For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

forsan's avatar
forsan
Icon for Altostratus rankAltostratus
Jul 09, 2014

Monitor amount of sessions going through the BigIP

Hi,   I'm locking for a way to check how many HTTP sessions (open and new) the BigIP is having. The reason I'm asking is that I need to know that a IPS that is going to be put in front of the BigI...
application delivery
LTM
management
sessions
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Jul 09, 2014

It's important to understand the different contexts of a "session" at the different OSI layers. TCP has sessions, SSL has sessions, but HTTP as a protocol really does not. An application can have a session, but that's not specifically tied to the protocol itself and not something that the F5 will natively track. A TCP session is, often transient, state after which a client and server complete a 3-way handshake on a given set of ports. An SSL session is a separate state after which a client and server complete an SSL/TLS handshake, exchange cipher information, and then start communicating cryptographically. There should be at least one SSL session per user (per application), but then several TCP sessions could come and go underneath that in a given span of time. HTTP is typically measured in requests (and responses), and many HTTP requests can happen inside a single SSL and/or TCP session.

The virtual server statistics show connections, which is based on current, maximum, and total TCP sessions. From there you can also view HTTP requests. To get the aggregate number of HTTP requests, per virtual server, you can use something like this:

tmsh show ltm virtual [VIP name] profiles { [HTTP profile name] }