I have a standard VS profile that is an LB for a pool of workers inside a Kubernetes ingress point.
SSL terminations happen in K8S so this VS literally just listens on 443 and round robins to a pool of 5 workers.
Test connections to a minio server inside K8S work fine from one source test Mikrotik but not the other. Both MTKs sit in the same test datacenter and follow the exact path across the WAN to the VS. The only difference between the two is that the failing (connection timing out) test modem sits behind a device that artificially adds latency to the connection to simulate satellite connectivity.
TCP dumps on workers and F5 show the F5 is issuing TCP resets to this source host.
I'm not familiar enough with F5s to know exactly what needs to be tweaked to make this VS more tolerant to high latency connections. No http profile applied to this VS.
Any help would be appreciated.
No comments:
Post a Comment