Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
SDN 101: An Introduction to Software Defined Networking
Discover the advantages of SDN.
SDN has quickly become one of the hottest trends in IT. But not all SDN solutions offer real software-defined functionality. As more enterprises consider SDN, they want to know, “What is SDN? And what are the real benefits?” If you're ready to explore the advantages of SDN, and want to know how it should be implemented within your enterprise, start by reading our introductory white paper.
Click Here to receive this Complete Guide absolutely free.
well you've said nothing about what these ssl servers are. I manage a number of F5 LTM's, which are just about *the* top end for dedicated ssl offload, and if you have a device as good as that, with physical SSL offload hardware, then use them if you can, absolutely. your cert only needs to exist on the device doing the SSL, so if that's on offload engine, that's one place, if it's 10 phsyical servers, that's 10 copies... it depends a lot on how SSL is used though in relation to the application. if the web app itself is controlling the bounce up to https from http based on various parameters, then that can be very tricky to extract from the app to an engine, but if it's an all or nothing thing it should be very simple.
>well you've said nothing about what these ssl servers are.
Sorry for the lack of reply, I never received anything showing a reply to this thread.
The hardware is Lucent, I don't have the model number handy but can get it. They handle about 200 sessions each and can be chained. I have several of them. Hardware is not much of a problem though, I can get what ever I need pretty much.
>offload hardware, then use them if you can, absolutely. your cert only >needs to exist on the device doing the SSL, so if that's on offload
>engine, that's one place, if it's 10 phsyical servers, that's 10 >copies... it depends a lot on how SSL is used though in relation to the >application.
Right, so if I use multiple SSL servers, then I need certs on each one.
>if the web app itself is controlling the bounce up to https from http >based on various parameters, then that can be very tricky to extract
>from the app to an engine, but if it's an all or nothing thing it
>should be very simple.
Well, I've had these things sitting here for some time and would like to put them to some good use. Plus, it would offload the servers anyhow which is always good.
But since I've not used them, I was/am not sure about some things, you know, if things get weird or complicated when using external SSL servers like this.