NPATH and Proxies

Question

Hi there&nbsp;
&nbsp;I'm currently dealing with an ISP which is providing a shared load balance solution for two webservers.&nbsp;
&nbsp;They are using NPATH however with some ISPs that I've tested with (They're running multiple NetCache devices) the proxy address is being used for the destination member of the pool. The outbound proxy IP changes as theyre running some sort of cluster for the NetCache devices. Basically my session state is lost between servers as the BigIP is sending each request to a different server.&nbsp;
&nbsp;Basically the following happens:&nbsp;
&nbsp;First request to the Virtual IP:
&nbsp;Source IP (which is a proxy IP) : 196.25.255.214
&nbsp;X-Forwarded-For: 41.246.207.72, 198.54.202.118 &nbsp;
&nbsp;The next request to the Virtual IP (in some times a simple refresh or form submit):
&nbsp;Source IP (which is a proxy IP) : 198.54.202.250
&nbsp;X-Forwarded-For: 41.246.207.72, 198.54.202.118 &nbsp;
&nbsp;The next request to the Virtual IP:
&nbsp;Source IP: 198.54.202.226
&nbsp;X-Forwarded-For: 41.246.207.72, 198.54.202.118 &nbsp;
&nbsp;During the entire process the HTTP headers including ASP session ID are constant and don't change. But obviously the load balancer sees the request from the different source IPs as different users and as such redirects the request to the next member in the pool.&nbsp;
&nbsp;Is there any way to prevent this happening?&nbsp;
&nbsp;I've tried sending through an iRule based on code in your samples page that looks for a cookie set by the webservers (each member has a unique ID) but they're having issues with implementing it (i've included it below)&nbsp;
&nbsp;Any suggestions would be greatly appreciated.&nbsp;
&nbsp;Thanks
&nbsp;ME&nbsp;&nbsp;
&nbsp;when RULE_INIT {
&nbsp;        set cookie_name "xdsvr"
&nbsp;        set node_forced ""
&nbsp;}&nbsp;
&nbsp;when HTTP_REQUEST {
&nbsp;        set has_cookie [HTTP::cookie exists $::cookie_name]
&nbsp;        
&nbsp;        if { $has_cookie } {
&nbsp;                set node_forced [HTTP::cookie value $::cookie_name]
&nbsp;        }
&nbsp; 
&nbsp;        if { $node_forced ne "" } {
&nbsp;  if { $node_forced eq "xd1" } {
&nbsp;          set node_ip "[[[IP ADDRESS REMOVED]]]"
&nbsp;          set node_port "80"
&nbsp;          pool OURPOOLNAME member $node_ip $node_port  
&nbsp;   } 
&nbsp;  if { $node_forced eq "xd2" } {
&nbsp;          set node_ip "[[[IP ADDRESS REMOVED]]]"
&nbsp;          set node_port "80"
&nbsp;          pool OURPOOLNAME member $node_ip $node_port
&nbsp;   }
&nbsp; }
&nbsp;}&nbsp;&nbsp;&nbsp;

the_bhattman · Answer

I had a similiar issues, so I simply used Profile Cookie persistance insert

Forum Discussion

NPATH and Proxies

1 Reply

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

R4800 snmp issues.

F5 XC JWKS auto update

PCI Compliance and ASM

irule for redirect and header injection

What happens if I activate only ASM without provisioning LTM?

Related Content

Proxy Protocol v2 Initiator

SSH forward proxy

Intelligent Proxy Steering - Office365

Proxy Protocol Initiator

What is a Proxy?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS