I need to set is "idle timeout", but our "Azure Application Gateway" does not have this parameter.

Question

Good day,

We have an ARO-Openshift cluster where we have installed several applications and we use an "Azure Application Gateway" to consume these applications on our own network. In this cluster we have streams to several databases and with the applications we execute queries to these databases and it works fine, however we have a problem with long running queries, we get:

<center><h1>502 Bad Gateway</h1></center>

<hr><center>Microsoft-Azure-Application-Gateway/v2</center>

Reading on the internet (https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-tcp-idle-timeout?tabs=tcp-reset-idle-cli), we find that the timeout we need to set is "idle timeout", but our "Azure Application Gateway" does not have this parameter and we have no idea how to fix it, so we ask your valuable help. to fix it as the mexico azure team has been unable to help with this issue.

The specifications of our infrastructure are:

Openshift : 4.10.20

AAGW: V2 standard

Best regards.

Answer 1

Hello @José Antonio Trejo Gutiérrez ,

Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

I understand that you would like to where to set "idle timeout" setting on your Azure Application Gateway.

As mentioned in our Azure Application gateway FAQ document,

What are the settings for Keep-Alive timeout and TCP idle timeout?

• Keep-Alive timeout governs how long the Application Gateway waits for a client to send another HTTP request on a persistent connection before reusing it or closing it.
• TCP idle timeout governs how long a TCP connection is kept open if there's no activity.

The Keep-Alive timeout in the Application Gateway v1 SKU is 120 seconds and in the v2 SKU it's 75 seconds.

The TCP idle timeout is a 4-minute default on the frontend virtual IP (VIP) of both v1 and v2 SKU of Application Gateway. You can configure the TCP idle timeout value on v1 and v2 Application Gateways to be anywhere between 4 minutes and 30 minutes.

For both v1 and v2 Application Gateways, you need to navigate to the public IP of the Application Gateway and change the TCP idle timeout under the "Configuration" blade of the public IP on Portal. Changing the value of the private IP address isn't supported.

You can set the TCP idle timeout value of the public IP through PowerShell by running the following commands:

$publicIP = Get-AzPublicIpAddress -Name MyPublicIP -ResourceGroupName MyResourceGroup
$publicIP.IdleTimeoutInMinutes = "15"
Set-AzPublicIpAddress -PublicIpAddress $publicIP

NOTE: For HTTP/2 connections to the frontend IP address on Application Gateway v2 SKU, the idle timeout is set to 180 seconds and is non-configurable.

To configure this setting via Azure Portal, follow the below steps:

1. Go to your Application gateway in Azure Portal and click on the Frontend public IP address listed on it's Overview page:

2. On the Public IP address page, go to Configuration pane:

3. Drag the Idle timeout bar to your required number:

NOTE: You can configure the TCP idle timeout value on v1 and v2 Application Gateways to be anywhere between 4 minutes and 30 minutes.

Kindly let us know if the above helps or you need further assistance on this issue.

---

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.