Packet loss on Floating IP only???

Question

Hi f5 community,&nbsp;
I had a very strange situation today with one of our customers.
Our customer is running an BIGIP-1600 Active/Standby LTM HA setup with MAC masquerading enabled.&nbsp;
This morning the customer reported a service outage of his Exchange 2013 infrastructure running via the mentioned BIGIP-1600 LTM system (created with Exchange 2013 iAPP). After some investigation we found out that we had around 25% PING packet loss when pinging the Floating-IP, but ONLY the Floating IP, all other IP's (Self or VIP) had no PING packet losses! So it was unlikely to have NIC hardware issue on the BIG-IP systems.&nbsp;
As I mentioned already on this system we have had MAC Masquerade enabled, and this configuration is running fine for more than one year.&nbsp;
Trying to solve the issue we rebooted both HA members several times. Also we did multiple failover between the two members. But without any success...:-(&nbsp;
At the end, the only solution was to disable/enable all TMM interfaces on both HA members in parallel.
After that, we haven't had any PING losses at all and the Exchange Services (OA, OWA, ActiveSync, etc.) were running like a charm.&nbsp;
Could it be that the customers 6500 Switch (VSS-Mode) have some problems when learning the same MAC on multiple VLAN's on different ports during Failover? Does any body know about a known bug/issue pointing in that direction when using the VSS technology in combination with F5 BIGIP?&nbsp;
Thanks for any kind of advice
Regards
Thrillseeker&nbsp;

stanislas_piro2 · Answer

Hi,&nbsp;
are you sure it is not a IP address conflict?&nbsp;

patrik_jonsson · Answer

If there is one you could see some entries in /var/log/ltm.&nbsp;
/Patrik&nbsp;

thrillseeker_12 · Answer

I checked /var/log/ltm and /var/log/messages as well but no indication for an ip-address conflict. By the way this customer is using v11.6 HF4.&nbsp;
anybody else?
Thanks
Thrillseeker&nbsp;

patrik_jonsson · Answer

I think now we've entered the long shots domain, and I'd advise you to contact F5 support.&nbsp;
That said:&nbsp;
What did the switch forwarding tables say?Have you tried going back to GARP? Did you run a tcpdump (on both the F5's and the sending device on the external VLAN?)Did you have PL on all interfaces?
If you find the issue, please update this thread. :)&nbsp;
/Patrik&nbsp;

thrillseeker_12 · Answer

Hi all,&nbsp;
Just for your info.
We recently disabled MAC-Masquerading and went back to default GARP.&nbsp;
No ping losses anymore =&gt; problem solved! ;-)
So I assume that there is an Issue with VSS Cisco and Cisco's CEF Feature when using F5 MAC-Masquerading.
The VSS-Cluster has an uptime of over 3 years...;-) Looks like a VSS Bug.
The network team will analyze the issue in more detail.&nbsp;
Thanks a gain for your answers
Regards
thrillseeker&nbsp;

Forum Discussion

Packet loss on Floating IP only???

6 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Automating Packet Captures on BIG-IP

F5 packet buffer

iRules Heat Map - US Only

Enabling DNSSEC for 1 record only

Packet Tracing in BIG-IP AFM