Forum Discussion
NimbostratusDelete sys connection
Hello, For deleting client connection we use command:
tmsh delete sys connection cs-client-addr $IP
For our point of view this command works very slow, about 1-3 sec per command.
We need delete more count of connections , approximly 50-100 connection/sec. How we can this do more fast ? Maybe are there another way for done this job?
Thanks.
In order to answer this question, a bit more information is needed. What are these connections are why do they need to be deleted - especially at such a high volume (50-100 per second)? Are they idle for long periods? Are they suspicious traffic? Something else entirely?
There are many settings you can use at both the global and virtual server context to control how the BIG-IP system automatically reaps connections from the connection table. But without understanding why you want to delete all these connections, it may be difficult to provide a meaningful alternative.
tevzadze_208045Task is following :
Hardware: BIG-IP VPR-C2400 Build: BIG-IP v11.6.1 (Build 2.107.338) License: CGN
We use this device for CGNAT , after subscriber disconnected we need delete immediately all its connections from connection table and also from PBA, because we have some suspicious traffic after subscriber disconnect.
First off all i try do this with with magic iRules and tmsh, based on received Radius Account-disconnect meessages from NAS. 50-100 msg/sec are number discoonect messages in realtime received from NAS.
I try also play with timeouts of Virtual Server , TCP/UDP/FastL4 profile , PBA - unfortunately without results, some subscriber session stay alive until not closed from server side , often this is udp traffic.
If there are some other way please tell me.
Thanks.
