Forum Discussion
NimbostratusHow to kill tmsh stale session from f5 v11 LTM's
I got a problem with my lab F5 boxes were they ran out of memory , so while checking the possibility we found nearly 200 stale sessions which are stale for more than 5days.
I tried the commands which were referring to few similar issues , but had no luck, we know rebooting the F5 box will kill those sessions but rather than rebooting we will be pleased if we have any tmsh command to kill those stale sessions as a temp fix.
10 Replies
shaggyIf you mean connections, "tmsh delete sys connection ..." is the command you're looking for. It has quite a few options for choosing which connections you want to delete.
- GaneshMallaya_1
Well we have tried using that command but same result,no connections were deleted, here is a small snippet of the same when we gave "w" command
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT support pts/0 22:10 1:13 0.37s 0.28s tmsh support pts/1 22:11 0.00s 1.13s 0.00s w support pts/2 22:19 46:23 0.31s 0.30s tmsh support pts/4 22:20 46:06 0.28s 0.26s tmsh support pts/5 Wed18 5days 0.41s 0.38s tmsh support pts/14 Fri11 3days 0.31s 0.30s tmsh support pts/15 Fri11 3days 0.01s 0.01s -bash support pts/16 Fri11 3days 0.32s 0.29s tmsh
A
might kill them too. A bit faster than a reboot, but probably not what you're looking for."bigstart restart"/Patrik
- GaneshMallaya_1
We cannot keep executing this command everytime in production.
Could you please let us know how you identify the stale connections?
At first I thought you wanted to clear the connections between TMSH and TMM (which I would consider a bug) :). If you want to clear all connections you can run
like shaggy suggested.tmsh delete sys connectionPerhaps the services are re-establishing the connection after you close it?
/Patrik
- shaggy
Do you mean sessions that are logged in via SSH?
I've killed these in the past by doing "ps | grep ssh", and then identifying and killing the pids associated with the idle sessions.
You can enable tmsh and ssh idle times to prevent stale logins.
- GaneshMallaya_1
When we saw our boxes "ran out of memory", we checked with other boxes, we found many sessions opened from the same ip-address, ad idle for past days, we cannot reboot those boxes.
We have stopped the communication with F5 with that particular IP address, but really tmsh delete sys connection didnt help us.
- Please paste the exact log message you saw?
- shaggy
"tmsh delete sys connection" will not help you in this case - it is used to delete load balanced connections or connections to pool members.
run "ps | grep sshd | grep (user-name)" to get a list of all processes associated with the idle users.
That will list the pids associated with the logged in sessions, allowing you to use "kill (process-id)" to kill those processes
- GaneshMallaya_1
Hi Shaggy and Patrik Jonsson
We too are facing the same problem as one of the member had posted
https://devcentral.f5.com/questions/inactivity-timeout-for-tmsh-connection.
