HASH Carp Persistence

I've noticed something strange, active connections has increased around 35-40%, is this normal?, using this algorithm active connections have to be higher?

i do not think persistence relates to number of active connections.

I've noticed something strange, active connections has increased around 35-40%, is this normal?, using this algorithm active connections have to be higher?

i do not think persistence relates to number of active connections.

Two Questions Q1Can you use this iRule along with Hash persistance for SSL passthrough VIP. Q2.FRom what i understand CARP will have no time out value and will keep the session open as long as the client keeps the session open, Am i correct?

Q1 Can you use this iRule along with Hash persistance for SSL passthrough VIP.

if you persist on layer 4 data such as client ip, it should be okay.

Q2 FRom what i understand CARP will have no time out value and will keep the session open as long as the client keeps the session open, Am i correct?

i understand persistence tells what server bigip has to send traffic to. then connection entry will be created in connection table. persistence does nothing on the entry in the connection table.

Thanks Nitass,

"i understand persistence tells what server bigip has to send traffic to. then connection entry will be created in connection table. persistence does nothing on the entry in the connection table."

So will the connection time out after 5 mins if a default tcp profile is applied or will the connection continue to persist to the same server

So will the connection time out after 5 mins if a default tcp profile is applied or will the connection continue to persist to the same server

connection will be reset. anyway, if a new connection is coming and the persistence record is not timeout yet, it will be sent to the same server as long as it matches the persistence record.

• Protocol profile idle timeouts (if the Reset On Timeout setting is enabled)

The BIG-IP system tracks connection flows by adding an entry to the connection table. When the connection flow becomes idle, the BIG-IP system starts a timer and closes the connection with a TCP RST packet when the connection reaches the idle session timeout. The TCP RST packet is sent on the client and server side of the connection, and the source IP address of the reset is the relevant virtual server IP address.

sol9812: Overview of BIG-IP TCP RST behavior

WOW!!, Thanks for the quick turnaround , Nitass

So if RST on timeout is enabled, The connection will be reset and hence the session will be terminated. But if this setting is disabled, will the user face any impact, since a RST packet is not sent?

But if this setting is disabled, will the user face any impact, since a RST packet is not sent?

if reset on timeout is disabled, tcp reset won't be sent but connection entry is still removed from connection table. so, subsequent packet will be reset anyway (since no entry in connection table) unless loose initiation is enabled.

Enabling the Loose Initiation option allows the system to initialize a connection when it receives any TCP packet, rather than requiring a SYN packet for connection initiation.

sol7595: Overview of IP forwarding virtual servers

is loose initiation feature availabe on a standard tcp profile? and with regard to viprions i think fastl4 profile has a bug

http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14187

is loose initiation feature availabe on a standard tcp profile?

no, it is only available on fastl4 profile.