handshake_failure errors during load test

We tried changing web acceleration profiles but still got same issue, is there a specific settings that can help?

how come it became web acceleration? i thought you were getting ssl handshake failure.

My mistake, About the link you posted, my platform is Z100 not found in link, can you advice or which SSL algorithms is relevant to Z100 platform?

Z100 is virtual edition, isn't it? in that case, K13213 won't help.

not sure if logging reset cause is helpful. have you tried it?

K13223: Configuring the BIG-IP system to log TCP RST packets

It's virtual, we don't log TCP so I don't think it's relevant

nitass is (i assume) suggestion you to enable logging TCP resets so you might be able to find the cause of the failed handshakes in the log of the F5.

boneyard, can the TCP RST cause logging be controlled by any parameter (like source or time-limit after capturing few tcp rst's). The reason I'm asking this is because the OP is performing load test and if he enables the RST logging, he's going to/may capture lot of RST failures, which may be lot resource consuming & cause performance issues.

Also would the SSL debugging help here ?

tmsh modify /sys db log.ssl.level value Debug

no i don't believe so, although you can send the cause in the tcp reset packet, that would cause less logging at least.

but as you can see in the K article they warn about load and such.

the same will be for putting log.ssl.level to debug.

that is kinda an annoying issue when things fail during a load test, debugging causes more load so ...

you might conclude the cause is the load, does this happen quite early or? if you have doubts about that you probably need to involve support to direct your testing.