Last week I provided an explanation of the new SSL Session ID Persistence feature in LineRate v2.5.0. I made the claim that by using SSL Session ID Persistence can help by "Avoiding this excess computation by reusing the session identifier is one way to reduce load on the server." Internally, we tested and made sure this is really the case, but I didn't provide any data. Here is an overview.
Let's use the most simple configuration possible to display the behavior:
1 Virtual IP, 1 Virtual Server, and some number of Real Servers configured on LineRate
Some number of backend servers terminating SSL and HTTP.
The LineRate system will not terminate the SSL but will inspect the traffic to get the session identifier and perform the persistence. This can now be easily tested by enabling/disabling the session identifier reuse on the Spirent Avalanche.
Since the session setup and negotiation is the thing which is being addressed, the HTTPS client will do a single very small HTTP GET of a 0 kb file on each connection. This maximizes the number of session (re)establishments. Here are the results in my test setup on an old 3.0 GHz Westmere machine: