Forum Discussion

GaneshMallaya_1's avatar
GaneshMallaya_1
Icon for Nimbostratus rankNimbostratus
Oct 06, 2014

How to kill tmsh stale session from f5 v11 LTM's

I got a problem with my lab F5 boxes were they ran out of memory , so while checking the possibility we found nearly 200 stale sessions which are stale for more than 5days.

 

I tried the commands which were referring to few similar issues , but had no luck, we know rebooting the F5 box will kill those sessions but rather than rebooting we will be pleased if we have any tmsh command to kill those stale sessions as a temp fix.

 

10 Replies

  • shaggy's avatar
    shaggy
    Icon for Nimbostratus rankNimbostratus

    If you mean connections, "tmsh delete sys connection ..." is the command you're looking for. It has quite a few options for choosing which connections you want to delete.

     

  • Well we have tried using that command but same result,no connections were deleted, here is a small snippet of the same when we gave "w" command

     

    USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT support pts/0 22:10 1:13 0.37s 0.28s tmsh support pts/1 22:11 0.00s 1.13s 0.00s w support pts/2 22:19 46:23 0.31s 0.30s tmsh support pts/4 22:20 46:06 0.28s 0.26s tmsh support pts/5 Wed18 5days 0.41s 0.38s tmsh support pts/14 Fri11 3days 0.31s 0.30s tmsh support pts/15 Fri11 3days 0.01s 0.01s -bash support pts/16 Fri11 3days 0.32s 0.29s tmsh

     

  • A

    "bigstart restart"
    might kill them too. A bit faster than a reboot, but probably not what you're looking for.

    /Patrik

  • Could you please let us know how you identify the stale connections?

    At first I thought you wanted to clear the connections between TMSH and TMM (which I would consider a bug) :). If you want to clear all connections you can run

    tmsh delete sys connection
    like shaggy suggested.

    Perhaps the services are re-establishing the connection after you close it?

    /Patrik

  • shaggy's avatar
    shaggy
    Icon for Nimbostratus rankNimbostratus

    Do you mean sessions that are logged in via SSH?

     

    I've killed these in the past by doing "ps | grep ssh", and then identifying and killing the pids associated with the idle sessions.

     

    You can enable tmsh and ssh idle times to prevent stale logins.

     

  • When we saw our boxes "ran out of memory", we checked with other boxes, we found many sessions opened from the same ip-address, ad idle for past days, we cannot reboot those boxes.

     

    We have stopped the communication with F5 with that particular IP address, but really tmsh delete sys connection didnt help us.

     

  • shaggy's avatar
    shaggy
    Icon for Nimbostratus rankNimbostratus

    "tmsh delete sys connection" will not help you in this case - it is used to delete load balanced connections or connections to pool members.

     

    run "ps | grep sshd | grep (user-name)" to get a list of all processes associated with the idle users.

     

    That will list the pids associated with the logged in sessions, allowing you to use "kill (process-id)" to kill those processes