Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

rogerwow's avatar
rogerwow
Icon for Nimbostratus rankNimbostratus
May 08, 2019

Low-CPU way to insert CorrelationID

We would like to implement a correlationID HTTP header for every HTTP message that comes through the frontend VLAN.   i.e. it's going to need to inspect every single HTTP and   if there is ...
application delivery
big-ip
irules
Dario_Garrido's avatar
Dario_Garrido
Icon for Noctilucent rankNoctilucent
May 08, 2019

Hello rogerwow

Depending on your application, you could use cookie persistence to generate a random number for each query, which is less cost intensive.

REF - https://support.f5.com/csp/article/K83419154

Other option is to implement an iRule. Below is one idea.

when HTTP_REQUEST {
    if { !([HTTP::header exists "X-Correlation-ID"])} { HTTP::header insert "X-Correlation-ID" [string range [AES::key 256] 8 end] }
}

Other interesting topics to generate unique identifiers.

REF - https://devcentral.f5.com/questions/how-to-generate-visitor-id-uuid

REF - https://devcentral.f5.com/questions/How-random-is-rand-790690

To evaluate the cpu cost you should try it first in pre-production.

 show ltm rule IRULE_NAME

KR, Dario.