cookie persistence across services

Hi there,

 

 

Match across services/virtuals were useful features for cookie insert persistence in earlier versions of 9.x and 4.x. There is an existing CR requesting that F5 restore this functionality. Perhaps you could open a case with F5 Support and ask to have your request attached to the CR.

 

 

If you're using the same pool of HTTP servers for both VIPs, you could use the same cookie insert persistence profile on the two VIPs. This assumes you're decrypting the HTTPS and using the same pool.

 

 

If you can't use the same pool for some reason, you could potentially use an iRule to mimic the persistence across VIPs. If this is something you want to look into, I can search for some past related posts/examples.

 

 

Aaron

Thanks Aaron, I ended up using cookie hash an used the option for match across services under there.

 

 

However I was under the impression that for cookie persistence there would be no records in the persistence table. But when I go to statistics and select persistence

 

 

 

Persistence Value

 

Persistence Mode

 

Virtual Server

 

Pool

 

Pool Member

 

Age

 

115 Cookie c_http_vspubsLegacy_http_pool172.25.0.234:80 35 seconds

 

115 Cookiec_http_vsatypondc_http_pool172.25.11.115:16092 0 seconds

 

116 Cookiec_http_vspubsLegacy_http_pool172.25.0.234:80 13 seconds

 

 

I am trying to figure out what the first column is... the help reads it as client IP. I was advised that it was the hash value for the cookies....

 

 

any thoughts on what the 1st value is ?

 

 

Also I am seeing error messages like:

 

Nov 16 00:05:31 tmm tmm[1231]: 01010011:3: Persistence cookie hash failed

 

Nov 16 00:05:31 tmm tmm[1231]: 01010011:3: Persistence cookie hash failed

 

Nov 16 00:05:34 tmm tmm[1231]: 01010011: repeated 18 times

 

any thoughts?

The Support Center's response to the question about the "01010011:3: Persistence cookie hash failed" message was:

 

"... this message is logged for requests where the cookie is empty ..."

 

In 10.1 the message is more informative.

I´m a bit late with my response, sorry. This approach worked fine for me in v11:

when HTTP_REQUEST {
    if {[HTTP::cookie exists BIGipServer[getfield [LB::server pool] "/" 3]]} {
        eval [LB::select]
        node [LB::server addr] [TCP::local_port]
    } else {
        pool [LB::server pool]
    }
}

If you have i.e. 2 virtual servers (listening on port 80 and port 8080 and map them to a pool with members on port 0) the cookie will always force the incoming requests to the destination port which is encoded into the cookie value. By using the 'eval' command you can figure out the proper poolmember. But you will use the address information only and apply the initial client destination port for selecting the poolmember via node command.

The iRule above will be bound to both / all relevant virtual servers.