Forum Discussion
Peter_Wohlers_7
Nimbostratus
Nimbostratushash persistence based on source ip network
We have an application that requires persistence, but causes the client to initiate two near-simultaneous connections.
Initially I tried using a persistence profile:
profile persist source_slash24 {
defaults from source_addr
mask 255.255.255.0
}
The use of a /24 was necessary, because it seems that a significant number of our customers/readers are coming from proxies and will appear with slightly different source ip addresses.
However, the persistence records don't really get set properly because the second connection often gets initiated before the completion of the first connection.
So, I'm thinking about using an irule to set hash persistence, but instead of something simple like:
rule persnickety_application {
when HTTP_REQUEST {
pool temperamentalapplication_servers
set key [crc32 [IP::remote_addr]]
persist hash $key
}
}
which would work, were it not for the prevalence of proxies used in europe/aol, etc...
Is there a way to create a hash key for a source network, like a /24?
Any input greatly appreciated.
Thanks,
Peter
3 Replies
Peter_Wohlers_7I've come up with something that looks like it might work:
rule persnickety_application {
when HTTP_REQUEST {
set first [ getfield [IP::remote_addr] "." 1]
set second [ getfield [IP::remote_addr] "." 2 ]
set third [ getfield [IP::remote_addr] "." 3 ]
pool temperamental_servers
set client_net [ crc32 [ concat $first $second $third ] ]
persist hash $client_net
}
}
but is there a way to consolidate the three getfield operations into a single stroke?
Thoughts on how well this might work?
Thanks,
Peter- Hi Peter -
Try this:scan [IP::remote_addr] "%u.%u.%u.%u" first second third fourth
HTH
/deb - Peter_Wohlers_7This worked beautifully!
Here's the final iteration of the rule:
rule persnickety_application {
when HTTP_REQUEST {
scan [IP::client_addr] "%u.%u.%u.%u" first second third fourth
pool temperamental_servers
set client_net [ crc32 [ concat $first $second $third ] ]
persist hash $client_net
}
}
It almost seems like a better way to do source address/network persistence since it doesn't rely upon the completion of an initial connection in order to fix a destination member server. Same network/host will always go to the same destination pool member.
Thanks again,
Peter
