Hi cmdmss,
are you really about to look for connections in time wait on the BIG-IP?
This will be connections initiated by a client to a virtual server which were recently closed.
The default time wait settings on the BIG-IP (please see the associated TCP profile of the related virtual server) are pretty short and I wouldn´t expect them to cause issues.
If they would, you could track it by logging the RESETs (please see AskF5
SOL13223 and
SOL13898).
The following command provides current statistics (including number of connections in time wait) for the TCP profiles in use:
watch -d tmsh show ltm profile tcp
Please enter a specific profile (the one associated with your particular virtual server) as additional parameter.
From my perspective it´s more likely to see time wait issues on your real servers (pool members) as the default MSL (max. segment lifetime) is 120 seconds on most systems.
This will cause RESETs from pool members to your serverside SNAT or in case of un-snatted traffic to to few clients with connection rates.
Thanks, Stephan