Forum Discussion
Dirk_Laan_18877
Nimbostratus
Nimbostratuspersistence migration from version 4.5 to 9
Hello,
I've a question about howto handle persistence on http_header in Bigip V9.
In version 4 we had a pool with session persistency based on http_header.
pool wsapps1 {
persist http_header("GAUSER")
persist_timeout 300
member 192.168.98.21:http
member 192.168.98.20:http
How do I configure this in version 9 ?
I know that I only can configure persistence on the virtual server.
Any help would be great.
Thanks,
Dirk
7 Replies
- A simple iRule could handle that no problem. You'd want something like:
when HTTP_REQUEST { persist uie [HTTP::header "GAUSER"] pool yourHTTPpool }
This would then be applied to the virtual server in question, where you want traffic to persist.
Colin 
Dirk_Laan_18877Thanks Colin,
Do I have to define the uie somewhere ?
If yes, where and what do I define ?
Thanks,
Dirk- hoolio
Cirrostratus
Using the UIE command does not require you to have any persistence profile associated with the VIP.
Aaron - Dirk_Laan_18877Thanks Aaron,
But how do I define the persistence timeout ?
Also I've read something about oneconnect and persistency.
SOL7208 and SOL7964
We don't have oneconnect enabled, because we had a lot of problems when it was enabled.
Between our applications and the customers we're using a sort of a proxy server.
So persistence based on the source ip does work in our case.
Dirk - hoolioHi Dirk,
You can set a timeout at the end of the persist command (Click here):
persist uie my_persist_string 1800
You will want to use OneConnect on the VIP--particularly if multiple client requests are being proxied to the VIP. Deb wrote a very detailed explanation of how OneConnect affects persistence (Click here).Without OneConnect enabled, the default LTM behaviour is to persist to the first server selected for the life of the connection.
If the proxy is maintaining connections to the VIP, and you don't have a OneConnect profile associated with the VIP, the pool member selected for the first HTTP request will be the one used for all subsequent requests over the TCP connection.
What issues were you seeing when you tested with OneConnect?
Aaron - Dirk_Laan_18877Hello Aaron,
What issues were you seeing when you tested with OneConnect?
The issue we had was on a production enviroment.
Let me explain the network config:
LTM 3400
Customers connect to one of the two proxy servers(after they are succesfully authenticated).
The proxyserver are loadbalanced by the BigIp and persist based one source address.
BigIp 2000
The proxy servers are talking with the application servers. (persist on http header gauser).
The problem we had was that on the LTM we had OneConnect enabled. (the VS that connected to the proxy server.
Sessions from Customers get mixed up.
So information from customer A ended up in a screen with customer B.
After we disabled OneConnect the problem was solved. 
flajugie_29844Hi Dirk, Aaron
I know this problem is far from you right now but I hit issue with mixed sessions enabling OneConnect feature on a very loaded site. A security alert was fired about this problem and I could not find any information on this issue but this thread.
Do you know if this issue was reported as a bug or if a version fixes this issue ?
Thanks in advance.
Florent
