Correlation between a service connection and flows

Unanswered Question
Aug 14th, 2007
User Badges:

Hi,


I can't seem to figure out the relation between the "Current Local Connections" I can see doing a "sh service <service_name>", and the number of active flows toward that service doing a "sh flows | grep <service_ip>" (looking only at the dest IP of the flow).


For instance, I've got a service with something like 850 "current local connections" but if I look at the flows established toward that service, I only have very few of them (something like 30).


How these statistics relate to each other ?


Thanks for any clarification.

Arno

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Tue, 08/14/2007 - 05:43
User Badges:
  • Cisco Employee,

could you try a 'show flows 0.0.0.0 x.x.x.x' where x.x.x.x is the service ip address.

The command only list the first 4096 flows, but if you have less than that that should not be a concern.


Gilles.

arnaud.chiaberge Tue, 08/14/2007 - 05:57
User Badges:

Thank you Gilles, I didn't know this tip.


This indeed shows much more flows but still it's not consistent with what I expected.


At that point I think I need to be more explicit:


The service I'm refering to is actually an SCA device, terminating SSL connections. What I'm trying to figure out is, roughly, how many SSL connections are being handled, at a time, by the CSS towards this SCA.


The "sh service " show a "current local connections" with an average of 850 connections. But I cannot link it to the number of flows.


I tried (as you advised) "sh flows 0.0.0.0 " and got something like 400 flows.


However, the question could remain purely theoratical:

What is the link between a service number of local connections and flows towards that service ?


Many thanks for any clarification/document.


Arno

Actions

This Discussion