Forum Discussion
NimbostratusPersistence across services
Hi, we have 2 virtual servers for the same application to HTTP and HTTPS. The application use the same pool member nodes.
The Virtual servers uses SNAT automap due to be installed in a Flat network.
The servers does not use cookies for maintain session (they use a session ID which is has a different name in each access). The servers need to be accessed though HTTPS for login only and then redirect to HTTP.
We think about the Match across services persistence, but we cannot use Cookie hash because the server does not use cookies, and also we cannot use source IP address persistence because several connections came from behind a NAT device.
Keeping in mind this scenario, what iRule do you recommend?
Thanks in advance
Best regards
Sergio
13 Replies
Daniel_TavernieCirrostratus
Sergio,
Have you considered using separate virtual servers, a single wildcard pool, and standard cookie insert persistence as proposed by Deb Allen?
https://devcentral.f5.com/articles/persisting-across-virtual-servers
This does also work with two identical wildcard pools, but requires a custom cookie name (so that the same cookie will be applied to the different pools).
Using a custom HTTP profile you can also encrypt the cookie.
Sergio_MagraThanks a lot, tabernarious.
The link is very useful, and also your comments about the monitors with Alias Port.
Best regards
- Sergio_Magra
One comment regarding the iRule proposed.
The option of encrypting/decrypting increases notoriusly the load of the BIG-IP (20% more of CPU usage). Just to keep in mind
Thanks a lot
Best regards
