SSL persistence

SSL persistence is a type of persistence that tracks SSL sessions using the SSL session ID, and it is a property of each individual pool. Using SSL persistence can be particularly important if your clients typically have translated IP addresses or dynamic IP addresses, such as those that Internet service providers typically assign. Even when the clients IP address changes, Local Traffic Manager still recognizes the session as being persistent based on the session ID.
You might want to use SSL persistence and source address affinity persistence together. In situations where an SSL session ID times out, or where a returning client does not provide a session ID, you might want Local Traffic Manager to direct the client to the original node based on the clients IP address. As long as the clients simple persistence record has not timed out, Local Traffic Manager can successfully return the client to the appropriate node.

SSL persistence profile

Setting	Description	Default Value
Name	Specifies a unique name for the profile. This setting is required.	No default value
Persistence Type	Specifies the type of persistence profile. This setting is required.	SSL
Match Across Services	Specifies that all persistent connections from a client IP address that go to the same virtual IP address also go to the same node.	Disabled (Cleared)
Match Across Virtual Servers	Specifies that all persistent connections from the same client IP address go to the same node.	Disabled (Cleared)
Match Across Pools	Specifies that the BIG-IP system can use any pool that contains this persistence entry.	Disabled (Cleared)
Timeout	Specifies the number of seconds before a persistence entry times out. That is, this setting sets the SSL session ID timeout value, which determines how long the BIG-IP system stores a given SSL session ID before removing the ID from the system. For background information on setting timeout values, see Chapter 1, Introducing BIG-IP Local Traffic Manager.	300
Override Connection Limit	Specifies, when checked (enabled), that the system allows you to specify that pool member connection limits are overridden for persisted clients. Per-virtual connection limits remain hard limits and are not overridden.	Disabled (Cleared)