SSL TPS License limits and log message -- will I always see one?

Question

Hi folks -- I understand the SSL graph can be inaccurate (Overview -&gt; Performance -&gt; SSL trans/sec) because it polls on average of every 10 seconds, and the way the license is implemented, SSL tps are monitored over a 10ms window....&nbsp;
But my questions is this -- how are the log messages generated? Is a message written to the log each time a SYN is silently dropped because we've hit the limit (1/100th of our license over this 10ms window?).  Or sometimes could connections be dropped, forcing the client to retransmit, and NO log message will appear in the LTM log?  I'm asking because values seen through 'snmpget' indicate we are running at an SSL TPS load level that is higher than our license, yet not consistenly seeing error messages in the logs.&nbsp;
Thx!&nbsp;
 &nbsp;
Steve&nbsp;
 &nbsp;

nitass · Answer

i do not think snmpget data is 10ms window.

what_lies_bene1 · Answer

It's my understanding that a log message is only generated when the limit is reached, not when a SYN is dropped. I'd suggest you look into the SNMP metric and how it is measured. Keep in mind that the licensed limit only applies to client side connections, not any related server side SSL processing.

Forum Discussion

SSL TPS License limits and log message -- will I always see one?

2 Replies

Recent Discussions

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Related Content

DEVCENTRAL END-USER LICENSE AGREEMENT

F5 License

FIX Message Response

Conversion license

F5 LTM License