LTM Source Address Persistence: Prefix Length Guideline

Question

Hi all. I would like to understand the impact of using source address persistence on LTM module. By default is using /32 prefix length. I am thinking of changing this to /24 to reduce big ip persistence table/ to save LTM memory usage. Are there any guidelines to change the prefix length based on number of connections/ sessions? I am using VE platform with 2vCPU / 4GB RAM under ESXi 6.5. Thank you

rafaelbn · Answer

Hello ciscozest!&nbsp;
Never heard of it. As you said, I think the biggest impact could be in your application. For the VE it would be - if any - a better impact since the table would go down.&nbsp;
Just take make sure that in this /24 there's no users coming from behind a proxy/nat or something... You could potentially balance a lot to a specific node/pool member.&nbsp;
Cheers!&nbsp;

simon_blakely · Answer

What you need to make that decision is a statistical analysis over time (some multiple of your source IP persistence period) of incoming client IP addresses to your application. Then you can determine if any single /24 is going to cause excessive connection pinning to a pool member.

Forum Discussion

LTM Source Address Persistence: Prefix Length Guideline

Recent Discussions

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

ASM Export JSON - size Limit ?

SNI Sites not taking correct certificate.

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

F5 LTM listening on 3306

Related Content

DevCentral Community Guidelines

Decoding the IPv4 address from the persistence cookie

Multi-Cluster, Multi-Cloud Networking for K8S with F5 Distributed Cloud – Deployment Guideline

source address persistence maximum session timeout

WAF/ASM guidelines

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS