Forum Discussion

helenio's avatar
helenio
Icon for Nimbostratus rankNimbostratus
Apr 22, 2013

HTTP::disable keep cookie persistence

 

Hello I'm using a iRule that disable HTTP profile when a particular URI is requested (this URL calls non http traffic using port 80 !!!).

 

 

With regular URIs I have persistence with cookie.

 

 

Disabling HTTP profile the client will keep previus persistence ?

 

 

The idea is that when client request a standard URI it has HTTP profile enabled and cookie persistence and when it request the particular URI i keeps the persistence on the selected node and the traffic bypass the http profile. Anyway if the http profile is bypassed the persistence shall not be lost.

 

 

 

 

Here the Irule

 

 

when CLIENT_ACCEPTED {

 

HTTP::enable

 

}

 

 

if { [HTTP::uri] contains "deviantpoint.downloadzip/downloadzip.aspx"} {

 

HTTP::disable

 

pool xxx_pool

 

}

 

else {

 

pool xxx_pool

 

}

 

}

 

 

Anyone has comment or suggestion on that ?

 

application delivery
dev
devops
iRules

2 Replies

  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Apr 22, 2013
    I think the persistence would be maintained for the actual HTTP traffic as long as it's flowing over different TCP connections. The issue is if the same connection within a session is used for the HTTP and non-HTTP traffic. Once the HTTP::disable command is used it will apply for the lifetime of that connection and HTTP::enable won't re-enable it as the CLIENT_ACCEPTED event is only fired once when a connection is first established. Move it to a HTTP event and that won't fire either as HTTP processing has been disabled. Catch 22 really.

     

     

    However, you might be lucky and find a new connection is established just for the non-HTTP traffic - lets hope so.
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Apr 23, 2013
    Anyway if the http profile is bypassed the persistence shall not be lost.it seems persistence is also gone. 

    [root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   destination 172.28.19.252:80
   ip protocol 6
   rules myrule
   persist cookie
   profiles {
      http {}
      tcp {}
   }
}
[root@ve10:Active] config  b pool foo list
pool foo {
   members {
      200.200.200.101:80 {}
      200.200.200.111:80 {}
   }
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when CLIENT_ACCEPTED {
   log local0. "client [IP::client_addr]:[TCP::client_port]"
}
when HTTP_REQUEST {
   set uri [HTTP::uri]
   if { $uri contains ".gif" } {
      HTTP::disable
      pool foo
   } else {
      pool foo
   }
}
when SERVER_CONNECTED {
   log local0. "client [IP::client_addr]:[TCP::client_port] server [IP::server_addr]:[TCP::server_port]"
}
when HTTP_RESPONSE {
   log local0. "client [IP::client_addr]:[TCP::client_port] server [IP::server_addr]:[TCP::server_port] uri $uri"
}
}

 there were 2 http requests; the 1st one was /index.html (no.1) and the 2nd one was /f5.gif (no.4) with cookie. i assumed it is on different tcp connection, so i created a new tcp connection for 2nd request. the log showd the 2nd request was forwarded to new pool member.

[root@ve10:Active] config  tail -f /var/log/ltm
(1) Apr 23 14:59:42 local/tmm info tmm[4950]: Rule myrule : client 172.28.19.251:50884
(2) Apr 23 14:59:42 local/tmm info tmm[4950]: Rule myrule : client 172.28.19.251:50884 server 200.200.200.101:80
(3) Apr 23 14:59:42 local/tmm info tmm[4950]: Rule myrule : client 172.28.19.251:50884 server 200.200.200.101:80 uri /
(4) Apr 23 14:59:51 local/tmm info tmm[4950]: Rule myrule : client 172.28.19.251:50885
(5) Apr 23 14:59:51 local/tmm info tmm[4950]: Rule myrule : client 172.28.19.251:50885 server 200.200.200.111:80