Load Balancing based off TCP Payload entity

For 1 yes the entityID appears in the same TCP session initially it shows up and will again further in the sessions once data is sent from a GUI. during the initial login phase the GUI sends the un/pass which contains the entityID, once the F5/server sends all the reference data back to the GUI , the GUI will start to send the entity ID in all subsequent packets. you will just see the ACK packets from the GUI until the login phase is completed.

For 2 I can use SSL sessionID because i need to have all users from entityID AAAA to be persisted to the same pool member. these users can be scattered all over the globe but all from AAAA must be persisted to the same pool member. we do allow ssl renegoitation but usually a disconnect in the GUI will require a re-login attempt and new ssl session