Considerations when using a BigIP F5 load balancer in front of API Connect v2018

Troubleshooting

Problem

Performance Layer 4
====================
Make sure to configure F5 for Performance Layer 4 virtual server, see https://support.f5.com/csp/article/K8082

This is in particular needed to allow for SSL passthrough required for mutual SSL connections between certain API Connect subsystems.

API Connect appliances and dropped connections
==============================================
When using F5 there has been reports that connections to API Connect may be intermittently failing, and looking at TCPDUMP captures would show that SYN packets reach the ingress controller of the appliance without producing any acknowledgment.
It was determined that the following setting changes fixed the issue:

sudo sysctl -w net.ipv4.tcp_tw_recycle=0
sudo sysctl -w net.ipv4.tcp_timestamps=0

in order to make these changes to persist after a reboot, these values need to be stored in /etc/sysctl.conf. The following steps will be all you require to complete this task

1) sudo vi /etc/sysctl.conf
2) Add the below lines at the end of the file
net.ipv4.tcp_tw_recycle=0
net.ipv4.tcp_timestamps=0
3) Save and quit vi session

Document Location

Worldwide

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSMNED","label":"IBM API Connect"},"Component":"All","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"v2018.x","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Tips

Considerations when using a BigIP F5 load balancer in front of API Connect v2018

Troubleshooting

Problem

Document Location

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?