CARP Hash Persistence

Question

I couldn't find anything in the docs on how to set this up. I've done what I think is correct but am surprised to see when I refresh a request it hits all three of my proxies. 
&nbsp;  
&nbsp; I've created a Hash Persistence profile with CARP enabled. I created the following iRule and applied it to the new Hash profile. 
&nbsp;  
&nbsp; when HTTP_REQUEST { 
&nbsp;      persist hash [HTTP::uri] 
&nbsp; } 
&nbsp;  
&nbsp; I then added the new persistence profile to my virtual server load balancing my proxies. I tested hitting "http://www.whatismyip.com/". With each refresh I see one of my three proxy IP's. With the older election hash iRule I'd always see only one of the three. 
&nbsp;  
&nbsp; Did I set this up right?  Are the results correct? 
&nbsp;  
&nbsp; Thanks, 
&nbsp; Vince 
&nbsp;

spark_86682 · Answer

Well, your iRule is selecting regular hash persistence, so it won't use the CARP-like algorithm, no. You either need to use "persist carp [HTTP::uri]" if you're on 10.1, or you need to do your text selection entirely through the persistence profile (start/end pattern, or offset/length). For doing it off uri, since HTTP requests look like "  ", you could probably do a start and end pattern of a single space, but I haven't tested that.

vincekahn_97184 · Answer

That makes sense but what's the point of selecting "CARP" in the persistence profile?  If I'm doing it in the iRule then why have bother with the persistence profile?

vincekahn_97184 · Answer

I've done some additional testing and can't account for the results.  I removed the persistence profile and created a simple irule: 
&nbsp;  
&nbsp; when HTTP_REQUEST { 
&nbsp; persist carp [HTTP::uri] 
&nbsp; } 
&nbsp;  
&nbsp; With this I see the same results.  My requests for http://www.whatismyip.com are spread across all three servers with each refresh.  Shouldn't CARP force the identical request to just one of my proxy nodes?  I also tried "HTTP::host".  I expected the hash to always direct me to one proxy.  It did not.  If same requests are randomly hitting all three servers in my pool what's the point of using CARP?

vincekahn_97184 · Answer

For anyone that's interested I believe this is resolved.  A few points made clear by F5 support. 
&nbsp;  
&nbsp; 1.  Needed to enable oneConnect for my proxy vip 
&nbsp; 2.  Hash persistence profile, set timeout to 0 
&nbsp; 3.  iRule needed to use "persist hash" not "persist carp" 
&nbsp;  
&nbsp; This is best practice.

spark_86682 · Answer

As for OneConnect, yeah, for multiple requests over the same connection, you'll want that. It's so first-nature to me I never suspect it isn't there. 
&nbsp;  
&nbsp; As for the other two points, that sounds really wrong to me. I'm sure your persistence is working with that config, but I'm also 99.9% sure it won't be using the CARP-like algorithm. I will run some tests and post back what I find.

Forum Discussion

CARP Hash Persistence

6 Replies

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

df -h /shared file missing

SSO login for APM Profiles

Need Advice on below issue

Virtual Server Configuration requirements for ISO 8583 traffic (Single persistent TCP session)

threat hunting guide

Related Content

F5 XC – Persistence and Resiliency pt. I (persistence)

Would the "Match accross services" work with carp based hash persistence?

What is the "Ring Hash" Load-Balancing Algorithm?

Is there a way for me to view the hash table used for hash based persistence?

Revisiting Hash Load Balancing and Persistence on BIG-IP LTM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS