keep alive and tcp idle connections

Question

Hello,&nbsp;
in a cloud deployement, big ip is used as reverse proxy for websockets load balancing between clients and backend softwares.
data path is as follow: &nbsp;
client-------(TCP1)------------F5_LB_VS--------(TCP2)----------HAPROXY----(TCP3)-------Backend&nbsp;
we have implemented tcp keep Alive thanks to tcp client custom profile on LB. this keep-Alive permits to supervise client availability when TCP1 is ILDE. AS soon as, the client goes down, keep alives are no more acked by the client. F5 releases the TCP1 and TCP2 by sending TCP RST on both side (client and server). This is the behavior we want. 
but a drawback of that keep-alive is that TCP connections remains for a long time if the client never disconnects. this have an impact on the server where we may have many TCP connections hanging without any data traffic exchange. &nbsp;
what can we implement beside the keep alive in order to overcome this drawback?&nbsp;
does F5 support specific timers for websocket tunnel? or TCP timer still apply?&nbsp;
it seems that an TCP idle timout on client side (in profile) has no effect, probably because keep alive is probably considered as minimal traffic hence idle timout never expires. hence tcp idle session is still maintained.&nbsp;

johnbernardcheu · Answer

The HAPROXY makes things interesting but maybe you could test with OneConnect?  https://support.f5.com/csp/article/K7208&nbsp;

Forum Discussion

keep alive and tcp idle connections

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Troubeshooting website connection

Securely connecting Kubernetes Microservices with F5 Distributed Cloud

F5 Connection Mirroring question

DevCentral Connects hosts Capture the Flag!

AWS Transit Gateway Connect: GRE + BGP = ?