For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Dennis_Zwahlen_'s avatar
Dennis_Zwahlen_
Icon for Nimbostratus rankNimbostratus
Apr 29, 2005

Emulate SSL persistenc profile for LTM terminated SSL

What do I need to account for in my iRule to emulate the ssl persistence profile? We need to find a way to keep sticky connections when the ssl is terminated on the LTM. Any help is greatly apprecia...
application delivery
dev
devops
iRules
Craig_Hammer_10's avatar
Craig_Hammer_10
Icon for Nimbostratus rankNimbostratus
May 10, 2005
Lots of conflicting info regarding LTM terminated SSL....

 

 

Can anyone explain the difference between these four rules, and which one will actually provide persistance for an LTM terminated SSL session?

 

 

Also, can anyone provide guidance regarding when to use "SSL::current_sessionid" vs. "SSL::sessionid" vs. "SSL::modssl_sessionid_headers" ?

 

 

1:

 

rule insert-and-persist-ssl-sessionid {

 

when HTTP_REQUEST {

 

HTTP::header insert ses_num SSL::current_sessionid

 

persist ssl

 

}

 

}

 

 

2:

 

rule insert-and-persist-ssl-sessionid {

 

when HTTP_REQUEST {

 

HTTP::header insert ses_num SSL::current_sessionid

 

persist uie

 

}

 

}

 

 

3:

 

rule insert-and-persist-ssl-sessionid {

 

when CLIENTSSL_HANDSHAKE {

 

persist uie [SSL::current_sessionid]

 

}

 

}

 

 

4:

 

rule insert-and-persist-ssl-sessionid {

 

when CLIENTSSL_HANDSHAKE {

 

persist ssl [SSL::current_sessionid]

 

}

 

}

 

 

Thank you