Forum Discussion

Larry_Wilks's avatar
Larry_Wilks
Icon for Altostratus rankAltostratus
Feb 11, 2026

Connections appear not to use Persistence

I have created some new Pools, VIPS, WideIP List and published to the organization. It appears that when a user connects to the FQDN they land on NodeA, but when they log into the application they ar...
application delivery
deployment
Larry_Wilks's avatar
Larry_Wilks
Icon for Altostratus rankAltostratus
Feb 13, 2026

zamroni777

Node A is one of five servers in the LTM pool for LTM VIP.

We are not doing full GSLB between datacenters for this implementation. 

We have two load balancers in datacenter one in HA configuration on which the VIP, Pool, and nodes are configured.

VIP "myhttps_vs" uses Pool "myhttps_pool", which has five node members "myhttps1", "myhttps2", so on... 
If all five nodes are active/enabled we experience issues logging into the https application.  If we force four nodes out of service, then everything functions as expected.

Paulius's avatar
Paulius
Icon for MVP rankMVP
Feb 14, 2026

Can you provide your configuration of the VIP in question and it's associated configuration?

  • Larry_Wilks's avatar
    Larry_Wilks
    Icon for Altostratus rankAltostratus
    Feb 16, 2026

    Paulius​  
    Here ya go...  I appreciate the assistance.

     

    ### pools ###

    ltm pool /Common/ge_pacs_zfp_80_pool {

    description "GE PACS Zero Footprint Port 80 Pool"

    members {

    /Common/gepacszfp01.mydomain.com:80 {

    address 10.200.200.89

    }

    /Common/gepacszfp02.mydomain.com:80 {

    address 10.200.200.90

    }

    /Common/gepacszfp03.mydomain.com:80 {

    address 10.200.200.140

    }

    }

    monitor /Common/ge_pacs_80_tcp_half_open_monitor

    }

    ltm pool /Common/ge_pacs_zfp_443_pool {

    description "GE PACS Zero Footprint Port 443 Pool"

    members {

    /Common/gepacszfp01.mydomain.com:443 {

    address 10.200.200.89

    }

    /Common/gepacszfp02.mydomain.com:443 {

    address 10.200.200.90

    }

    /Common/gepacszfp03.mydomain.com:443 {

    address 10.200.200.140

    }

    }

    monitor /Common/ge_pacs_443_tcp_half_open_monitor

    }

    ltm pool /Common/ge_pacs_zfp_8443_pool {

    description "GE PACS Zero Footprint Port 8443 Pool"

    members {

    /Common/gepacszfp01.mydomain.com:8443 {

    address 10.200.200.89

    }

    /Common/gepacszfp02.mydomain.com:8443 {

    address 10.200.200.90

    }

    /Common/gepacszfp03.mydomain.com:8443 {

    address 10.200.200.140

    }

    }

    monitor /Common/ge_pacs_8443_tcp_half_open_monitor

    }

    ltm pool /Common/ge_pacs_zfp_28818_pool {

    description "GE PACS Zero Footprint Port 28818 Pool"

    members {

    /Common/gepacszfp01.mydomain.com:28818 {

    address 10.200.200.89

    }

    /Common/gepacszfp02.mydomain.com:28818 {

    address 10.200.200.90

    }

    /Common/gepacszfp03.mydomain.com:28818 {

    address 10.200.200.140

    }

    }

    monitor /Common/tcp

    }

     

    ### virtual servers ###

    ltm virtual /Common/ge_pacs_zfp_443_vs {

    creation-time 2025-11-06:15:08:02

    description "GE PACS Zero Footprint Port 443"

    destination /Common/10.200.200.228:443

    ip-protocol tcp

    last-modified-time 2025-12-01:14:32:35

    mask 255.255.255.255

    persist {

    /Common/source_addr {

    default yes

    }

    }

    pool /Common/ge_pacs_zfp_443_pool

    profiles {

    /Common/fastL4 { }

    /Common/http { }

    }

    serverssl-use-sni disabled

    source 0.0.0.0/0

    source-address-translation {

    pool /Common/pacs200

    type snat

    }

    translate-address enabled

    translate-port enabled

    }

    ltm virtual /Common/ge_pacs_zfp_8443_vs {

    creation-time 2025-11-06:15:09:25

    description "GE PACS Zero Footprint Port 8443"

