Leveraging SSL connections between BIG IP LTM and backend servers

Question

Hi Team,&nbsp;
I have a scenario, wherein the SSL worker threads on the backend servers are being exhausted while processing all the SSL requests between BIG-LTM and the backend servers. &nbsp;
I'm looking at some options/settings on BIGIP which can leverage already open SSL connections with backend servers so as to not bombard the backend servers with too many SSL handshake requests. &nbsp;
I see OneConnect profile can leverage the already existing idle connections between LTM and backend server but not sure if it can used for leveraging open SSL connections as well. The idea is to reduce the number of encryption/decryption mechanism on the backend server.&nbsp;
Can anyone provide their expertise to achieve this.&nbsp;
BR,
MSK&nbsp;

arnaud_lemaire · Answer

Hi, Oneconnect is the key, otherwise you can play with caching for http content. As an addition depending on you server behavior when overloaded by ssl connection , you can apply some limit on the maximum number of connections allowed by member.

Forum Discussion

Leveraging SSL connections between BIG IP LTM and backend servers

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Leveraging Ansible Rulebooks for Streamlined Event Triggers: Advantages and Benefits

Leverage BIG-IP 17.1 Distributed Cloud Services to Integrate F5 Distributed Cloud Bot Defense

Leverage F5 BIG-IP APM and Azure AD Conditional Access Easy button

Zero Trust building blocks - Leverage Microsoft Intune endpoint Compliance with F5 BIG-IP APM Access

Zero Trust building blocks - Leverage F5 NGINX Plus Single Sign-On (SSO) and F5 XC