address MAC

Question

two F5 connected with palo alto,the address of F5 active is  X.Y.5.2 and the Standby f5 is X.Y.5.3 and the floating adresse is X.Y.5.1. when i do wireshark i have this information:&nbsp;
in the receive phase capture on FW DNS query i have:
Ethernet II, Src: F5 network_(x:y:z:46:a6:04) Dst:palo alto_ (x:y:z:00:0d:30)
Internet protocole version4, Src: X.Y.5.3, Dst:X.Y.194.21&nbsp;
in the transmit phase capture on FW -DNS query response:
Ethernet II, Src: Dst:palo alto_ (x:y:z:00:0d:30) Dst:F5 network_(x:y:z:46:a5:84)
Internet protocole version 4, Src:X.Y.194.21, Dst:X.Y.5.3,&nbsp;
the probleme is in src F5 and the dst F5 haven't the same adresse MAC??&nbsp;

rafaelbn · Answer

Hello amine31!&nbsp;
Can you attach the capture or post a screenshot of it?&nbsp;
You could have MAC Masquerade enabled too...&nbsp;
Cheers! Rafael&nbsp;

amine31_382319 · Answer

&nbsp;
hello rafealbn &nbsp;

rafaelbn · Answer

Hello amine31!&nbsp;
I'm sorry, but it seems to me that you're looking at two different flows. On the upper part of the capture, I can see that frame 34 is the query and just below it, on frame 35 is the response to that same query.&nbsp;
On the other part, you're showing frame 11 and it's response is right below on frame 12.&nbsp;
Is this correct?&nbsp;
Cheers! Rafael&nbsp;

amine31_382319 · Answer

hi rafabln &nbsp;
the first is receive phase capture on  FW DNS QUERY AND THE SECOND IS TRANSMIT PHASE IS NOT THE SAME, NORMALY THE FLOW pass by THE SAME EQUIPEMENT ACTIVE f5 who have @mac 05:84 but when he receive pass through F5 standby who has @ mac a6:04&nbsp;

rafaelbn · Answer

Sorry amine31. I'm having a hard time understanding what you're trying to explain. &nbsp;
Is this a virtual server? A GTM listener? Can you share the configuration of the VS or listener?&nbsp;
Cheers! Rafael&nbsp;

Forum Discussion

address MAC

6 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

MAC address assignment in F5

CSV to Address External Datagroup File

Decoding the IPv4 address from the persistence cookie

SNAT IP address logging

Destination address at F5