    destination /Common/10.200.200.228:8443

    ip-protocol tcp

    last-modified-time 2026-02-11:15:44:13

    mask 255.255.255.255

    persist {

    /Common/source_addr {

    default yes

    }

    }

    pool /Common/ge_pacs_zfp_8443_pool

    profiles {

    /Common/fastL4 { }

    /Common/http { }

    }

    serverssl-use-sni disabled

    source 0.0.0.0/0

    source-address-translation {

    type automap

    }

    translate-address enabled

    translate-port enabled

    }

    ltm virtual /Common/ge_pacs_zfp_28818_vs {

    creation-time 2025-11-06:15:07:29

    description "GE PACS Zero Footprint Port 28818"

    destination /Common/10.200.200.228:28818

    ip-protocol tcp

    last-modified-time 2026-02-11:15:44:47

    mask 255.255.255.255

    persist {

    /Common/source_addr {

    default yes

    }

    }

    pool /Common/ge_pacs_zfp_28818_pool

    profiles {

    /Common/fastL4 { }

    /Common/http { }

    }

    serverssl-use-sni disabled

    source 0.0.0.0/0

    source-address-translation {

    type automap

    }

    translate-address enabled

    translate-port enabled

    }

     

    ### virtual address ###

    ltm virtual-address /Common/10.200.200.228 {

    address 10.200.200.228

    arp enabled

    icmp-echo enabled

    mask 255.255.255.255

    traffic-group /Common/traffic-group-1

    }

     

    ### health monitor ###

    ltm monitor http /Common/ge_pacs_zfp_all_services_health {

    adaptive disabled

    defaults-from /Common/http

    description "GE PACS Zero Footprint HTTP Health Monitor"

    interval 15

    ip-dscp 0

    password %password%

    recv none

    recv-disable none

    send "GET /\r\n"

    time-until-up 0

    timeout 16

    username someuser

    }

    ltm monitor tcp-half-open /Common/ge_pacs_80_tcp_half_open_monitor {

    defaults-from /Common/tcp_half_open

    destination *.80

    interval 15

    time-until-up 0

    timeout 16

    }

    ltm monitor tcp-half-open /Common/ge_pacs_85_tcp_half_open_monitor {

    defaults-from /Common/tcp_half_open

    destination *.85

    interval 15

    time-until-up 0

    timeout 16

    }

    ltm monitor tcp-half-open /Common/ge_pacs_443_tcp_half_open_monitor {

    defaults-from /Common/tcp_half_open

    destination *.443

    interval 15

    time-until-up 0

    timeout 16

    }

    ltm monitor tcp-half-open /Common/ge_pacs_8443_tcp_half_open_monitor {

    defaults-from /Common/tcp_half_open

    destination *.8443

    interval 15

    time-until-up 0

    timeout 16

    }

     

    ### persistence ###

    ltm persistence cookie /Common/cookie {

    always-send disabled

    app-service none

    cookie-encryption disabled

    cookie-encryption-passphrase %password%

    cookie-name f5

    encrypt-cookie-poolname disabled

    expiration 0

    hash-length 0

    hash-offset 0

    httponly enabled

    method insert

    mirror disabled

    override-connection-limit disabled

    secure enabled

    }

     

     

    • Paulius's avatar
      Paulius
      Icon for MVP rankMVP
      Feb 17, 2026

      I see that you provided the cookie persistence profile but I don't see that as the configured profile. Can you please provide the configuration for the src IP persistence profile? Additionally, if you tried cookie persistence you would encounter issues on HTTPS traffic because you are not decrypting traffic at the virtual server (VS) which would allow you to see and insert a cookie. You also would need to remove the fastL4 profile from the VS for cookie persistence to work. The way the VS's are configured currently, with the exception of port 80 you will have issues with the http profile being associated to the VS's. Last bit here is that you do not need to configure a health monitor per port because when you associate the health monitor to the pool without a destination port defined the health monitor will automatically use the port that the pool member has configured. Now if in the future you wanted to change the health monitor to go to an alternate port than what the pool member has configured you would want a health monitor per pool.