Richard_Bedford
Mar 27, 2008Nimbostratus
Confirming LTM node persistence between pools?
Hi All,
Currently have an LTM (9.4) load balancing a group of IIS/Sharepoint sites. We originally had problems with being able to 'save' (post) information to the site but have formulated a fix by enabling SSL on the IIS servers and using the following (and I appreciate that a better solution would be to 'fix' the application...):
* an HTTP profile set with rechunk and header-erase 'Accept-Encoding'
* a streams profile to change http://nameofsite to https://nameofsite
* a persistence profile using client IP address and a time-out of 1200s
* the following iRule:
when HTTP_REQUEST {
Look for the 'POST' method - a client is posting data back to the portal
if { [HTTP::method] equals "POST" } {
Set the LTM pool to the 'SSL' enabled pool
pool SPS_SSL_pool
}
else {
Not a 'POST'...
Disable the LTM-to-server SSL profile (so LTM talks in the clear to IIS)
SSL::disable serverside
Select the HTTP only pool
pool SPS_HTTP_pool
}
}
The two pools are made up of the same servers, but one pool is on port 80 only, and the other is port 443 (we've enable SSL on IIS).
Question: we want to ensure that when a client posts data, it's actually sent to the same node in the SSL pool that it was using in the http-only pool. Will the persistence profile take care of this, even though we're switching pools and services? (looking at the stats seems to indicate this, but those higher up need an definitive answer before we can implement this as a fix).
Cheers,
Richard