09-16-2009 12:01 AM
Hi,
I have three questions regarding the "show stats connection" command in the ACE 4710:
1. What is the criteria for a connection to be added to the "Total Connections Failed" counter?
2. What is the criteria for a connection to be added to the "Total Connections Timed-out" counter?
3. Is there a command to get more information why the connection was failed or timed-out (e.g. to/from which IP, url accessed etc.)?
Thanks in advance for your help!
Best regards,
Harry
Solved! Go to Solution.
09-16-2009 12:33 AM
Harry,
a connection failed if the server did not respond or resonded with a RST.
As long as the connection gets establised, it is counted as a success.
The connection timeout counter is incremented when the connection is idle for the configured timeout value or for L7 connections if it does not complete the 3-way handshale within the embryonic timeout interval.
Since this is clear why those counters are incrementing, the only way to get more information is to capture a sniffer trace to verify if the conditions above are met.
Gilles.
09-23-2009 03:53 AM
09-16-2009 12:33 AM
Harry,
a connection failed if the server did not respond or resonded with a RST.
As long as the connection gets establised, it is counted as a success.
The connection timeout counter is incremented when the connection is idle for the configured timeout value or for L7 connections if it does not complete the 3-way handshale within the embryonic timeout interval.
Since this is clear why those counters are incrementing, the only way to get more information is to capture a sniffer trace to verify if the conditions above are met.
Gilles.
09-16-2009 01:15 AM
Hi Gilles,
Thanks for your quick answer!
Is it only failed and timed-out connections to the serverfarms that are counted, or also SSL connections to the ACE itself?
If only connections to the serverfarm are counted, should I then be able to see the same number of failed connections if I add up the number of connections failures from the output of "show serverfarm detail" (if the counters have been cleared at the same time)?
Best regards,
Harry
09-16-2009 01:48 AM
Failed connection is every connection that could not be established.
So even routed connections could fail if you do not have a route to the destination or the destination mac-address.
Gilles.
09-22-2009 12:00 AM
Hi again,
Would even e.g. HSRP traffic or broadcasts that the ACE receives from routers on the same subnet be counted as failed connections?
We seem to be getting a lot of failed connections even though we do not see any issues with the service.
Best regards,
Harry
09-23-2009 03:53 AM
yes, HSRP, VRRP will be counter as failed connections.
Gilles.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: