McGhee_59726
May 30, 2014Nimbostratus
ssl offload and dsr hybrid
Is this possible?
- client connects to SSL offloading vip with destination nat turned off
- f5 forwards packets to real server without translating the destination IP (like with dsr)
- real server sources return traffic from vip address which is bound to loopback adapter (like with dsr)
- real server sends return traffic (synchronously) back through F5 instead of (asynchronously) through 3rd party router (different from dsr)
- F5 recognizes traffic and re-encrypts it before returning to requesting client