How many long-lived SSL connections can be supported on a BIG-IP LTM?

Question

We have BIG-IP LTM devices on-prem.&nbsp;
A recent mandate stated that connections coming from a public cloud provider to an on-prem database must be encrypted across the entire public part of the connection. One proposed approach was to encapsulate the JDBC connection in SSL at its source (a VM in the public cloud), and then use the on-prem BIG-IP device to terminate the SSL, and forward the JDBC traffic over the on-prem network to the on-prem database.&nbsp;
&nbsp;
Somebody suggested that the BIG-IP device would be limited in the number of connections that it could support, since JDBC connections tend to be very long lived compared to HTTPS connections.&nbsp;
Can anybody confirm whether we could use an F5 for this purpose, and give me an idea of how many concurrent connections a BIG-IP device might be able to support?&nbsp;

jg · Answer

You didn't give a projected scale of your connection requirement. In theory, each client can have 64k connections to a VIP, and from what I can see from my F5 systems, there can be a maximum of 3297078 files/connections open system-wide. As each connection consumes memory, the likely "bottleneck" for you would really be the amount of memory available in your system - allocated to the LTM.

Forum Discussion

How many long-lived SSL connections can be supported on a BIG-IP LTM?

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Support and Help for DevCentral and Offline Contact

Securing Applications using mTLS Supported by F5 Distributed Cloud

Cipher Suites Supported (12.1.5.3)

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

APM Configuration to Support Duo MFA using iRule