Bug ID 426197: The maximum number of entries in the SSL session cache should be greater than 256 KB.

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1

Fixed In:
11.5.0

Opened: Jul 25, 2013

Severity: 3-Major

Symptoms

The maximum number of entries in the session cache as well as the per-profile limit is 256 KB. The per-profile limit is distributed across all TMMs, so if the limit set is 32 KB, and there are four TMMs, each will only be able to hold 8 KB entries.

Impact

In some configurations, the existing SSL session cache may time out entries far too quickly.

Conditions

SSL session.

Workaround

None

Fix Information

The maximum number of entries in the session cache is now configurable via the BigDB variable tmm.ssl.cachesize. Note that after changing this variable the TMMs must be restarted for the new value to take effect. The per-profile limit is now per TMM so if the limit is set to 32 KB entries, each TMM will be allowed to have 32 KB entries.

Behavior Change

Formerly, the per-profile limit was over the entire BigIP. Now, the per-profile limit is per TMM so if the limit is set to 32K entries, each TMM will be allowed to have 32K entries.

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips