ACE 4710 - show stats connection questions

Answered Question
Sep 16th, 2009

Hi,

I have three questions regarding the "show stats connection" command in the ACE 4710:

1. What is the criteria for a connection to be added to the "Total Connections Failed" counter?

2. What is the criteria for a connection to be added to the "Total Connections Timed-out" counter?

3. Is there a command to get more information why the connection was failed or timed-out (e.g. to/from which IP, url accessed etc.)?

Thanks in advance for your help!

Best regards,

Harry

Correct Answer by Gilles Dufour about 7 years 4 months ago

yes, HSRP, VRRP will be counter as failed connections.

Gilles.

Correct Answer by Gilles Dufour about 7 years 5 months ago

Harry,

a connection failed if the server did not respond or resonded with a RST.

As long as the connection gets establised, it is counted as a success.

The connection timeout counter is incremented when the connection is idle for the configured timeout value or for L7 connections if it does not complete the 3-way handshale within the embryonic timeout interval.

Since this is clear why those counters are incrementing, the only way to get more information is to capture a sniffer trace to verify if the conditions above are met.

Gilles.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
Correct Answer
Gilles Dufour Wed, 09/16/2009 - 00:33

Harry,

a connection failed if the server did not respond or resonded with a RST.

As long as the connection gets establised, it is counted as a success.

The connection timeout counter is incremented when the connection is idle for the configured timeout value or for L7 connections if it does not complete the 3-way handshale within the embryonic timeout interval.

Since this is clear why those counters are incrementing, the only way to get more information is to capture a sniffer trace to verify if the conditions above are met.

Gilles.

net-harry Wed, 09/16/2009 - 01:15

Hi Gilles,

Thanks for your quick answer!

Is it only failed and timed-out connections to the serverfarms that are counted, or also SSL connections to the ACE itself?

If only connections to the serverfarm are counted, should I then be able to see the same number of failed connections if I add up the number of connections failures from the output of "show serverfarm detail" (if the counters have been cleared at the same time)?

Best regards,

Harry

Gilles Dufour Wed, 09/16/2009 - 01:48

Failed connection is every connection that could not be established.

So even routed connections could fail if you do not have a route to the destination or the destination mac-address.

Gilles.

net-harry Tue, 09/22/2009 - 00:00

Hi again,

Would even e.g. HSRP traffic or broadcasts that the ACE receives from routers on the same subnet be counted as failed connections?

We seem to be getting a lot of failed connections even though we do not see any issues with the service.

Best regards,

Harry

Correct Answer
Gilles Dufour Wed, 09/23/2009 - 03:53

yes, HSRP, VRRP will be counter as failed connections.

Gilles.

Actions

This Discussion