Forum Discussion
F5 LTM (VE) - KeepAlive even if real server close connection
Hello community!
I'm qualifying an LTM (VE) 11.2.0 for web loadbalancing, and trying to find a solution for this case:
Real web server force connection to close for each call to a very common ressource (because it's does not send Content-Length header, neither chunked, I cannot change this).
Is there a way to keep connection alive on the client side, and ask to the device to handle this case ? I also try to force the rechunk, but the connection is also closed. I can passthrough this issue but using http compression for example, but it is not what I'm looking for...
I will be happy if someone can help to find a solution for this case.
Thanks
- nitass
Employee
have you used oneconnect profile? - fabianlumy
Nimbostratus
Yes I'm using a OneConnect profile (I've also tried disabling OneConnect...)
- nitass
Employee
is connection forced to close by connection close http header from server? if so, doesn't oneconnect profile help?no oneconnect [root@ve10:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.79:80 ip protocol 6 profiles { http {} tcp {} } } [root@ve10:Active] config b pool foo list pool foo { members 200.200.200.101:80 {} } connection 1 is client-side (between client and bigip) and connection 2 is server-side (between bigip and server) [root@ve10:Active] config ssldump -Aed -nni 0.0 port 80 New TCP connection 1: 172.28.19.251(45893) <-> 172.28.19.79(80) 1346681560.3245 (0.0009) C>S --------------------------------------------------------------- HEAD / HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.19.79 Accept: */* --------------------------------------------------------------- New TCP connection 2: 200.200.200.10(45893) <-> 200.200.200.101(80) 1346681560.3265 (0.0009) C>S --------------------------------------------------------------- HEAD / HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.19.79 Accept: */* --------------------------------------------------------------- 1346681560.3275 (0.0010) S>C --------------------------------------------------------------- HTTP/1.1 200 OK Date: Mon, 03 Sep 2012 14:27:29 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Connection: close Content-Type: text/html; charset=UTF-8 --------------------------------------------------------------- 1346681560.3275 (0.0030) S>C --------------------------------------------------------------- HTTP/1.1 200 OK Date: Mon, 03 Sep 2012 14:27:29 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Connection: close Content-Type: text/html; charset=UTF-8 --------------------------------------------------------------- when no connection, FIN is sent from server (in server-side) to client (in client-side) 2 1346681560.3275 (0.0000) S>C TCP FIN 1 1346681560.3275 (0.0000) S>C TCP FIN 1 1346681560.3285 (0.0010) C>S TCP FIN 2 1346681560.3286 (0.0010) C>S TCP FIN
- nitass
Employee
with oneconnect [root@ve10:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.79:80 ip protocol 6 profiles { http {} oneconnect {} tcp {} } } [root@ve10:Active] config ssldump -Aed -nni 0.0 port 80 New TCP connection 1: 172.28.19.251(45894) <-> 172.28.19.79(80) 1346681818.7056 (0.0011) C>S --------------------------------------------------------------- HEAD / HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.19.79 Accept: */* --------------------------------------------------------------- New TCP connection 2: 200.200.200.10(45894) <-> 200.200.200.101(80) 1346681818.7067 (0.0010) C>S --------------------------------------------------------------- HEAD / HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.19.79 Accept: */* --------------------------------------------------------------- 1346681818.7075 (0.0007) S>C --------------------------------------------------------------- HTTP/1.1 200 OK Date: Mon, 03 Sep 2012 14:31:48 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Connection: close Content-Type: text/html; charset=UTF-8 --------------------------------------------------------------- 1346681818.7075 (0.0019) S>C --------------------------------------------------------------- HTTP/1.1 200 OK Date: Mon, 03 Sep 2012 14:31:48 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 X-Cnection: close Content-Type: text/html; charset=UTF-8 --------------------------------------------------------------- with oneconnect, fin in server-side is not sent to client-side 2 1346681818.7075 (0.0000) C>S TCP FIN 2 1346681818.7075 (0.0000) S>C TCP FIN 1 1346681818.7086 (0.0011) C>S TCP FIN 1 1346681818.7086 (0.0000) S>C TCP FIN
- fabianlumy
Nimbostratus
