Trouble with TCP::option set 28
- Jul 26, 2024
Thanks, I think we solved this around the same time. My first problem was that I was mistakenly enabling TCP options in my client TCP profile, but using the SERVER_CONNECTED event. When I enabled TCP options in the server event (by just configuring the virtual server to use the same profile for the server), I stopped getting the error.
Here is the profile config:
ltm profile tcp tcp_opt {
app-service none
tcp-options "{28 first}"
Reading https://clouddocs.f5.com/api/irules/SERVER_CONNECTED.html I found that, for a standard profile, I'd find the options set in the first packet after the TCP 3-way handshake, but if I had used a fastL4 VIP, I would see it in the first syn, as you did.
I also noticed that Wireshark interpreted option 28 as "user timeout", and also see the odd length of "6", but when I converted the 6 hex numbers, I got "28" (the option number), "6" (the size), "192" (first octet of true source IP address), "168" (second octet), third octet, and fourth octet. It worked.