For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Frank_29877's avatar
Frank_29877
Icon for Nimbostratus rankNimbostratus
Feb 14, 2011

Meaning of Session Persistence

The doc on configuring persistence says "The primary reason for tracking and storing session data is to ensure that client requests are directed to the same pool member throughout the life of a sessio...
config
design
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Feb 15, 2011
Hi Frank,

 

 

Thanks for the additional info. If the traffic is encrypted through the LTM virtual server, there isn't much LTM can do to break up the application "requests" and send them to different pool members. ie, OneConnect or other attempts at breaking up the connections wouldn't really help as LTM cannot inspect the application traffic.

 

 

If you can use SSL session ID persistence you would have persistence throughout the SSL session and avoid pinning one client to one pool member forever. A new load balancing decision would be made each time LTM sees an SSL session ID which is not already mapped to a pool member. This wouldn't make a big difference though if the clients aren't opening new connections.

 

 

To move connections off of a pool member you want to do maintenance on, you could set the pool's action on service down to reset or reselect. You'd then want to make the monitor fail to trigger the action on service down action.

 

 

Aaron