Hello Everyone,

After configuring SSLAO, i see connections showing up as TSDL when trying to access a https website.

ConnID        Source IPort          Dest IPort            PeerID Accel RR
    92    192.168.24.40:4857     172.16.10.100:443 00:21:5e:76:7e:f0 TSDL  26.7%

EDGE-WAE#show statistics connection conn-id 92

Connection Id:            92
    Peer Id:                  00:21:5e:76:7e:f0
    Connection Type:          EXTERNAL CLIENT
    Start Time:               Sat Jan 12 10:48:27 2013
    Source IP Address:        192.168.24.40
    Source Port Number:       4857
    Destination IP Address:   172.16.10.100
    Destination Port Number:  443
    Application Name:         SSL
    Classifier Name:          HTTPS
    Map Name:                 basic
    Directed Mode:            FALSE
    Preposition Flow:         FALSE
    Policy Details:
           Configured:        TCP_OPTIMIZE
              Derived:        TCP_OPTIMIZE
                 Peer:        TCP_OPTIMIZE
           Negotiated:        TCP_OPTIMIZE + DRE + LZ
              Applied:        TCP_OPTIMIZE + DRE + LZ
    Accelerator Details:
                Configured:   None
                   Derived:   None
                   Applied:   SSL
                      Hist:   None

                                    Original            Optimized
                        -------------------- --------------------
    Bytes Read:                         1627                 1824
    Bytes Written:                      2736                 1372

    Total Reduction Ratio: 26.748%

Here is an output frome of the random cases in topic

Connection Id:            2455

   Peer Id:                  00:26:99:df:70:c1

   Connection Type:          EXTERNAL SERVER

   Start Time:               Wed Feb 22 11:27:16 2012

   End Time:                 Wed Feb 22 11:27:22 2012

   Source IP Address:        10.197.7.141

   Source Port Number:       2424

   Destination IP Address:   172.30.49.102

   Destination Port Number:  443

   Application Name:         SSL

   Classifier Name:          HTTPS

   Map Name:                 basic

   Directed Mode:            FALSE

   Preposition Flow:         FALSE

   Policy Details:

          Configured:        TCP_OPTIMIZE

             Derived:        TCP_OPTIMIZE

                Peer:        TCP_OPTIMIZE

          Negotiated:        TCP_OPTIMIZE + DRE + LZ

             Applied:        TCP_OPTIMIZE + DRE + LZ

   Accelerator Details:

               Configured:   HTTP

                  Derived:   HTTP

                  Applied:   HTTP,SSL

                     Hist:   HTTP,SSL

The only difference i see between both is

  Accelerator Details:

               Configured:   HTTP

                  Derived:   HTTP

                  Applied:   HTTP,SSL

                     Hist:   HTTP,SSL

What i want to know is Why a connection would fall under TSDL and THSDL when i have enabled HTTP/SSL AO chaining already.

I need help undestanding the difference between the application / working of TSDL and THSDL.

• If the connection shows up as THDLcould be due to one of the following
  
  • SSL Accelerator is not up and running on edge device.
  • SSL AO is not up and running on core device.
  • SSL-AO was not negotiated in AOIM.
  • For proxy, HTTP CONNECT request is to a port other than 443.
  • The 3-way DATA-INSPECT handshake where both edge and core devices  notify each other regarding addition of SSL-AO to the optimization for  this connection fails.
  • Post DATA-INSPECT handshake, the 3-way TFO handshake where both edge  and core devices agree to add SSL-AO to the optimization for this  connection fails.