Forum Discussion
hc_andy_35682
Nimbostratus
NimbostratusOneConnect and Proxy/Squid Load Balancing
Hi All,
We provide proxy services (http/https) to a large number of schools (each with their own static IP). Each school can have 1000's of connections to the virtual server at any time...
Jason_Keating
Altostratus
AltostratusIt sounds like you only want persistence for SSL connections, since you are not offloading SSL at the LTM your persistence choices are limited.
If I understand, your original problem is you are hitting your connection limit on members - due in part to the fact you are using source based persistence (needed for SSL only)
First a couple of questions:
Why are you limited to 4000 connections per member?
IS it an option to add more Squid servers ? (scale horizontal)
Second a suggestion:
Set up another virtual server and associated pool for SSL only, use source based persistence, don't use OneConnect if it proves troublesome. Configure client browsers to point to this virtual server for SSL, leaving the orignial virtual server for http to run OneConnect and no persistence which should alleviate some of the load imposed on individual pool members and more evenly distribute load.