Hi there...I have implemented an 11501 w/SSLM in our environment, and when the app teams are doing their testing, they are telling me thet the performance and speed is degraded when they are testing against the VIP versus against the actual backend host. I have done as much troubleshooting as I can and there is nothing out of the ordinary that I can see....below is a copy and paste of the relevant config portions.....maybe someone else can see something there that would explain this abnormal behavior...their testing took about 8 mins when they went straight to the host, and about 20 mins when they tested against the VIP...

Thanks in advance,

Sandeep

ssl-proxy-list my_secure_site

ssl-server 1

ssl-server 1 cipher rsa-with-rc4-128-md5 161.19.55.81 81

backend-server 10

backend-server 10 port 81

backend-server 10 server-ip 161.19.55.74

backend-server 20

backend-server 20 port 81

backend-server 20 server-ip 161.19.55.75

ssl-server 1 vip address 161.19.55.13

backend-server 10 ip address 161.19.55.74

backend-server 20 ip address 161.19.55.75

backend-server 10 cipher rsa-with-rc4-128-md5

backend-server 20 cipher rsa-with-rc4-128-md5

ssl-server 1 rsakey services-sys_key1

ssl-server 1 rsacert services-sys

backend-server 5

backend-server 5 ip address 161.19.65.51

backend-server 5 server-ip 161.19.65.51

backend-server 5 cipher rsa-with-rc4-128-md5

active

service backend1

ip address 161.19.55.74

type ssl-accel-backend

port 81

add ssl-proxy-list my_secure_site

keepalive port 443

keepalive type ssl

protocol tcp

active

service backend2

ip address 161.19.55.75

type ssl-accel-backend

port 81

keepalive port 443

keepalive type ssl

protocol tcp

add ssl-proxy-list my_secure_site

active

service backend5

ip address 161.19.65.51

type ssl-accel-backend

port 81

add ssl-proxy-list my_secure_site

keepalive port 443

keepalive type ssl

protocol tcp

active

service ssl_front

slot 2

type ssl-accel

keepalive type none

add ssl-proxy-list my_secure_site

active

owner my_secure_site

content back

vip address 161.19.55.81

add service backend1

add service backend2

advanced-balance sticky-srcip

protocol tcp

port 81

url "/*"

active

content front

vip address 161.19.55.13

application ssl

add service ssl_front

protocol tcp

port 443

active