Forum Discussion
Andy_Herrman_22
Nimbostratus
NimbostratusBIG-IP, SSL Termination, and Flash Media Server
Has anyone tried using BIG-IP to load balance Flash Media Servers?
We're trying to set this up and there are a couple things I'm worried about. The main one is SSL termination. Flash's RTMP protocol for communicating with FMS has three modes, SSL tunneling, direct socket (usually over port 1935), and HTTP tunneling. I don't know the specifics of how the SSL tunneling works, but I'm worried that it's not just encrypting the HTTP tunneling, so I'm not sure if I can have the BIG-IP do SSL termination. I have a feeling that if I do SSL termination the normal way (decrypt it and send to port 80) that it won't work.
Has anyone tried this, or worked with other protocols tunneled over SSL?
Jose_Santiago_OI have Flash Media Servers load balancing in my big-ips, for this I have 3 virtual servers, 1 for each port (80,443, 1935), the servers are doing all SSL processing. Furthermore they are FastL4.
Andy_Herrman_22For the SSL processing, does it decrypt the data and then forward it along on the same port, or does port 443 get routed to port 80 after being decrypted?- Jose_Santiago_OIn my configuration, the ltm only forwards the SSL traffic to the nodes using the same port, the virtual server and pool members have all the 443 port and it works perfectly.
- Andy_Herrman_22I'll try that. Thanks!