Forum Discussion
SSL cipher: improve performance
- Mar 20, 2015
In regards to F5 config, the most significant performance improvement would come from well-optimized caching profiles, this goes for SSL and nonSSL traffic. In my opinion, forcing the use of a specific "performance-friendly" cipher is a pseudo-improvement, it would improve performance very little to nothing, furthermore, it could cut off some users who have a device which does not support your cipher.
To conclude:
1) Take a look at your caching profiles
2) Ask the front-end team to reduce the amount of GET requests a browser has to make per page load
Good luck :)
Note: The oneconnect would indeed reduce the SSL handshakes for LTM to backend server communications. One thing to keep in mind that with this option enabled, you might also want to configure X-Forwarded-For HTTP header, so that the original source IP address of request-maker can be seen in the back-end server logs.
Why only on server side SSL encryption VIP? First you need to make the list of applications, which is highly utilized. Then decide on which VIP, you can configure Oneconnect profile.
Guys, Please correct me if I am wrong.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com