Forum Discussion
Torti
Aug 14, 2013Altostratus
Hi, is it necessarry to run SSL till the backend? If not, I recommend to terminate it at the bigip and use http between bigip and backend. It has a positiv performance impact for your backend server.
But I never heard, that you can run http and https on the same port. Normal setup is 1 VS for http with pool for http traffic and 1 VS for https with pool for https traffic. i.e.
--> (HTTP) bigip:80 (VS1) --> (HTTP) --> backend:80 (Pool1)
--> (HTTPS) bigip:443 (VS2) --> (HTTPS) --> backend:8443 (Pool2)
or
--> (HTTP) bigip:80 (VS1) --> (HTTP) --> backend:80 (Pool1)
--> (HTTPS) bigip:443 (VS2) --> (HTTP) --> backend:8443 (Pool2)
I recommend the second example. It is the best for troubleshooting and network management. But if you need full security (ssl) till the end, it is the first example.