Forum Discussion

Luca_55898's avatar
Luca_55898
Icon for Nimbostratus rankNimbostratus
Jul 29, 2011

TCP Termination on VIP

Hello,

 

 

When traffic flows through an F5 to a VIP - then to a pool, what happens to the TCP connection?

 

 

Is the inbound TCP connection terminted on the F5, then re-established from the F5 to whatever node in the pool?

 

 

I'm just trying to understand a bit more about what happens to the connections as they flow through a LTM

 

 

thanks,

 

2 Replies

  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus
    Luca

     

     

    It all depends on virtual server type. This askf5 doc was referenced in another post recently as is really useful:

     

     

    http://support.f5.com/kb/en-us/solutions/public/8000/000/sol8082.html?sr=15762150

     

     

    N
  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus
    The short answer to save you having to decode the soln note :) is that unless it's a fastL4 connection, then the BigIP acts as a full proxy. The original tcp connection is terminated in tim and then tim opens a new one. When tim opens a new one, it can hide its own connection by default with YOUR IP address and port as the source, or using one of its own address (SNAT).

     

     

    The target IP for the connection is the pool member ip:port, but you can disable NAT on the VS and have the pool member used as a router to the VS address (n-path).

     

     

    H