A TCP or UDP profile determines the type and settings of the network protocol that a subscribing virtual service will use. It sets several parameters, such as whether the virtual service is a TCP proxy versus a pass-through using a fast path. A virtual service can have both TCP and UDP enabled, which is useful for protocols such as DNS or Syslog.

Avi Load Balancer rewrites the client IP address before sending any TCP connection to the server, regardless of which type of TCP profile is used by a virtual service. Similarly, the destination address is rewritten from the virtual service IP address to the IP address of the server. The server always sees the source IP address of the Service Engine. UDP profiles have an option to disable SE source NAT.

For the UDP and TCP fast path modes, connections occur directly between the client and the server, even though the IP address field of the packet has been altered. For HTTP applications, Avi Load Balancer can insert the client’s original IP address using X-Forwarded-For (XFF) into an HTTP header sent to the server. For more information, see X-Forwarded-For Header Insertion.

The following profiles are explained in detail with information on how to create them:

• TCP Fast Path

• TCP Proxy

• UDP Fast Path

• UDP Proxy