Aruba Silver Peak

Q:

TCP Accel Options explained

These settings are configured per optimization policy rule. Thus they can be applied to specific subnets, applications or even single host.

Adjust MSS to tunnel MTU - This feature is enabled by default so that the maximum value of the remote server MSS is coupled to the tunnel MSS. If the remote server MSS is smaller than the tunnel MSS, then the lower value is used instead. This feature is used to maximize the efficiency of sending data by maximizing data packet size.
Preserve Packet Boundaries - Enables or disables the preserving of packet boundaries. When enabled, the packet size on the receiving appliance LAN will be exactly the same when transmitted from the remote appliance LAN interface. Some applications are sensitive to packet manipulation so this feature helps maintain maximum compatibility
Enable Silver Peak TCP SYN option exchange - By default, the appliance will propagate the TCP options attached to find the farthest appliance. Disabling this feature will prevent that and cause the two nearest appliances to optimize the traffic. You may need to do this where a firewall policy drops packets with options.
reset-to-default - Resets all advanced TCP options to default values.
Route Policy Override - Enables or disables the route policy override feature. This instructs the server-side appliance to return the SYN/ACK back to the client-side appliance that owns the flow, overriding any other route policy it has.
Auto Reset Flows - Enables or disables the auto-reset of TCP flows. If a connection is seen by an appliance but after the handshake already completed, the connection would normally remain in pass-through. If this feature is enabled, and a connection is reclassified in the Flows report, ~30 seconds later it will be reset. When the endpoints re-establish the flow, it will be now be subject to the optimization and route policies it matches.
IP Blacklisting - Enables or disables IP blacklisting. If more than 5 seconds elapse between sending a SYN and receiving the SYNACK, that flow is added to the temporary blacklist. The entry stays in the blacklist for 30 seconds. During these 30 seconds, further SYNs to that destination IP are not accelerated. After 30 seconds from the initial blacklisting, the entry is removed. The next SYN will now follow the optimization and route policies and if optimization is possible and the SYNACK is received within 5 seconds, optimization proceeds normally. Otherwise, the entry is re-added to the blacklist for another 30 seconds.
End to end FIN handling - Enables or disables end-to-end FIN handling. Some applications/services are sensitive to receiving a FIN at the correct time. Due to acceleration, the sending side may believe the transfer is complete but the data is still traversing the WAN. This feature instructs the Silver Peak appliance to wait for the remote server to send ACK the FIN from the client before responding to the client on the server's behalf.

WAN Window Scale - Set the WAN window scale factor value (1 .. 14). This should only be adjusted at the request of Silver Peak TAC.
Slow LAN Defense - Sets the slow LAN defense threshold value (0 .. 12, 0=Off, default is 9, lower is more aggressive, defense action is to reset the slow flow). This is a legacy feature to help prevent guard against slow clients or servers that are unable to receive incoming data quickly enough. Often this is a situation that can be avoided by ensuring latency between server-side Silver Peak appliance is much lower than the WAN RTT. This should only be adjusted at the request of Silver Peak TAC.
WAN Congestion Control - Enables or disables congestion control for WAN. Optimized uses HighSpeed TCP for Congestion Control which is optimized for High bandwidth-delay product networks. Standard uses New-Reno for Congestion Control which is less aggressive and behaves more conservatively when other (possibly more aggressive) TCP connections co-exist on the link. At lower bandwidth-delay product HS TCP behaves like New-Reno (Standard). Aggressive mode uses minimal congestion control so has a tendency to blast packets on the link. Useful for Application dedicated links where there are only a few TCP connections that compete for a part of the link.

Max LAN to WAN/WAN to LAN buffer - Specifies the maximum buffer size, in kilobytes. This should only be adjusted at the request of Silver Peak TAC.

Slow LAN Window Penalty - For the Slow LAN Window Penalty, specifies the window scale factor value (1... 10, 0=off, default is 1, larger value means bigger penalty, penalty action is to use smaller TCP window). This stops slow flows from affecting other flows that are not slow. This should only be adjusted at the request of Silver Peak TAC.
LAN Side Window Scale Factor Clamp - For the LAN-side Window Scale Factor clamp, specifies the window scale factor value (1... 14). To disable, use 0. If there is any LAN-side loss present, this feature sets the LAN-side window scale to this fixed value which will reduce the amount of data in flight and mitigate throughput issues due to LAN-side loss. Ideally, LAN-side loss should not be present for best performance.
Persist timer Timeout - Specifies the maximum TCP persist timeout. By default, TCP will keep probing a connection indefinitely in the event of a zero window. This setting can specify an amount of time, in seconds, to give up and reset the connection.
Keep Alive Timer - Specifies the TCP keep-alive time, in seconds, to the first probe. The maximum number of TCP keep-alive probes and the time interval between TCP keep-alive probes.