Virtual server using a TCP profile with a high idle timeout for F5

Vendor

F5

Description

Having very long TCP idle timeouts for virtual servers could make the load balancer keep too many connections open, which in turn could potentially cause memory exhaustion. Indeni will alert when the idle timeout appears too high.

Remediation Steps

Investigate why the high idle timeout is being used and lower it if possible.

How does this work?

This alert logs into the F5 through SSH and retrieves a list of tcp profiles and virtual servers and finds if any tcp profiles with long timeouts has been used.

Why is this important?

This alert logs into the F5 through SSH and retrieves a list of tcp profiles and virtual servers and finds if any tcp profiles with long timeouts has been used.

Without Indeni how would you find this?

Log into the device through SSH. Enter TMSH and issue the command "list ltm profile tcp idle-timeout;list ltm virtual profiles". Look through each tcp profile definition for the use idle timeouts equal to, or over 1800 seconds and then match that to the profile use of each virtual server.


View Source Code