Forum Discussion
Anzine321
Altocumulus
Mar 19, 2024ssl handshake failed
Hi i have a problem ssl failed handshake, scenario for testing 100k workload but many connecton failed. error on ltm SSL Handshake failed for TCP Connection error: ssl_codec_rx:2299: alert(90) ...
What is SSL Acceleration
On a BigIP SSL acceleration is where the SSL encryption is performed on the LTM rather than the backend servers. (Offloading). Usually this is performed via dedicated hardware in the BigIP unit, rather than in software. However some encryptions are still done in software (There's a command for listing which ones are accelerated or non-accelerated via hardware).
Some older units only did SSL in hardware for the key exchange and did bulk (symmetric which is much faster to do) encryption in software. Newer units can do both in hardware.
How many of SSL offloading supported in each instance if VIPrion 2400 virtualised to 1 GTM and 2 LTM instances ?
Good question... The licenses for Viprion vCMP are hosted by the unit itself. I THINK from what I understand that if you have a 500TPS license each LTM can do 500TPS... But I could be wrong on that one... I'll have a look around and see what I can find because I'm interested in the answer too.
What benefit Web Accelerator Module and Bundle will do?
They will give you all the features of the WAM module (Or bundle). You can view the WAM module features on F5's main website (f5.com).
H
- I'm not deeply familiar with WA...where are the logs stored? If in the filesystem in plaintext ( /var/log (or a subdir)?), you can configure syslog-ng to send logs as they happen off box via a remote destination. Or, you can write a bash script to ftp/scp the files via a custom cron job (yes, you can do this). Caveats to any system changes NOT done in TMM: any hotfix/upgrade will blow your configuration away, so make sure you document and archive your configuration for rebuild after either of these occurrences. The wiki has backup scripts (like this one: Click Here) that you could easily alter for ftp/scp'ing of log archives.
- the logs are under /var/log/wa/access. the internal log rotation wasn't working for me so i wrote a custom script that was rotating the logs every three hours ( i removed the /etc/cron.hourly/wa_logrotate) but i have run into this use where the logs stop writing once the file size reaches 2 GB. i have increase the frequency to every 2 hours to counter that but may not be enough once our web traffic peaks in the school season. does anyone know if there is some limit of file size on the 3900s?
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects