For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

anujl_5566's avatar
anujl_5566
Icon for Nimbostratus rankNimbostratus
Nov 02, 2011

Persistence Cookie iRule not working as desired

when HTTP_REQUEST {   if { [HTTP::path] equals "/api/v1/sendpinonceoff" } {   HTTP::path /sendpinonceoff   pool MM-MEPD   persist none   }   if { [HTTP::path] equals "/api/v1/verifyp...
application delivery
dev
devops
iRules
Kurt_Knochner_5's avatar
Kurt_Knochner_5
Icon for Cirrus rankCirrus
Nov 03, 2011
I do not think persist none will make the browser drop cookies.

 

 

No, that's not possible, but it will tell the LB to ignore any persistency records for that connection.

 

 

BUT, i have one url for which I am doing persist none. I want to know what happens to that in this case. In short user goes to url /blah1 which has persistence gets cookie BigipServerBLAH1, and then if it goes to url /blah2, which has persist none in the profile, what happens there. I do not think persist none will make the browser drop cookies.

 

 

Well, if you set the cookie for /blah2 it will be valid for the whole domain (I'm not sure if the LB will take care of the path argument in a cookie). So, the cookie set for /blah2 will also be sent (by the browser) for /blah1 and the LB will use the persistence information stored in that cookie, EXCEPT you tell it to ignore persistency for /blah1 by using "persist none". I think I misinterpreted your frist request and iRule.

 

 

Also I cannot try what Kurt said, doing persist none and then cookie insert because what if the user goes back to the pool where default cookie is used. I am not sure if I am explaining my case properly here.

 

 

I think the iRule in your first post is not telling the whole story, and I believe we need some examples (URLs) and descriptions what the LB should do in those cases.

 

 

Regards

 

Kurt Knochner