I have a requirement to have a long TCP idle timeout for 15,000 or so TCP ports across 20 or 30 destination subnets.
Ideally I'd create just those 20 or 30 Virtual Servers to match the subnets and just have ALL traffic to them have the long idle timers, but I'd like the granularity to be able to target the exact ports. If a Virtual Server could match a range of ports I'd be fine, but we can only match on a single port.
The way I see it, I'm going to need to create 15,000 ports X 30 Addresses = 450,000 virtual servers. Not exactly practical!
I've tried using the "virtual" command to match the specific connections and forwarding them onto another VIP with a longer idle timeout, but the timeout on the first virtual server takes precedence.
I just cannot think of a solution to this problem.
Anyone have any ideas?