Correlation between a service connection and flows

Aug 14th, 2007


I can't seem to figure out the relation between the "Current Local Connections" I can see doing a "sh service <service_name>", and the number of active flows toward that service doing a "sh flows | grep <service_ip>" (looking only at the dest IP of the flow).

For instance, I've got a service with something like 850 "current local connections" but if I look at the flows established toward that service, I only have very few of them (something like 30).

How these statistics relate to each other ?

Thanks for any clarification.


Gilles Dufour Tue, 08/14/2007 - 05:43

could you try a 'show flows x.x.x.x' where x.x.x.x is the service ip address.

The command only list the first 4096 flows, but if you have less than that that should not be a concern.


arnaud.chiaberge Tue, 08/14/2007 - 05:57

Thank you Gilles, I didn't know this tip.

This indeed shows much more flows but still it's not consistent with what I expected.

At that point I think I need to be more explicit:

The service I'm refering to is actually an SCA device, terminating SSL connections. What I'm trying to figure out is, roughly, how many SSL connections are being handled, at a time, by the CSS towards this SCA.

The "sh service " show a "current local connections" with an average of 850 connections. But I cannot link it to the number of flows.

I tried (as you advised) "sh flows " and got something like 400 flows.

However, the question could remain purely theoratical:

What is the link between a service number of local connections and flows towards that service ?

Many thanks for any clarification/document.



