5.18. Long lived TCP session treatment

When the optimization service gets restarted or a Steelhead appliance gets rebooted, the current optimized TCP sessions will be terminated. During the initialization period of the optimization service new TCP sessions will be setup, either new ones or the replacement of the ones which were terminated earlier. When the initialization of the optimization service is completed and new TCP sessions will be optimized, these already established TCP sessions will be passed-through, showing up as pre-existing in the list of current connections.

This is fine for short lived TCP sessions such as HTTP, SMPT and POP3, which last only a short time. However, long lived TCP sessions like CIFS sessions, MAPI traffic, database replication and file server replication will stay unoptimized and suffer from a bad performance.

To overcome this, the optimization service needs to know which traffic needs to be optimized at all times. It will require regular interaction with the people who run the services to keep track of changes in their servers. It will need to be documented properly for operation of the network.

To restart these TCP sessions, there are three possible solutions from the Steelhead appliances perspective:

5.18.1. Reset TCP connections at restart

This option can be found under the General Optimization configuration: Reset Connections At Startup.

Figure 5.147. Reset Connections At Startup

Reset Connections At Startup

It will cause all pre-existing TCP sessions to be reset when they are detected after the restart of the optimization service. This is obsoleted by the auto kick-off in-path rule.

5.18.2. Manual termination of TCP sessions

Under the details of the TCP session in the report of the Current Connections, there is an option to reset the connection.

Figure 5.148. Terminate Connection button in the GUI

Terminate Connection button in the GUI

In the CLI, the command to terminate the TCP session is tcp connection send reset pass-reset. It will require the IP addresses and the TCP port numbers of both the client and the server.

Figure 5.149. Terminate TCP session via the CLI

SH # show connections passthrough filter pre_existing
T  Source                Destination           App    Rdn Since
--------------------------------------------------------------------------------
PI 10.0.1.1         1025 192.168.1.1       139            pre_existing        c
--------------------------------------------------------------------------------
Pass Through (P):              1
PI = Passthrough Intentional
PU = Passthrough Unintentional
Forwarded (F):                 0
--------------------------------
Total:                         1
c = Client Steelhead
s = Server Steelhead

SH (config) # tcp connection send pass-reset source-addr 10.0.1.1 source-port 1025 dest-ad \
    dr 192.168.1.1 dest-port 139 

5.18.3. In-path auto kick-off of pre-existing TCP sessions

The automatic way to terminate selected pre-existing TCP sessions after a restart of the optimization service can be done via an in-path rule on the client-side Steelhead appliance with the auto kick-off option enabled.

For example, to retry to optimize pre-existing CIFS sessions, which are normally long-lived, use the following in-path rule:

Figure 5.150. Example of auto kick-off in-path rule

SH (config) # in-path rule auto-discover auto-kickoff enable dstport 445 rulenum 4 descrip \
    tion "Always retry pre-existing CIFS connections"

Figure 5.151. Configuration of a Kick-off in-path rule

SH (config) # show in-path rules 
 Rule Type P O L N W K VLAN Source Addr        Dest Addr          Port          
----- ---- - - - - - - ---- ------------------ ------------------ --------------
    1 pass - - - - - - all  all                all                Secure        
    2 pass - - - - - - all  all                all                Interactive   
    3 pass - - - - - - all  all                all                RBT-Proto     
    4 auto N F F A C Y all  all                all                445           
      desc: Always retry pre-existing CIFS connections                          
  def auto N F F A C N all  all                all                all           

4 user-defined rule(s)

(P) Preoptimization Policy: O=Oracle-Forms S=SSL +=Oracle-Forms-over-SSL N=None
(O) Optimization Policy:    F=Full S=SDR-only C=Compression-only M=SDR-M N=None
(L) Latency Optimizations:  F=Full H=HTTP-only O=Outlook-anywhere N=None
(N) Neural Framing:         A=Always D=Dynamic T=TCP hints N=Never
(W) WAN Visibility Mode:    C=Correct-Addressing
                            P=Port-Transparency
                            F=Full-Transparency
                            R=Full-Transparency w/Reset
(K) Auto Kickoff:           Y=Enabled
                            N=Disabled


Pre-existing TCP sessions on TCP port 445 will now be terminated the optimization service.