After ACE to F5 migration

Question

Hello,&nbsp;
We have migrated couple of our services from ACE to F5s. We have noticed on the servers that number of connections has increased rapidly. It doubled and even more. Since the ACE was in transparent mode it is little bit different than F5. We were thinking using OneConnect profile, but since the service is HTTPS, I am not sure how it will behave. There is no SSL offload on the F5. Does anyone have any idea ?&nbsp;
Thanks&nbsp;

leonardo_souza · Answer

In theory, you can use oneconnect without an HTTP profile, or with traffic that is not HTTP.
In practice, there are many limitations.&nbsp;
Read this solution, especially the recommendations part.&nbsp;
https://support.f5.com/csp/article/K7208&nbsp;
As the traffic is encrypted, and you are not decrypting in the F5, you can't use an HTTP profile.
That is because the F5 would never see the HTTP data, so traffic would not be sent to the pool members.&nbsp;

jg · Answer

Make sure that HTTP keepalive is enabled on your backend webserver first.&nbsp;
You can also change to use SSL bridging just to take advantage of the oneconnect feature.&nbsp;

Forum Discussion

After ACE to F5 migration

Recent Discussions

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Use of SSL Decryption.

Big IP DNS Failover

Related Content

Migrating between sites using stretched VLANs

VMware NSX to Red Hat OpenShift Virtualization Migration with F5 Distributed Cloud

VMware vSphere to OpenShift Virtualization Migration with F5 BIG-IP

ACE to F5 Migration

Getting Started with BIG-IP Next: Migrating an Application Workload

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS