Forum Discussion
Joshua_Rasnier
Nimbostratus
NimbostratusCookie persistence or Keepalives
Hi everyone,
Hope someone can shed some light.
Currently I am using a normal irule for a single virtual server as an example below.This virtual server is using custom cookie persistence.
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::uri]] {
"/non-ssl*" {
SSL::disable serverside
pool HTTP-pool
}
"/ssl*" {
pool HTTPS-pool
}
}
}
`
The issue I am finding is that when we browse to the non ssl website, then browse to the ssl website. When we go back to the original website all objects are coming up as 404. I have a feeling its the cookies but I thought that cookies would rewrite everytime it is forced to a new server.
One thing to note is that I found that when the 404 error occurs. Two to three minutes after you are able to refresh the page and it returns to normal operations. Which to me are a sign of keepalives being the issue, but cannot for the life of me think of why.
I was thinking of changing my irule to the following,
`when HTTP_REQUEST {
switch -glob [string tolower [HTTP::uri]] {
"/non-ssl*" {
SSL::disable serverside
persist cookie insert NONSSLCOOKIE
pool HTTP-pool
}
"/ssl*" {
persist cookie insert SSLCOOKIE
pool HTTPS-pool
}
}
}
Basically what I am asking to the more experienced, does this look like a cookie persistence issue or more of a keepalives issue?
Joshua_RasnierI have also started looking into one-connect to maybe resolve the issue but currently unsure of it.- Joshua_RasnierI have changed the cookie to the default and can confirm there are now two cookies. Also I have configured oneconnect. But there is no difference to the problem.
IheartF5_45022Nacreous
Your logic is good - what's your timeout on your cookies? Check using a browser developer tool. There's a tricky bug around 'persist cookie insert' that you have to be careful of here
- Joshua_Rasnier
Timeout of the cookie is set to expire at end of session.
- IheartF5_45022
Hi Joshy,
Could you be dropping through to the default arm (which has not been defined)? Perhaps add some logging to see what's happening. Note that with the config you have there, if the uri doesn't match the 2 arms you've defined, the request will use the pool attached to the virtual and the cookie attached to the virtual, which depending on what is there, could explain what is happening.
Hopefully the logging will explain all......
when HTTP_REQUEST { set debug 0 if {[HTTP::header exists "X-debug"]} set debug 1 } Set debug logging prefix if {$debug} {set prefix "\[[expr {int (rand() * 10000)}]\] "} switch -glob [string tolower [HTTP::uri]] { "/non-ssl*" { SSL::disable serverside persist cookie insert NONSSLCOOKIE pool HTTP-pool if {$debug} {log local0. "${prefix}[HTTP::uri] non-ssl"} } "/ssl*" { persist cookie insert SSLCOOKIE pool HTTPS-pool if {$debug} {log local0. "${prefix}[HTTP::uri] non-ssl"} } default { if {$debug} {log local0. "${prefix}[HTTP::uri] default"} } } } when LB_SELECTED { if { $debug } {log local0. "${prefix}LB_SELECTED [LB::server]"} }