Why are the GTM monitor connections not establishing ?


You may observe the GTM being unable to successfully establish a TCP connection when initaing a monitor probe to a given destination. Spefically, the GTM will send the SYN, but you notice the destination not responding with the SYN-ACK.

There are 2 reasons that can cause this behaviour,

Time-Wait Mismatch

This occurs when the TIME_WAIT timeout value is different on both the GTM and the server, resulting in the server failing to respond to new connection attempts.

This means the server does not respond to any connection (that attempts from the GTM This means that the GTM reaps the connection first and then tries to estblish a new connection withonce the TCP connection goes into a TIME_WAIT state on the webserver the GTM will then remove this connection once the TIME_WAIT value has been reached. As the webserver still has the connection in a TIME_WAIT state, when the GTM issues a new connection request of using the same source port, the web server will fail to respond to the SYN.

Reference : http://blog.davidvassallo.me/2010/07/13/time_wait-and-port-reuse/

Source Port Reuse

In instances where you have multiple monitor destinations (i.e websites) behind a single (Non LTM/iQuery based) loadbalancer, due to the GTM is sending out connection requests to different IP addresses, and using the same source port. The backend server behind the loadbalancer will see additional connection requests from the GTM with the same source port and same source IP. If a connection is already estlishbed and the server sees an additional connection request it will be ingnored as the connection request will be from a source IP and source port for a connection that is already estlished within the TCP table.

To resolve this you can disable socket reused via the following command,

modify sys db bigd.reusesocket value disable save /sys config

Reference : http://support.f5.com/kb/en-us/solutions/public/13000/800/sol13820

Rick Donato

Want to become an F5 Loadbalancers expert?

Here is our hand-picked selection of the best courses you can find online:
F5 BIG-IP 101 Certification Exam – Complete Course
F5 BIG-IP 201 Certification Exam – Complete Course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial