How F5 handle session ?

Question

&nbsp;
hi all&nbsp;
i'm new F5 , i'm facing with concurrent session and how f5 handle session .&nbsp;
my diagram network : server farm--------FW--------F5--------internet&nbsp;
(Fw and F5 run mode route)&nbsp;
on F5 , i had config virtual server for access services from internet come server farm , and after time then concurrent session on FW grow&nbsp;
this is one of many virtual server on F5:&nbsp;
admin@wip(Active)(/Common)(tmos) show running-config ltm virtual Web_VNPT&nbsp;
ltm virtual Web_VNPT {&nbsp;
destination 222.x.y.z:http&nbsp;
ip-protocol tcp&nbsp;
mask 255.255.255.255&nbsp;
pool Server_10.0.115.10_80&nbsp;
profiles {&nbsp;
tcp { }&nbsp;
}&nbsp;
vlans {&nbsp;
internet-vdc&nbsp;
}&nbsp;
vlans-enabled&nbsp;
}&nbsp;
how to F5 handle session ? pls help me&nbsp;
thanks all&nbsp;
 &nbsp;

what_lies_bene1 · Answer

Hung, sorry but I'm not sure I understand the question. Could you re-phrase it please?

hung_105573 · Answer

hi&nbsp;
My mean is how the f5 process session access from internet come server inside ? when the session time out then F5 delete this session ?&nbsp;
at the moment  when it work about time then concurrent session on FireWall behind F5 grow hight . It make slow system network .&nbsp;
pls help me&nbsp;
thank all&nbsp;
 &nbsp;

what_lies_bene1 · Answer

Ahhh, OK, I think I get you now, thanks. So, you have an issue with the server side connections remaining idle for too long? 
&nbsp;  
&nbsp; So, the idle timeout is controlled by the TCP profile assigned to the Virtual Server. The default value is 300s/5mins which is fine in most cases. I'd suggest you create a custom profile with a lower timeout and assign it to the VS server-side only.  
&nbsp;  
&nbsp; Enabling the OneConnect feature should also help to reduce the number of server-side connections as it will re-use them.

hung_105573 · Answer

Hi&nbsp;
My F5 have many the virtual server , would you like tell me how to set onceConnect profile for all virtual server ? and if set then anything effect to system is working ?&nbsp;
 &nbsp;
many thanks&nbsp;
 &nbsp;

what_lies_bene1 · Answer

OK, I'd suggest you read up on the OneConnect profile settings here: http://support.f5.com/kb/en-us/solutions/public/7000/200/sol7208.html?sr=26923901. Create a custom OneConnect profile and apply it to each HTTP Virtual Server as required, default settings will probably be OK. I'd suggest you test first of course. 
&nbsp;  
&nbsp; There is of course always a bit of RAM and CPU overhead but hopefully this will be minimal, if you can even spot it.

Forum Discussion

How F5 handle session ?

5 Replies

Recent Discussions

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Intermediate iRules: Handling Strings

Handle False Positive for files upload

Intermediate iRules: Handling Lists

Handling HTTP Requests on an HTTPS Virtual Server

iRules LX Sideband Connection - Handling timeouts