Forum Discussion
Active-Active DC cookie persistence
Hi team,
We have two DC, let us call them DC01 and DC02
One of HTTPs-based app requires active-active from GLSB point of view and cookie persistence is used to assure the traffic is always sent to the same pool member.
We understand the cookie encoding as F5 KB https://support.f5.com/csp/article/K6917. So we have the same pool member setup including local-site pool members and remote-site pool member with Cookie Insert at both DC. The inserted cookie is set up exactly same on LTMs in both DCs.(We proved that app client browser do get the same cookie (same name and same value) from vIP in DC01 and vIP in DC02).
But we still have issue with cookie persistence:
For example, when client session is connected to vIP at DC01 initially. When DNS cache timeout and DNS response of new DNS query points client to vIP at DC02, client will experienced 401 error. We can see all client subsequent requests have F5 inserted cookie included. But It looks like that the cookie which is inserted by LTM in the DC01 is not recognized by the LTM in the DC02. So cookie persistence is failed to send the traffic to the same pool member.
any clue of cause of our issue?
- flypastAltostratus
anybody can help?
- cjuniorNacreous
Man, I just can think that you don't have the same names and addresses on both sides. I could say you have different encryption passwords, but, I think you don't encrypt your cookies, right? I have same scenario here with two DC and working as well. I think you should trace requests with an iRule to ensure that "Authorization" and "BIGIP cookie" headers are sent and reached on the BIG-IPs. Is possible to you to share the things here with us or, is possible to you to check your setup in a lab?
Regards.
- flypastAltostratus
We don't encrypt your cookie. Thank you very much for your suggestion. Will run a lab to retest our solution.
Did you change the cookie name or are you using the default name? Are both virtual servers in the same route domain?
Cheers,
Kees
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com