Persistence Cookie Random Values

Question

Our QA department used to test servers by using Fiddler to override the encrypted persistence cookie value....this was in 10.2.4. They would hit the VIP and go through all the servers in the pool and use Fiddler to extract their encrypted persistence cookie value. That encrypted persistence cookie value would never change. The value was the same day in and day out. We recently upgraded to 11.5.2HF1 and now it seems that there is some randomness to the encrypted persistence cookie value. The encrypted persistence cookie value it hands out for a back end server does not stay the same. If I wait thirty minutes and hit the same VIP, the encrypted persistence cookie value will not be the same. I know what server I am hitting by an identifier at the bottom of the web page. I then look in Fiddler to see what the cookie value is and it does not match the one from thirty minutes earlier. I want to make it clear that cookie persistence is working. So nothing is "broken" except for QA not being able to override cookies and force the connection to the desired server. Is this working as intended?&nbsp;
Thanks&nbsp;

sfuerst_116779 · Answer

If the persistence cookie is set up to be encrypted, then a random IV is used to do the encryption.  (The IV is included in the base-64 encrypted result, allowing it to be decrypted again.)  This means that the same unencrypted cookie can encrypt to many different results as the IVs can differ.&nbsp;
The reason for this is so that different clients of the website will get different persistence cookies.  Cookies cannot be compared to determine any information about what the cookie originally was.  (A simpler scheme would encrypt identical cookies to the same encrypted result.  This would allow two users to see if they got the same encrypted = same unencrypted cookie, which would be a small information leak.)&nbsp;

jmc-tn_184986 · Answer

I have been searching but have not found any F5 documentation that explains this process. Do you happen to know of any that you could link?
 Thanks&nbsp;

sfuerst_116779 · Answer

This Wikipedia article describes how an IV works:
https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation&nbsp;
Unfortunately, I don't think the exact algorithm used is documented anywhere public.&nbsp;

Forum Discussion

Persistence Cookie Random Values

3 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Software Downgrade from version 17.x.x to 15.x.x

Error diskmonitor

CPU utilization of F5OS on r2600

sslprovide (--f5 ssl) does not generate CLIENT/SERVER_TRAFFIC_SECRET on server-side TLS traffic

Hardware replacement i2800 to r2600

Related Content

Decoding the IPv4 address from the persistence cookie

How OneConnect Profile works with Cookie Persistence

Persistence Cookie Logger

Persistence Cookie Logging

F5 XC – Persistence and Resiliency pt. I (persistence)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS