Forum Discussion
boostmr2_11165
Nimbostratus
NimbostratusStrange FastL4 timeout
My network admins regularly connect to remedy servers on the internal VLAN from the external. The SSH session is pictured below:
(internal VLAN)
[Client]------SSH------[Access Switch]------------>-----------
| |
(external VLAN) | |
^ V
| |
| |
[BigIP LTM]---<----[Remedy Server]
Hopefully this is readable. The client begins an SSH session with the server, by sending a request to the access switch. The access switch has an address on both the internal and external vlans. the remedy server are on, that internal vlan (its an alternate entry point, cannot be changed). the connection hits the remedy servers, and the reply goes to the default gateway, which is the bigip device. bigip routes it back through the access switch bound for the client.
With bigip version 9.1.2, this SSh session will stay open for hours and hours, idle, which is the way our admins need it. Once I upgraded the bigip device to v9.4.1, all wildcard traffic (meaning non- virtual server traffic) seems to have a 5-6 minute timeout. F5 believes it is an issue with my fastL4 Loose profile I have created, but it inherits all defaults from fastl4, and also, its the SAME EXACT bigip.conf file that the v9.1.2 used. (i didn;t use a .ucs, I ftp'd the bigip.conf file).
Has anyone else seen this issue, or have a theory on why 9.1.2 keeps the sessions open and 9.4.1 closes them after a 5-6 minute idle, with the SAME config?
- This sounds like it could be due to the way that the PVA affects the Timeout handling in 9.4.1, for PVA assisted packets. If you check the release notes Click here you'll see that CR44256 deals with a mis-count issue revolving around this handling.
I'd recommend opening a ticket with technical support and describing this problem to them to see if perhaps this could be the cause of your problem, and if there is a known workaround.
HTH,
Colin
