I have a customer who load balances https across 3 servers. The vip load balances port 443 to real servers on port 443 also.
They prefer to terminate https on their own servers. There is a requirement for clients to stick to the same real server for the duration of the sesion. Is this possible when we are terminating 443 on the customers real servers?
If you are not terminating ssl on the ace sticky options are limited, you can stick via ssl session id but this ge
nerally is unsatisfactory because IE reno
gatiates session id every 2 minute.
So you are limited to source ip sticky in this application such as:
sticky ip-netmask 255.255.255.255 address source GROUP1
then on lb policy use
policy-map type loadbalance first-match test4
Thanks for the clarification and sample config. I suppose that cookies inserted by the servers is not an option as we are not terminating ssl on the ace appliances.