Using LTM to SSL Offload a APM Server
Hi All,
Trying to solve a performance issue with a APM policy in front of a Jira based site. Everything works, but using APM and a Webtop slows down the Jira site quite significantly (2-3 times slower).
A suggestion was to use two virtual servers. One to as a basic SSL offload that then passes off to the APM running with a http only interface.
I have done the configuration of APM and can access Jira directly through http. Now, when I create another VS listening on 443, with a SSL Client profile, the server does not respond to requests.
With a tcpdump I can see the client connection being established, but when the F5 tries to connect to itself there is no traffic. Running a tcpdump I can see the F5 self-ip doing a ARP request for the APM based VS, but getting no response. So the F5 is trying to find a server, but does not know that it needs to talk to itself.
Tried to use a loopback address (e.g. 127.0.0.99) but the GUI won't let me. Also played with SNAT options but does not seem to make a difference. Sure it would be possible using two different F5's, but dont have that option.
I am sure I read somewhere about a known issue with trying to load balance a VS running on itself, but can't seem to find any reference to it.
Any guidance appreciated.
Regards, Jason