For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Mohanish_169493's avatar
Mohanish_169493
Icon for Nimbostratus rankNimbostratus
Nov 21, 2015

Need help with Cookie persistence

Hi,

 

We have an application configured as VIP over the F5 BIGIP LB. Its a stateful application where the user is made to login with his credentials. The problem is there are trainings in the application during the which the user session remains idle. However after completing training when the user again tries to interact with application it breaks throwing an error. User is unauthorised.

 

We are using Cookie persistence over the application with Cookie insert over LB. However the application team based on the logs in application are suspecting that user connections are not persisting on the same web server causing the issue.

 

I read on internet that by default the cookie persistence has a default timeout of 180secs. Can that be the cause as user sessions remain idle for more than 10 minutes sometimes.

 

I even tried to increase the default timeout value of cookie persistence with the below command tmsh modify ltm persistence cookie cookie_sumtotal timeout 1800

 

but I am unable to see this change in bigip.conf.

 

Please if someone can help

 

application delivery
BIG-IP
cookie persistence
LTM
persistence

2 Replies

  • KarimBenyelloul's avatar
    KarimBenyelloul
    Icon for Cirrostratus rankCirrostratus
    Nov 22, 2015

    Hi Mohanish,

    As amine said you must save the configuration before seeing the modification on the bigip.conf .

    On the other hand, the best way to troubleshoot your issue is to take a tcpdump while the issue is occuring

    tcpdump -ni 0.0:nnn -s0 host client_ip or host pool_member1 or host pool_member2 or ... or host pool_memberX

    You'll be able to see if your client requests go to another pool member or stick to the same.