SSL... too many tcp sessions...
I work for an application-service provider.. sort of... anyway. One of our many applications is actually a TN3270/telnet application which has hooks into a microsoft DLL to tunnel/encrypt the user traffic over SSL. So on the network, we see encrypted packets destined to/from port 443.
This traffic hits a load-balancer that offloads the SSL encrypt/decrypt process.
We are having an issue where, it seems, everything a single user does (like just login, or pull up a VT100 screen) ends up launching 8-12 TCP connections. Over the course of a day 160 users launched upwards of 90000 tcp sessions. Each session is very predictable. its the same number of packets, and on the server side follows nearly the exact same sequence numbers every time.
We have many thousands of users that use this application. Needless to say, this is starting to cripple our load balancer.
Its my belief.. as an ex-programmer from a decade+ ago, that for the duration a user is logged into this app there should be a single TCP session.
Does anyone know why this might be occuring or if there is someway of fixing this? I am speaking in the broadest possible terms here because I am a network engineer, not a programmer. I will try to get more details if I can.