Jul 29, 2011

TCP Termination on VIP




When traffic flows through an F5 to a VIP - then to a pool, what happens to the TCP connection?



Is the inbound TCP connection terminted on the F5, then re-established from the F5 to whatever node in the pool?



I'm just trying to understand a bit more about what happens to the connections as they flow through a LTM





    It all depends on virtual server type. This askf5 doc was referenced in another post recently as is really useful:





    The short answer to save you having to decode the soln note :) is that unless it's a fastL4 connection, then the BigIP acts as a full proxy. The original tcp connection is terminated in tim and then tim opens a new one. When tim opens a new one, it can hide its own connection by default with YOUR IP address and port as the source, or using one of its own address (SNAT).



    The target IP for the connection is the pool member ip:port, but you can disable NAT on the VS and have the pool member used as a router to the VS address (n-path).