VMware NSX

 View Only
  • 1.  App Profile HTTPS Passthrough and SSL Session ID Sticky

    Posted Jun 21, 2017 08:46 PM

    If you setup HTTPS Passthrough for traffic - can the LB still create stickiness based on session ID?

    Would the session ID be knowable by the LB if the SSL session is terminated at the pool server?



  • 2.  RE: App Profile HTTPS Passthrough and SSL Session ID Sticky

    Broadcom Employee
    Posted Jun 22, 2017 02:28 AM

    Hi,

    Sticky configuration using SSL Session ID can be set only in using SSL paththrough mode.

    If SSL paththrough is disabled, sticky using SSL Seesion ID cannot be used because SSL session is terminated by NSX Edge.

    The detail of NSX LB Application profile is described in the below.

    https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-58EB4584-2215-42A3-892D-CCD937CAFD3A.html

    Traffic Type
    Persistence Method Supported
    HTTPSCookie, ssl_session_id (SSL Passthrough enabled) , SOURCEIP

    Regards,

    mizo.