Ray_Dodier_1102
Sep 03, 2010Nimbostratus
SSL connect time diffs between domains (VIPs)
I serve HTTPS content from two different domains and each domain name corresponds to a VIP. What I'm seeing is the SSL connect time from one domain is about twice that of the other domain.
Not sure if this matters, but the VIP corresponding to the domain with the faster SSL connect time is using an iRule filter to get to the static content pool. The VIP with the slower SSL time has no rule and just goes directly to a different static content pool. I tried making the slower one go through a rule instead of dir4ectly to the pool but saw no difference.
I'm not finding anything obvious as to why one domain (both are in the same subnet) is performing so differently than the other. My limited understanding of this is that the SSL time is strictly between the client's browser and the F5. If so, there should be no difference, but there is. Can anyone think of what might be causing this performance difference?