Introduction-Processing
SSL Traffic
For example a company sells its products online and,
therefore, host an online shopping cart application.
So we know that persistence is essential for this
application because each client’s traffic must stay with the same server during
a single purchasing server.
But we confused about which type of persistence we can use.
Knows that all client traffic arrives via NAT device. In this case all clients
source address changes to the same source IP address.
So we cannot use source address persistence. We also knows
that because security is important, the shopping cart site uses the HTTP
protocol.
Therefore we knows that we cannot use cookie persistence
because the cookie reseds in the encrypted portion of the network pocket.
So how to resolve
this situation?
If you thought a possible solution might be for BIG-IP to
some how decrypt the HTTPS traffic and then use cookie persistence. BIG-IP
accomplishes this feature called SSL termination. Using SSL termination you can
configure BIG-IP to decrypt the incoming traffic before sending it to a Pool
Member.
No comments:
Post a Comment