Here is my settings:root@(bigip1)(cfg-sync Standalone)(Active)(/Common)(tmos) show running-config ltm virtual ltm virtual MYVIRTUAL { destination 192.168.0.85:http ip-protocol tcp mask 255.255.255.255 pool MYPOOL1 profiles { http { } oneconnect { } tcp { } } snat automap source-port change translate-port disabled vlans-disabled } root@(bigip1)(cfg-sync Standalone)(Active)(/Common)(tmos) show running-config ltm pool ltm pool MYPOOL1 { allow-nat no members { SERV1:http { address 192.168.0.105 session monitor-enabled state up } } monitor http_xxxx }
[root@bigip1:Active:Standalone] config ssldump -Aed -nni 0.0 port 80 New TCP connection 1: 192.168.90.124(42062) <-> 192.168.0.85(80) 1346687504.8171 (0.1332) C>S --------------------------------------------------------------- GET / HTTP/1.1 User-Agent: curl/7.21.0 (i486-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.15 libssh2/1.2.6 Host: www.testdomain.com Accept: */* Connection: keep-alive --------------------------------------------------------------- New TCP connection 2: 192.168.0.83(6369) <-> 192.168.0.105(80) 1346687504.8183 (0.0011) C>S --------------------------------------------------------------- GET / HTTP/1.1 User-Agent: curl/7.21.0 (i486-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.15 libssh2/1.2.6 Host: www.testdomain.com Accept: */* Connection: keep-alive X-Forwarded-For: 192.168.90.124 --------------------------------------------------------------- 1346687504.8257 (0.0074) S>C --------------------------------------------------------------- HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 03 Sep 2012 15:51:45 GMT Server: Microsoft-IIS/6.0 Set-Cookie: CFID=26750906;expires=Wed, 03-Oct-2012 15:51:45 GMT;path=/ Set-Cookie: CFTOKEN=65834896;expires=Wed, 03-Oct-2012 15:51:45 GMT;path=/ location: /infos/index.cfm Content-Type: text/html; charset=UTF-8 --------------------------------------------------------------- 2 1346687504.8258 (0.0000) S>C TCP FIN 1346687504.8258 (0.0087) S>C --------------------------------------------------------------- HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 03 Sep 2012 15:51:45 GMT Server: Microsoft-IIS/6.0 Set-Cookie: CFID=26750906;expires=Wed, 03-Oct-2012 15:51:45 GMT;path=/ Set-Cookie: CFTOKEN=65834896;expires=Wed, 03-Oct-2012 15:51:45 GMT;path=/ location: /infos/index.cfm Content-Type: text/html; charset=UTF-8 --------------------------------------------------------------- 1 1346687504.8258 (0.0000) S>C TCP FIN 1 1346687504.9656 (0.1398) C>S TCP FIN 2 1346687504.9657 (0.1399) C>S TCP FIN
- nitass
Employee
it is redirection. - fabianlumy
Nimbostratus
Hello, yes it is a redirection on the same domain, so it should work... here is the trace of the request to the final ressource (I've blank the data)New TCP connection 1: 192.168.90.124(42960) <-> 192.168.0.85(80) 1346741943.2912 (0.0206) C>S --------------------------------------------------------------- GET /infos/index.cfm HTTP/1.1 User-Agent: curl/7.21.0 (i486-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.15 libssh2/1.2.6 Host: www.testdomain.com Accept: */* Connection: keep-alive --------------------------------------------------------------- New TCP connection 2: 192.168.0.83(39027) <-> 192.168.0.105(80) 1346741943.2925 (0.0012) C>S --------------------------------------------------------------- GET /infos/index.cfm HTTP/1.1 User-Agent: curl/7.21.0 (i486-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.15 libssh2/1.2.6 Host: www.testdomain.com Accept: */* Connection: keep-alive X-Forwarded-For: 192.168.90.124 --------------------------------------------------------------- 1346741943.3053 (0.0127) S>C --------------------------------------------------------------- HTTP/1.1 200 OK Connection: close Date: Tue, 04 Sep 2012 06:59:04 GMT Server: Microsoft-IIS/6.0 Set-Cookie: CFID=26760493;expires=Thu, 04-Oct-2012 06:59:04 GMT;path=/ Set-Cookie: CFTOKEN=85662049;expires=Thu, 04-Oct-2012 06:59:04 GMT;path=/ Content-Type: text/html; charset=UTF-8 --------------------------------------------------------------- 1346741943.3063 (0.0009) S>C --------------------------------------------------------------- [DATA] --------------------------------------------------------------- 1346741943.3063 (0.0150) S>C --------------------------------------------------------------- HTTP/1.1 200 OK Connection: close Date: Tue, 04 Sep 2012 06:59:04 GMT Server: Microsoft-IIS/6.0 Set-Cookie: CFID=26760493;expires=Thu, 04-Oct-2012 06:59:04 GMT;path=/ Set-Cookie: CFTOKEN=85662049;expires=Thu, 04-Oct-2012 06:59:04 GMT;path=/ Content-Type: text/html; charset=UTF-8 --------------------------------------------------------------- 1346741943.3063 (0.0000) S>C --------------------------------------------------------------- [DATA] --------------------------------------------------------------- 