Forum Discussion

ichalis_37981's avatar
ichalis_37981
Historic F5 Account
Nov 12, 2012

How to close a FastL4 connection

Hi all,

 

Currently trying to optimise a heavily loaded Bigip. We have a FASTL4 VIP with an iRule running that, in some cases disallows traffic by dropping it (using "drop" command).

 

We then notice that the connection stays open for the rest of the inactivity timeout on the profile. Is there a way to force this connection (and associated resourcs) to be deleted? It would be nice to have a "tcp::close" for the fastl4 profile..

 

 

Cheers.

 

 

2 Replies

  • Have you tried the reject command instead? I've no way of testing right now but I'd imagine it closes the connection which drop won't as by definition you're not informing the client that you are not accepting the traffic/connection.

     

  • drop will just remove the connection table entry on LTM. The client or server would need to send another packet to get a reset and remove their connection. As Steve suggested, if you want to instruct the client and/or server to close the connection, you can use reject to send a TCP reset.

     

     

    Aaron