occuring sporadically, it could be that your problem is isolated to one of the end-server listener ports, and not both of them. Try disabling port TCP 8888 listener Pool Member(s), and see if the issue can be reproduced. Repeat vise-versa with the other Pool Pembers.&nbsp;
Just a few ideas on how to continue.&nbsp;
Good luck,&nbsp;

rakesh_reddy_ba · Answer

Thanks for the response,I have found that the issue was with the network related ,we are frequently losing connectivity in our Lab.

I configured the same in another network and everything working as expected.

Forum Discussion

Virtual server is frequently getting disconnected with ERR_CONNECTION_RESET on BIG-IP 11.5.1 , Please Help!!

3 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Site Launch Frequently Asked Questions

Frequently Asked Questions - F5 Access 2018

ICAP 204 Response Frequently Asked Questions

VE LTM Frequently Reporting Bandwidth Exceeding 75% of Licensed 1000 Mbps

Super-NetOps: Frequently Asked Questions