1346741943.3063 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3072 (0.0009) S>C --------------------------------------------------------------- [DATA] 1346741943.3072 (0.0008) S>C --------------------------------------------------------------- [DATA] 1346741943.3072 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3081 (0.0008) S>C --------------------------------------------------------------- [DATA] 1346741943.3081 (0.0008) S>C --------------------------------------------------------------- [DATA] 1346741943.3081 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3098 (0.0017) S>C --------------------------------------------------------------- [DATA] 1346741943.3098 (0.0017) S>C --------------------------------------------------------------- [DATA] 1346741943.3107 (0.0008) S>C --------------------------------------------------------------- [DATA] 1346741943.3116 (0.0008) S>C --------------------------------------------------------------- [DATA] 1346741943.3133 (0.0017) S>C --------------------------------------------------------------- [DATA] 1346741943.3150 (0.0016) S>C --------------------------------------------------------------- [DATA] 1346741943.3151 (0.0052) S>C --------------------------------------------------------------- [DATA] 1346741943.3151 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3151 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3151 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3151 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3151 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3151 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3151 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3151 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3160 (0.0010) S>C --------------------------------------------------------------- [DATA] 1346741943.3161 (0.0009) S>C --------------------------------------------------------------- [DATA] 1346741943.3161 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3170 (0.0009) S>C --------------------------------------------------------------- [DATA] 1346741943.3170 (0.0009) S>C --------------------------------------------------------------- [DATA] 1346741943.3170 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3187 (0.0017) S>C --------------------------------------------------------------- [DATA] 1346741943.3187 (0.0017) S>C --------------------------------------------------------------- [DATA] 1346741943.3187 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3196 (0.0008) S>C --------------------------------------------------------------- [DATA] 1346741943.3196 (0.0008) S>C --------------------------------------------------------------- [DATA] 1346741943.3196 (0.0000) S>C --------------------------------------------------------------- [DATA] 1346741943.3205 (0.0008) S>C --------------------------------------------------------------- [DATA] 2 1346741943.3205 (0.0000) S>C TCP FIN 1346741943.3205 (0.0009) S>C --------------------------------------------------------------- [DATA] 1 1346741943.3205 (0.0000) S>C TCP FIN 1 1346741943.3622 (0.0416) C>S TCP FIN 2 1346741943.3622 (0.0417) C>S TCP FIN
- nitass
Employee
can you list your virtual and http profile configuration again please? the one you have posted is truncated. - Thomas_Schocka1
Altocumulus
Hello Erlo, - fabianlumy
Nimbostratus
bigpipe does not work on my current version, so here is what tmsh command return:root@(bigip1)(cfg-sync Standalone)(Active)(/Common)(tmos) show running-config ltm virtual MYVIRTUAL ltm virtual MYVIRTUAL { destination 192.168.0.85:http ip-protocol tcp mask 255.255.255.255 pool MYPOOL1 profiles { http { } oneconnect { } tcp { } } snat automap source-port change vlans-disabled }
root@(bigip1)(cfg-sync Standalone)(Active)(/Common)(tmos) show running-config ltm profile http ltm profile http http { app-service none basic-auth-realm none encrypt-cookies none fallback-host none fallback-status-codes none header-erase none header-insert none insert-xforwarded-for enabled lws-separator none lws-width 80 max-header-count 64 max-header-size 32768 max-requests 0 oneconnect-transformations enabled pipelining enabled redirect-rewrite none request-chunking preserve response-chunking selective response-headers-permitted none security disabled via-request preserve via-response preserve }
root@(bigip1)(cfg-sync Standalone)(Active)(/Common)(tmos) show running-config ltm profile one-connect ltm profile one-connect oneconnect { app-service none idle-timeout-override disabled max-age 86400 max-reuse 1000 max-size 10000 source-mask any }
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com