DNS Query - reply from unexpected source
Hi Guys,
I'm new to F5, and something annoy me i can't find why it happen.
My topology:
Network (Public IP - Pretend its 100.100.100.0/24) --> Switch Stack --> LAG --> Viprion LTM --> Cisco CRS --> WWW
I have Viprion 4800 and for now i just wanna allow traffic to go outside, here are my questions :
1. I've added virtual-server with 0.0.0.0/0.0.0.0 as Forwarding (IP) to allow the LAN to have connectivity.
but unless i open virtual server back inside (100.100.100.0/255.255.255.0) i have no connectivity. Isn't it statefull ?
2. After i open the rule I talked about in (1). i have this message when i try simple resolving from server behind the F5.
[ip@qa-env ~]$ host google.com 8.8.4.4
;; reply from unexpected source: 8.8.4.425965, expected 8.8.4.453
tcpdump show this
22:45:39.033309 IP 100.100.100.40.39945 > 8.8.4.4.53: 8917+ A? google.com. (27)
22:45:39.033315 IP 100.100.100.40.39945 > 8.8.4.4.53: 8917+ A? google.com. (27)
22:45:39.123868 IP 8.8.4.4.53 > 100.100.100.40.39945: 8917 1/0/0 A 173.194.41.69 (43)
22:45:39.123884 IP 8.8.4.4.25965 > 100.100.100.40.39945: UDP, length 43
So the packets goes all good until the return packet back to the F5 and then he alter the port!
What am i missing ?
*remember, i have public ip on the server. i just changed it to 100.100.100.40 for the example.
my Virtuals
ltm virtual MNG_ALLOW_ALL_OUT {
description "Management Rule - Allow All Traffic Outside"
destination 0.0.0.0:any
ip-forward
mask any
profiles {
fastL4 { }
}
translate-address disabled
translate-port disabled
vlans {
DNS_LAN
LDAP_LAN
RADIUS_LAN
}
vlans-enabled
}
ltm virtual MNG_QA_ENV_IN {
description "Management Rule - Allow Radius traffic in"
destination 100.100.100.0:any
ip-forward
mask 255.255.255.0
profiles {
fastL4 { }
}
translate-address disabled
translate-port disabled
vlans {
CRS1.WAN
CRS2.WAN
}
vlans-enabled
}