Forum Discussion

F5_LB_Eng's avatar
Icon for Cirrostratus rankCirrostratus
Dec 09, 2011

Need better solution for my issue

I need information that would tell me that changing our persistence method to SSL ID will cause all requests from a specific browser session to get 'stuck' to a specific web server even if multiple computers use the same proxy and therefore the same source IP address.



The problem I am trying to solve is that we have some large users of our application that go through a proxy and therefore have the same source ip address. I am trying to find a way to use sticky sessions that will 'stick' a particular computer or browser session to one of our web servers instead of basing it on source IP address because the use or source ip doesn't work when a large amount of traffic comes through one proxy server and they all have the same source ip address.


2 Replies

  • Hi,



    Are you decrypting the traffic on LTM? If so, I'd suggest using cookie insert persistence as it's very effective and lightweight for LTM.



    SSL session ID persistence will be more granular than but is subject to failures if the client negotiates a new SSL session ID frequently"



    sol3062: Using SSL (Session ID) persistence




  • Hamish's avatar
    Icon for Cirrocumulus rankCirrocumulus
    SSL ID always used to work when I used it. Including through a proxy (Very important in the old days for so called super proxies etc). However it didn't used to work so well where the browser renegotiates the SSL ID... (Very bad for some old versions of IE that used to renegotiate every minute or so).



    I take it that you're passing the SSL though to the back end instead of offloading? (If you were offloading, you might be able to ensure the new sessionid persisted to the same place as the old by intercepting the SSL events).