Forum Discussion

wsanders_233261's avatar
wsanders_233261
Icon for Nimbostratus rankNimbostratus
Apr 30, 2018

show sys conn shows a disconnected 0 sec old connection?

We have several thousand connections in this state:

 

104.156.87.40:55328 199.47.84.43:443 any6.any any6.any tcp 0 (slot/tmm: 1/1) none

 

The incoming connection is from the Fastly CDN not an end user.

 

What does this signify? A zero-sec old incoming connection that has no connection on the back end? The only scenario I can imagine is Fastly has keepalives set or has some kind of TCP handshake health check and our back end has hung up previously or already finished processing its REST call. We have the default wan-tcp profile set on the F5, so keepalive is on but the default interval is 30m, which effectively disables it since the idle-timeout is 300 sec.

 

Fastly is actually running their own tweaked version of varnish, so the usual varnish proxy behavior probably applies.

 

Anybody seen this?

 

No RepliesBe the first to reply