Comment of TCP was a word of caution based on application signature match. TCP: syn-> syn-ack <- ack-> All standard TCP packets no payload to run signature match on. After the 3-way signature match will come into play and a l7 processing completed. If rule is based on TCP app-sig will not match until l7 processing done. Note so far this is TCP. UDP is different matter since initiating packets will have a payload to that can be l7 processed. Also if company is using any application overrides (skipping l7 processing) these can also match based on initial packet. TCP: Caution UDP: Okay App-Override (l7 skipped): Okay Most PBF I have seen in cases is more for source based routing and ISP redundancy. Not for load balancing of applications. Not to say though forcing UDP sessions or TCP (with service setup) would not work. For example in the initial question in this discussion if setup for port 8080.
... View more