Exam 301b All QuestionsBrowse all questions from this exam
Go to Exam
Question 139

-- Exhibit

-- Exhibit --

Refer to the exhibit.

Users receive an error when attempting to connect to the website https://website.com. The website has a DNS record of 195.56.67.90. The upstream ISP has confirmed that there is nothing wrong with the routing between the user and the LTM device.

The following tcpdump outputs have been captured:

External Vlan, filtered on IP 168.210.232.5

00:25:07.598519 IP 168.210.232.5.33159 > 195.56.67.90.https: S 1920647964:1920647964(0) win 8192

00:25:07.598537 IP 195.56.67.90.https > 168.210.232.5.33159: S 2690691360:2690691360(0) ack 1920647965 win 4350

00:25:07.598851 IP 168.210.232.5.33160 > 195.56.67.90.https: S 2763858764:2763858764(0) win 8192

00:25:07.598858 IP 195.56.67.90.https > 168.210.232.5.33160: S 1905576176:1905576176(0) ack 2763858765 win 4350

Internal Vlan, filtered on IP 168.210.232.5

00:31:46.171124 IP 168.210.232.5.33202 > 192.168.100.20.http: S 2389057240:2389057240(0) win 4380

What is the problem?

    Correct Answer: D

    The problem appears to be with the firewall dropping the connection coming from the pool members when it is returned to the client. This conclusion is drawn from the tcpdump outputs that show communication between the remote client and the F5 device’s external interface, as well as the internal communication between the F5 device and the pool members. All the TCP handshakes appear normal, so it suggests that responses from the pool members might be getting blocked by the firewall when trying to exit back to the client.

Discussion
GVKDOption: D

D - Correct