Forum Discussion

Nimbostratus

Sep 22, 2010

OneConnect

Hi all. I'm just wondering under what situation/circumstance that an application will break when enabling OneConnect. There's a KB in Microsoft that touched on this (http://support.microsoft.com/kb/88...

config

design

L4L7_53191

Nimbostratus

Sep 30, 2010

Agreed. /32 is the safest way to go, and generally will fix any oneconnect issues that you may run into. Obviously, you'll not get the killer gains from a more wide open mask, but /32 generally gives you much of the benefit without the risks. It's also worth noting that oneconnect can actually help fix certain situations. For example, JSESSIONID persistence often (always?) won't work the way you expect without a oneconnect profile on the VIP. The same goes for plain old cookie insert in certain proxy environments.

-Matt

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

OneConnect

Recent Discussions

3rd party SFP

Custom Attack Signature for Accept Header

Upgrade to 'BIGIP-15.1.0.5-0.0.8 (Could not access configuration source; sda, 1)

how does gtm/dns monitor wild-ip pool members?

why the device certificate verify failed when the device certificate is not expired?

Related Content

How OneConnect Profile works with Cookie Persistence

Lightboard Lessons: OneConnect

What is HTTP Part VII - OneConnect

How OneConnect Profile's max-size works

OneConnect? For my iRule?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS