Random TCP Resets from F5
Good day all, I am researching an intermittent and random issue where our F5 WAFs respond to customers with the following: "An error occurred while sending the request.::Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..::An existing connection was forcibly closed by the remote host." I collected PCAPs and examined the traffic and it leads back to the WAFs sending the reset. I've searched this issue with A.I. assistance and it suggested adjusting/increasing the client ssl profile "handshake timeout" value from 10 seconds (default) to possibly 20 and 30 seconds, depending on traffic load. Is this a legitimate suggestion and potential resolution? Has anyone modified their "handshake timeout" setting from default? I appreciate your time and energy and look forward to your thoughts and suggestions. Thanks!
SERVER_CONNECTED and reject - how affects clientside
Hi, From my test when I use reject in SERVER_CONNECTED event then following sequence of events is triggered (hope that logging indicates order of events): LB_FAILED CLIENT_CLOSED SERVER_CLOSED I have HTTP::respond in LB_FAILED but it's not executed. What is the reason? In LB_FAILED clientside connection should be still open so iRule should be able to send response - but looks like it is not the case. Is reject in SERVER_CONNECTED somehow removing/disabling clientside TCP connection? If it is so is there any way to send HTTP response instead of TCP connection reset sequence? Piotr
