For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Wouter_de_Bruin's avatar
Wouter_de_Bruin
Icon for Nimbostratus rankNimbostratus
Jun 22, 2007

Persistence from proxy servers

I have an interseting (For me anyway!) challenge:   We have 3 proxy servers which are used to access the internal websites of the company.   The websites in turn are run on 3 Webservers behind t...
application delivery
dev
devops
iRules
Deb_Allen_18's avatar
Deb_Allen_18
Historic F5 Account
Jun 25, 2007
Well, unfortunately "source port persistence" is a misnomer: All connections from the same client will use a unique source port, so you can't accomplish session persistence across multiple connections by tracking the source port.

I could see that if there was at any point only one webserver up and continuous traffic through the proxies, all traffic would continue to persist to that server even after the others were brought online, regardless of LB method chosen.

You could persist on an existing cookie value or other persistent unique value that is present in each request, but for a proxy that might be a bit of a crap shoot.

Other than a different persistence scheme, I think your only option might be to clear some or all proxy server connections to the overloaded pool member after the servers are recycled, then new traffic should then re-distribute (Predictive LB method should be fine.)

You can use the bigpipe command at the command line or in the GUI console:
bigpipe conn client  delete
or
bigpipe conn destination  delete
or
bigpipe conn client  destination  delete
To minimize the chances of overloading a single server, I'd recommend only recycling one at a time, then selectively deleting some persistence entries as above.

HTH

/deb