Forum Discussion
Nettcp Load Balancing with F5
short description:
we got a production environment where several server are connecting to a gatway which is configured as virutal server on our F5 LTM.
The server are using nettcp to connect to the gateway (for example on port 13002) which consists of 2 nodes.
Now when the clietns are connected everything is working fine, but when one node fails the tcp connection breaks (error in the socket connection).
We have tried to solve this with the pool option "reselect" so normally there should be opened a new tcp connection from the LTM to the node which is still active. But this is not working.
Is there any possibility to ensure that the tcp connection stays open and doesn´t get closed?
Maybe someone of you has some experience with nettcp loadbalancing with F5.
BR,
Florian
- Arnaud_Lemaire
Employee
Hello, do you mean that if you don't refresh the request client side, the header won't be insert with certificate information after the SSL renegotiation ?
if that is the case, it may be because at the time you did the insert, there was no certificate presented.
what is your ssl profile parameter for client auth ? request?
- Arnaud_Lemaire
Employee
Hello, do you mean that if you don't refresh the request client side, the header won't be insert with certificate information after the SSL renegotiation ?
if that is the case, it may be because at the time you did the insert, there was no certificate presented.
what is your ssl profile parameter for client auth ? request?
- Kevin_Stewart
Employee
You're forcing a "step up" SSL renegotiation with the SSL::renegotiate command, which is happening at after the first HTTP request. Why not just set Require in the client auth section of the client SSL profile?
- Arnaud_Lemaire
Employee
Hi again, please have a look to this code : https://devcentral.f5.com/codeshare?sid=665.
As i said before, you can use the same even as you are collecting and during the event the ssl information is not present. you can modify your irule like in the this code share which is using the event HTTP_REQUEST_SEND, just before sending the request to server to add the header and ssl information.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com