SSL Keep alive setting? F5 LTM

Question

I am hunting for a setting on our LTM that will allow connection pooling ssl tcp keep alives.  Am I missing something?

hooleylist · Answer

What's the issue you're trying to address?  Are you looking at client or server side connections?  Are you trying to reduce the number of SSL handshakes performed or TCP connections established? 
&nbsp;  
&nbsp; Thanks, 
&nbsp; Aaron

ngmocoit_66829 · Answer

We are trying to reduce the number of SSL handshakes.  This would be for both client and server side connects.

lopezal_55485 · Answer

Did you get resolution. I know that enabling SSL keepalive with tomcat / apache greatly reduces number of SSL connections you have to establish.

hooleylist · Answer

You can use a OneConnect profile with a /32 netmask to have LTM re-use serverside TCP connections for the same client IP.  If you don't need to see the original client IP address on the servers, you could use SNAT on the VIP and then use a /0 netmask for very efficient re-use of serverside connections. 
&nbsp;  
&nbsp; See this page for details on OneConnect: 
&nbsp;  
&nbsp; http://devcentral.f5.com/wiki/default.aspx/AdvDesignConfig/oneconnect 
&nbsp;  
&nbsp; Aaron

Forum Discussion

SSL Keep alive setting? F5 LTM

4 Replies

Recent Discussions

F5 terminal - help to run commands - disk space full

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

Related Content

Setting up BIG-IP with AWS CloudHSM

Setting up persistence in F5 XC

Set HTTP version

Setting up F5 Telemetry Streaming with Splunk Cloud

set TOKEN [getfield [HTTP::uri]