Packet rejected remote IP proto TCP: Destination VIP disabled
Summary
The TM.ContinueMatching db variable affects how the BIG-IP system processes traffic when a higher precedence virtual server is disabled and a lower precedence virtual server is available.
Description
When the TM.ContinueMatching db variable is set to true, the BIG-IP system checks if another virtual server is available to handle a request if the higher precedence virtual server is disabled.
In the following example, the port-specific virtual server is disabled, which allows the system to use the wildcard virtual server 10.10.1.10:* to handle a client request to 10.10.1.10:80:
TM.ContinueMatching = true
Virtual Server: 10.10.1.10:80
Status: Disabled
Virtual Server: 10.10.1.10:*
Status: Up and Available
When the TM.ContinueMatching db variable is set to false, the BIG-IP system does not allow a lower precedence virtual server to handle a request when a higher precedence virtual server is disabled. Additionally, the BIG-IP system rejects the packet and log information, similar to the following example in the /var/log/ltm file:
01200006:4: Packet rejected remote IP 172.16.64.2 port 1687 local IP 10.10.1.10 port 80 proto TCP: Destination VIP disabled
By default, the TM.ContinueMatching db variable is set to false in BIG-IP 9.4.0 and later. Prior to BIG-IP 9.4.0, the TM.ContinueMatching db variable is set to true by default.
Recommendations
When configuring virtual servers that may overlap in IP addresses and/or ports, you should consider the following factors:
- If you do not want another matching virtual server to handle an incoming request that is destined for a disabled virtual server, you must set the TM.ContinueMatching db variable to false.
- If you want another matching virtual server to process an incoming request that is destined for a disabled virtual server, you must set the TM.ContinueMatching db variable to true.
You can change this behavior by modifying the TM.ContinueMatching db variable. To do so, perform the one of the following procedures, appropriate for your version:
BIG-IP 11.x
-
Log in to the Traffic Management Shell (tmsh) by typing the following command:
tmsh
Note: If you are currently logged in to the tmsh shell, you can skip this step.
-
Modify the TM.ContinueMatching db variable to either true or false by typing the following command:
modify /sys db tm.continuematching value [true|false]
-
Save the change by typing the following command:
save /sys config
BIG-IP 9.x through 10.x
- Log in to the command line.
-
Modify the TM.ContinueMatching db variable to either true or false by typing the following command:
bigpipe db TM.ContinueMatching [true|false]
-
Save the modifications by typing the following command:
bigpipe save all
Supplemental Information
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/10543606/viewspace-1066063/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- TCP/IP族TCP
- TCP/IP模型TCP模型
- TCP / IP AT命令TCP
- TCP/IP、UDP/IP協議TCPUDP協議
- Oracle RAC修改public, VIP, SCAN IPOracle
- 【TCP/IP】TCP詳解筆記TCP筆記
- Xshell 連線虛擬機器出現 "The remote SSH server rejected X11 forwarding request"虛擬機REMServerForward
- 淺談TCP/IPTCP
- TCP/IP 基礎TCP
- tcp/ip協議TCP協議
- TCP/IP 筆記TCP筆記
- OSI和TCP/IPTCP
- TCP/IP 和SocketTCP
- rac 新增第二public ip 和 vip
- Backup Exec Remote Agent for Windows Servers Service不能啟動,應用無法監聽到NDMP TCP/IP埠REMWindowsServerTCP
- 11g RAC 修改PUBLIC-IP、VIP、PRIV-IP、SCAN-IP
- 【TCP/IP】IP地址分類和特殊IP地址TCP
- TCP/IP協議族TCP協議
- TCP/IP 協議族TCP協議
- TCP/IP網路模型TCP模型
- TCP/IP卷二 mbufTCP
- tcp/ip 學習(一)TCP
- socket,TCP/IP的理解TCP
- 面試之TCP/IP面試TCP
- IP packet reassembles failed導致例項被驅逐AI
- 系列TCP/IP協議-TCP協議概述(011)TCP協議
- TCP/IP五層協議TCP協議
- TCP/IP 基本概念 (二)TCP
- 如何理解TCP/IP協議?TCP協議
- TCP/IP 基礎知識TCP
- 面試 — 網路 TCP/IP面試TCP
- socket與TCP/IP區別TCP
- 1.2.3_2 TCP/IP模型TCP模型
- 【TCP/IP】IP地址的劃分及其分類TCP
- Java中的TCP/IP協議和IP地址JavaTCP協議
- TCP/IP原始碼學習(23)——tcp_sendmsg(2)TCP原始碼
- TCP/IP五層模型-傳輸層-TCP協議TCP模型協議
- 系列TCP/IP協議-靜態IP選路(007)TCP協議
- 【TCP/IP】TCP伺服器併發處理&原始碼TCP伺服器原始碼