Forum Discussion

Ajit's avatar
Ajit
Icon for Altostratus rankAltostratus
Mar 10, 2015

VIP not functioning on port 8083

I have a firewall sitting in our network before the F5 loadbalancer. We have natted a public IP to a private IP (137.x.x.x - 192.168.162.31). The private IP is then used on the F5 as a VIP address listening on the port 443.

 

The members of the pool that are assigned to this VIP are listening on port 8083. Member ip address is 10.13.x.x:8083

 

I have added client ssl profile to the VIP since its a HTTPS VIP. From the LB i can ping the member IP addresses and i can also telnet to the member IP on port 8083 from the LB.

 

The connection is not working for me ... When i telnet to the public IP on 443 it works ...

 

Can anyone suggest what the problem would be? Can you suggest me some tcpdump strings?

 

2 Replies

  • Hi Ajit,

    did you configure SNAT AutoMap for your virtual server? Asymmetric traffic flow is a typical reason for failing communication.

    A tcpdump to track incoming traffic including serverside traffic would look like this:

    tcpdump -nnni 0.0:nnnp -s 0 -e -c 1000 host 
    

    -nnn
    = no name/protocol resolution,
    -i 0.0
    = dump on the internal interface,
    :nnnp
    = dump the internal ethernet trailer data and peer traffic (serverside traffic),
    -s 0
    = dump full packet including the ethernet trailer data,
    -c 1000
    = limit the dump to 1.000 packets,
    host 
    = one of many possible filters,

    Thanks, Stephan