HTTPS Persistence (Sharing load)
I have pair of DMZ servers load balanced using an F5 which is also on the DMZ.
1 VS listening on port 443 (this VIP has a client SSL cert configured on the VIP)
behind this VS sits a server pool with 2 servers listening on port 8000
Everything is working apart from share load between the 2 servers, we are using Source based IP persistence and unfortunately there are hundreds of different client connections but all these clients are source NATed on the Firewall to a single HIDE NAT for security purposes. Which means the F5 always sees the same Source IP and sends the connection to the same server, this server is getting busy!
Is there any other way I could make or share the load across servers in this scenario? At the moment I can't think of any.