NimbostratusConnections building up with TCP keepalive enabled
Howdy,
We recently enabeld tcp keepalives to allow some heavy backend processing not causing a timeout on some client connections. This seemed to work just fine, but we've since noticed that since setting the keepalive value from 1800 seconds to 290 seconds (idle timeout still at default 300s) we have a huge number of connections seem to build up on the system. Over the course of a fortnight we found that we had 10,000 connections on an LTM in one DC with the keepalives on, and just a couple of hundred on an LTM without them enabeld. As such, GTM was only using one DC. Over this time, there'd have been ooh a few million connections, so I'm speculating the conenctions still showing up are maybe 0.1% of connections that have come in over that time.
Now, I didn't get involved until after these connections were reaped by changing the TCP profile back again, so I've very very little to go on here. But presuming this wasn't some deliberate attack or such, could anyone speculate what could've been going on? I'm initially thinking that these connections went AWOL for some reason so never closed correctly and now never will? Maybe our firewall could be messing with the keepalive?
Any guesses, or actual knowledge, apprecaited!
Chris
