Layer-7 load balancer based on HAProxy vmware appliance. w sp New flow from client -> LB inet h.dstmac == Mac(LB) AND h.dstip == Ip(LB) AND h.dstport == 80 NewFlow? tcp_cl = Tcp.new d_cl = Data.new h_cl = h Client to LB traffic. Buffer data in d_cl inet h.dstmac == Mac(LB) AND h.dstip == Ip(LB) AND h.dstport == 80 ! NewFlow? s.tcp_cl.Recv(h) AND s.d_cl.Append(d) LB to client traffic, with data from d_ls if available s.tcp_cl.Ready? s.tcp_cl.Send(Rev(s.h_cl)) s.tcp_cl.Send(s.d_ls.Read) Entire URL/cookie becomes available in d_cl. Hence create LS TCP connection and d_ls. Set state: hls^rev to s. s.d_cl.UrlReady? w = SrvrSelect s.tcp_ls = Tcp.new s.d_ls = Data.new s.h_ls = Dnat_fwd(s.h_cl, w, s.tcp_ls.srcport) Server to LB traffic. Update tcp_ls and d_ls srvr h.srcmac == Mac(W) AND h.srcip == Ip(W) AND h.srcport == 80 s.tcp_ls.Recv(h) AND s.d_ls.Append(d) LB to server traffic when tcpls becomes ready. Reads traffic from d_ls if available. s.tcp_ls.Ready? s.tcp_ls.Send(s.ls) s.tcp_ls.Send(s.d_cl.Read)