Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Idle Timeout not reflecting when Changed from Default 300 secs.

Subrun
Cirrostratus
Cirrostratus

‎22-Jun-2023 13:10

I changed Idle Timeout form 300 secs to a bigger value mainly followed below steps , but when traffic is following through F5 , user is seeing timeout in around 5 mins when they check directly from Pool member it is more than 5 mins. 

What wrong I am doing  ? How can I validate this ?

https://my.f5.com/manage/s/article/K7166

Creating a new protocol profile that uses a different timeout value

  1. Log in to the Configuration utility.
  2. Navigate to Local Traffic > Profiles.
  3. Click the Protocol tab.
  4. Click the relevant protocol profile. For example, FastL4.
  5. Click Create.
  6. Type a name for the new profile.
  7. For Parent Profile click the parent profile you want to use.
  8. For Idle Timeout, select the Custom check box.
  9. Type the new Idle Timeout value, in seconds.
  10. Click Finished.
  11. Navigate to Local Traffic > Virtual Servers.
  12. Click the virtual server to modify.
  13. For Configuration, click Advanced.

    Note: For BIG-IP 11.5.0 and later versions, clicking Advanced is no longer necessary.

  14. In the Protocol Profile (Client) box, click the new profile you created.
  15. Click Update.

    The virtual server now uses the new idle timeout setting.

     

     

  16.  

Labels:
0 Kudos
4 REPLIES 4

whisperer
Cumulonimbus
Cumulonimbus

‎22-Jun-2023 13:28

You may want to review the following article:

https://my.f5.com/manage/s/article/K13004262

Also, note that many times firewalls will also have a default 300s timeout. So also make sure any other network device in the path has been amended in terms of its timeout config.

 

Subrun
Cirrostratus
Cirrostratus
In response to whisperer

‎22-Jun-2023 14:42

@whisperer 

My Keep Alive Interval - is higher than Idle Timeout , since idle time out should trigger before

0 Kudos

JRahm
Community Manager
Community Manager
In response to Subrun

‎22-Jun-2023 15:02

Hi @Subrun if you take a verbose tcpdump capture w/ the F5 flags enabled, you'll be able to see the reset reason on the packets in the capture, if it is the big-ip that is resetting it and not an upstream devices that has shorter timers.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
https://twitter.com/jasonrahm
https://www.youtube.com/devcentral

whisperer
Cumulonimbus
Cumulonimbus
In response to Subrun

‎24-Jun-2023 11:14

My understanding is that keep alive should be shorter. So if the client in indeed still connected, a response to keep alive extends the amount of time remaining until idle timeout.

If an application is enterprise grade and developed by a 3rd party, they usually have guidance for integration with app delivery controllers like F5. They should be able to provide guidance on what values to set on the Virtual Server config for the app.

0 Kudos
Copyright © 2023 Khoros, LLC