Okay I'll try to explain this with my poor English.
As you can see the below topology:
Client is using Firewall PBR and transparent proxy for internet access.
All client's http/https traficc will go through core switch->CP15600 then F5, F5 will distribute web service to proxy servers, then proxy will do the internet service for clients.
Most of web pages are ok, except this import one:
It's a live videos history link, you may click on any square to see one of Taiwan parilament live stream backup, from the source code of any video clip, you can see the video was uploaded to the following link:
With PBR+transparent proxy, most of clients can't replay this videos, they tried so many times only 1 or 2 times can display.
If traffic is not going through F5(No proxy), everything is fine, but that's not allowed.
It client using explicit proxy(Manually configured on browser), everything is fine, but that's not impossible, they claimed former firewall(Fortigate) don't need to do that.
If I turned off securexl, everything is fine, that's what they can accept, but I'm afraid of I/O issue so I turned on multiqueue and give 2 more cores to snd(There are 16 cores on CP15600).
Any better idea would be appreciated.