I have an external (public facing) VS which has one single pool member which is actually the internal VS.
client --> external VS time.domain.com ---> Pool Member (internal VS time.domain.com). SSL pass-through with no persistence (no persistence set up on the Pool Member aka internal VS).
internal VS time.domain.com ----> Pool - time.domain.com_pool (5 node cluster of time servers) - SSL bridging with cookie persistence.
Question: Is it required to enable persistence on the external VS pool member being that its actually another VIP?
I would think so, because the ssl and tcp handshakes occur between the client and server (external VS is ssl passthrough no L7 inspection), then another session is established between the external VS and the internal VS. Hope this makes some sense to everyone. Clients have been experiencing disconnects last few days and nothing has changed.
To my knowledge, internal VS would need oneconnect profile with cookie persistence. External VS won't need persistence/oneconnect as it would have only 1 pool member (i.e. internal VS)
If session persistence is not working, clients would receive some other error but not the reset/disconnect. So please investigate the reason for the disconnect it could be something on the network, or pool members having issue.
