F5 Ltm V14.1 & Nginx Session Table Stuck Problem (even after poweroff both test vms sessions are still there)
I faced a problem with especially 14.1 and nginx 1.14.0-0ubuntu1.2 Test Setup I have is set accordingly; Vmware Workstation 15 (Lan segmentation choose and vlan setup on ubuntus and F5) F5 V14.1 Vm edition Flow is ; Client VLAN ------ F5 ----- Server VLAN Client vlan there is test vm ubuntu 18.04.2 and server vlan there is another test vm ubuntu 18.04.2 When I test sytem with serverside installed with nginx 1.14.0-0ubuntu1.2 and setted everything default test page. and set F5 with all default values as node, pool, vserver http vserver all works normally.But the big thing is F5 never closes connection session table whatsoever when backend is nginx 1.14.0-0ubuntu1.2 version when i purge nginx and install apache2 this behaviour never occurs. I dont know if its F5 connection handling or nginx out of standart approach on tcp stack. Apache benchmark tool i use enough to fill the session table entries easily since never expires (no conn limit on vserver all default) $ ab -n 5000 -c 50 http://20.0.0.10/ After this command finished i try to request the vserver ip again and always gives can not establish connection. When i try curl via locally inside F5 device vserver is working. But not over network. When i check session table in F5; These entries below all i see even the client and server machines are powered down. F5's session table is still with those and incrementing the timeout values even i set the timeout to 30 seconds. 20.0.0.200:50862 20.0.0.10:80 any6.any any6.any tcp 255 (tmm: 1) none none 20.0.0.200:60550 20.0.0.10:80 any6.any any6.any tcp 254 (tmm: 1) none none 20.0.0.200:44070 20.0.0.10:80 any6.any any6.any tcp 253 (tmm: 1) none none Last work i had done on 12.x i have no issue with nginx this version. There is something not right Between nginx and F5 need to check more. Please write if anyone face such issue as i doo. For fast solution i try to clear sessions since you can not delete them when tried. Only option to restart device or bigstart restart I dont know if its a known bug. Please guide me to url if its i could not able to find info regarding. Thanks
OneConnect, SSL Bridging and Apache2 server
Hi, I am using config as in subject. Everything works OK, Idle TCP connections are reused. Only problem is that Apache2 server is closing TCP connection with SSL session after 20s when no traffic is reaching server. That is not related to Keep-Alive settings on BIG-IP or Apache2 server, the same settings are used for HTTP traffic and all timeouts on BIG-IP or server are respected, idle connection is closed after 298s (Keep-Alive Timeout set on Apache2 server). Verified by trace - server is sending FIN-ACK to BIG-IP. So it seems that there is some SSL related timeout used by Apache2 - problem is I can't find any info how to change it - any help appreciated. Piotr