Forum Discussion

Gustavo_Jardim_'s avatar
Icon for Altocumulus rankAltocumulus
Sep 12, 2018

Remover APM Session after send response for user



I have a webservice published with F5 BigIp 13.1.1 and this webservice needs a authentication and SSO. I use de APM to valid the username, password and make de SSO Credential Mapping. This webservice has 2000 resquests por minute, and it makes 2000 new sessions por minute. My Bigip is the i7600 and I have only 40000 sessions. I make an iRule for close session in APM after the bigip send the response for user, because of it I have active session in bigip only the current connections.


when HTTP_RESPONSE { ACCESS::session remove }


My problem is: this iRule works when i have 1 request per time, but when i have 10 resquest in parallel this iRule close the wrong session (I don't know if it is right, I only receive TCP Reset in my client in another session). In TCP Dump I see the BigIp reset connection because "Session killed by session DB".


How can I do it without close the wrong session?


  • I found the solution I needed add the HTTP Header "Connection: Close" during response of F5 to client.


    When the F5 close APM session without "Connection: Close" in HTTP Header, the client will use the TCP Connection for another APM session and the F5 will close the TCP Connection when delete the first APM session.


    It is the explanation for I have error when I have load, the client open another APM session using a same TCP Connection.


    The best iRule that I make for this example is:


    when HTTP_RESPONSE_RELEASE { HTTP::header insert "Connection" "Close" ACCESS::session remove }


    Thanks all.


15 Replies