fallback persistence

Question

Do you guys know the algorithm behind the Fallback persistence? 
&nbsp; I'm using cookie insert method for one of our customers and everything is working fine. I set up a fallback persistence to source IP just in case... (one client was complaining once before, but we weren't able to reproduce the persistence problem). 
&nbsp;  
&nbsp; I decided to test it. 
&nbsp; I'm logging in to the website and blocking the cookie using Firefox's "Extended Cookie Manager". Persistence fails right after. 
&nbsp; It seems that Fallback persistence is not kicking in :/ 
&nbsp;  
&nbsp; Idea explanation for it? 
&nbsp;

hooleylist · Answer

If you check the persistence records using the GUI under Statistics | Persistence or the CLI using 'b persist all show all', do you see a source address persistence record?  You might try using an iRule to log the source address persistence using persist lookup (Click here) and the LB_SELECTED and LB_FAILED events.   
&nbsp;  
&nbsp; Aaron

lipos_54863 · Answer

I will definitely try it, but I get the impression that fall-back source IP persistence should kick in if cookie is blocked? 
&nbsp;  
&nbsp; Thx

hooleylist · Answer

Hi lipos, 
&nbsp;  
&nbsp; You're correct that the fallback persistence method should be used if the client doesn't present a valid persistence cookie. 
&nbsp;  
&nbsp; Which LTM version are you running?  Are you on a platform and version which supports CMP?  If so, is CMP enabled on the virtual server?  You can check SOL7751 (Click here) for details on CMP and its incompatibility with many features. 
&nbsp;  
&nbsp; Aaron

lipos_54863 · Answer

CMP is enabled on the VS. 
&nbsp; Any idea? 
&nbsp;  
&nbsp; - A rate class - not running any 
&nbsp; - iRules global variables - no using it 
&nbsp; - A persistence profile or iRule using a method other than cookie persistence - using insert cookie persistence as primary peristance 
&nbsp; - Traffic Management Operating System (TMOS) plug-ins - nope 
&nbsp; - An SSL profile is referenced, but SSL CMP is not licensed for the system - nope

hooleylist · Answer

If you're trying to use fallback source address persistence that is a persistence method other than cookie insert persistence and therefore LTM would need to store the persistence info in memory.  As far as I'm aware that memory is specific to the TMM the request is handled by.  So if you're seeing CMP actually used on the VIP, then it might explain the failure.  If you explicitly disable CMP on the VIP and retest, do you still see the persistence failure? 
&nbsp;  
&nbsp; Aaron

Forum Discussion

fallback persistence

6 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Decoding the IPv4 address from the persistence cookie

Setting up persistence in F5 XC

Transparent Kerberos Authentication and APM fallback authentication

HTTPS passthrough fallback URL

Cookie persistence with source IP as fallback