Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1240
Views
0
Helpful
8
Replies

Slow response with SSL (https) on CSS

rv_viji
Level 1
Level 1

‎01-04-2008 11:24 PM

Hi,

Our network topology is as per the attachement “CSS Topology Diag.jpg”. The users behind the CORE network will access the application through the VIP address “192.168.10.171”. SSL card has been installed on the CSS's and the SSL gets terminated on the CSS. The traffic between CSS and the physical servers are on “http”.

Now when the users tries to access the application using SSL (https://192.168.10.171) the application response is very slow, however when the users tries to access the application using http (http://192.168.10.171) application response is ok.

Find the attached configurations of the primary and secondary CSS. Any inputs to resolve this issue..??

(Note: It take nearly 20 - 30 seconds to get the page when users initiate a connection through https and however when the users initiate the http connection page gets displayed in 2 - 3 seconds)

Regards

Labels:
Preview file
3 KB
Preview file
44 KB
Preview file
3 KB
0 Helpful
8 Replies 8

Gilles Dufour
Cisco Employee
Cisco Employee

‎01-05-2008 03:18 AM

Try the following commands

ssl-server X ssl-queue-delay 0

ssl-server X tcp server ack-delay 0

ssl-server X tcp virtual ack-delay 0

If the problem persists, get a sniffer trace on client side and server side simultaneous.

Gilles.

0 Helpful

rv_viji
Level 1
Level 1
In response to Gilles Dufour

‎01-05-2008 04:08 AM

Hi Gilles,

Still problem persists, find the attached sinffer logs captured on both Client Side and CSS side..

Regards

6578-Clientside Traffic-HTTPS
0 Helpful

rv_viji
Level 1
Level 1
In response to Gilles Dufour

‎01-05-2008 04:10 AM

Hi Gilles,

Also attached the sniffer logs for http traffic...

Regards

6580-ClientSide Traffic-HTTP
0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to rv_viji

‎01-05-2008 08:25 AM

the traffic having issue is HTTPS not HTTP.

So we want to see a trace with HTTPS.

Also, get the trace on the client and on the server - not the CSS. (we want to see both side of the css)

Gilles.

0 Helpful

rv_viji
Level 1
Level 1
In response to Gilles Dufour

‎01-05-2008 10:26 AM

Hi Gilles,

I have attached the https logs in my previous reply to this post.

And regarding the server side trace, I will post it soon... however just to mention the ssl traffic (https)gets terminated on the CSS and from the CSS to the servers it is http traffic....

Regards

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to rv_viji

‎01-06-2008 06:10 AM

there is absolutely no SSL/HTTPS traffic in the 2 traces you sent. Only HTTP.

I would expect your client trace to contain SSL traffic.

G.

0 Helpful

prakashj
Level 1
Level 1
In response to Gilles Dufour

‎01-25-2008 09:51 AM

we ar facing the same issues,

please post immedietily

0 Helpful

jslepicka
Level 1
Level 1
In response to prakashj

‎01-25-2008 02:39 PM

try:

ssl-server 1 ssl-queue-delay 0

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents