iRules to enable universal persistence not enabling persistence

Question

Here's the setup:&nbsp;
I have a virtual server. I have 2 iRules (see below) assigned to it as resources.&nbsp;
From the server log it looks like that the rules are running and they select the correct member&nbsp;
from the pool after persisting the session (as far as I can tell based on my log messages), but the requests are ultimately directed to somewhere else.&nbsp;
Here's how both rules look like:&nbsp;
when HTTP_RESPONSE {&nbsp;
  set sessionId [HTTP::header X-SessionId]&nbsp;
  if {$sessionId ne ""} {&nbsp;
    persist add uie $sessionId 3600&nbsp;
    log local0.debug "Session persisted: &lt;$sessionId&gt; to &lt;[persist lookup uie $sessionId]&gt;"&nbsp;
  }&nbsp;
}&nbsp;
 &nbsp;
when HTTP_REQUEST {&nbsp;
  set sessionId [findstr [HTTP::path] "/session/" 9 /]&nbsp;
  if {$sessionId ne ""} {&nbsp;
     persist uie $sessionId&nbsp;
     set persistValue [persist lookup uie $sessionId]&nbsp;
     log local0.debug "Found persistence key &lt;$sessionId&gt; : &lt;$persistValue&gt;"&nbsp;
  }&nbsp;
}&nbsp;
According to the log messages from the rules, the proper balancer members are selected.&nbsp;
Note: the two rules can not conflict, they are looking for different things in the path. Those two things never appear in the same path.&nbsp;
Notes about the server:&nbsp;
The default load balancing method is RR.&nbsp;
There is no persistence profile assigned to the virtual server.&nbsp;
I'm wondering if this should be adequate to enable the persistence, or alternatively, do I have &nbsp;
to combine the 2 rules and create a persistence profile with them for the virtual server?&nbsp;
Or is there something else that I have missed?&nbsp;

nitass · Answer

have you tried oneconnect profile? 
&nbsp;  
&nbsp; sol7964: Persistence may fail for subsequent requests on Keep-Alive connections 
&nbsp; http://support.f5.com/kb/en-us/solutions/public/7000/900/sol7964.html

zoltan_101727 · Answer

Thanks, that looks like something worth looking into.

what_lies_bene1 · Answer

Why are you trying to persist the server responses, that doesn't make sense?

zoltan_101727 · Answer

Not trying to persist server responses. I'm adding the server that server the request to the "persistence map" with the key that is in that response header (persist add uie ...) . Subsequent requests containing that same key will be server by the same server as the one that had the key/sessionid in the response (persists uie ...). At least that's the intent.

zoltan_101727 · Answer

As the link by nitass suggested, I've modified the rule to make sure that keep-alive connections are not interfering with the session persistence: 
&nbsp;  
&nbsp;  if {$sessionId ne ""} { 
&nbsp;      Added this line: 
&nbsp;      LB::detach 
&nbsp;  
&nbsp;      persist uie $sessionId 
&nbsp;  
&nbsp;      set persistValue [persist lookup uie $sessionId] 
&nbsp;  
&nbsp;      log local0.debug "Found persistence key &lt;$sessionId&gt; : &lt;$persistValue&gt;" 
&nbsp;  
&nbsp;   } 
&nbsp;  
&nbsp; Thanks!

Forum Discussion

Recent Discussions

Errors with AS3 3.56.0 with F5 17.5.1.6

F5 ASM/AWAF – violations logged but no learning suggestions generated

F5 VELOS Backplane Inter-Tenants Communication

migrate from serie I to R. Cluster LTM-GTM

Best Practice guide for enabling Attack signature In BIG-IP ASM

Related Content

XFF Universal Persistence iRule

F5 XC – Persistence and Resiliency pt. I (persistence)

Overview of MITRE ATT&CK Tactic : TA0003 - Persistence

Weblogic JSessionID Persistence

SOCKS5 SSL Persistence