OneConnect Profile with Cookie Persistence

Hi Muhammad,

Can you please share what is your one connect profile source mask.

When using cookie persistence without OneConnect, the BIG-IP system makes a load balancing decision once per TCP connection, not per HTTP request. This means that if multiple HTTP requests are sent over the same TCP connection (due to Keep-Alive), they will all be routed to the same pool member—even if cookie persistence is configured. You can see the packet by packet detailed explanation in the article link that you have pasted.

Can we talk more on the correct Configuration for Cookie Persistence with SNAT
To ensure proper load balancing and persistence behavior:

1. Enable OneConnect Profile:

OneConnect changes the load balancing decision point from TCP connection to each HTTP request.
This is crucial when SNAT is used, as all client traffic appears to come from the same IP (the SNAT IP), which would otherwise break persistence.

2. Use Appropriate Source Mask:

With SNAT Automap, use a OneConnect profile with a source mask of 0.0.0.0. This ensures that all requests are evaluated independently regardless of the source IP.

3. Configure Cookie Insert Persistence:

Use a cookie insert persistence profile with no timeout (session-based) to ensure the cookie is sent with every request.
The cookie value encodes the pool member IP and port, allowing the BIG-IP to persist sessions correctly .

Can you check on these 3