Forum Discussion

Al_Faller_1969's avatar
Al_Faller_1969
Icon for Nimbostratus rankNimbostratus
Mar 16, 2011

Timeouts for LDAP with NPath Routing

Hi All,     I'm attempting to use NPath Routing for a pool of LDAP Servers. I've got it working great, except for an issue with what I'm assuming is an idle timeout. SOme of the LDAP clients (...
config
design
Hamish's avatar
Hamish
Icon for Cirrocumulus rankCirrocumulus
Mar 18, 2011
FWIW I used to run a quite large LDAP directory behind F5 LTM's. It isn't uncommon for apps to leave idle connections for many hours and then expect them to be up and running instantly still... 2 hours may be too short.

 

 

However there is a chance that either the client or the server will be specifying SO_KEEPALIVE on the sockets. If so, then setting the tcp keep interval to something reasonably short (Defined as about 2/3's of the minimum idle timeout value of all the devices in the solution) will mean that the IP stack itself will send keepalives (Basically it'll send ACK packets now and again so the endpoint, and any firewall/stateful devices in the path know the endpoints havent 'gone away').

 

 

H