Forum Discussion
Mucius
Jan 10, 2021Altostratus
Persistence mirroring across datacenters?
Good day,
I'm trying to implement this scenario:
- One Big-IP LTM virtual appliance placed in each datacenter, each in its own subnet (there's an IP connectivity between the subnets, via routers and firewalls). Both are Active.
- They both share the same pool of backend servers - half of them sit in one datacenter and half in another. In other words, each LTM forwards traffic to servers at both datacenters.
- The configuration objects of both appliances are synced, they are both members of the same Sync-Only device group.
- But there is no floating VIP passing from one appliance to another. A Virtual Server on each have its own static IP, and a round-robin DNS record of a website resolves to both of these addresses.
- We need to implement a "sticky sessions" functionality for the pool of the backend servers. So that a session could start by a client browser connecting to a Virtual Server IP on one LTM, and then continue normally if the browser would decide to connect at some point to Virtual Server of another LTM, then switch back etc., etc.
Questions:
- Is this theoretically feasible?
- Can it be done with LTM-created cookies, so that session persistence won't be dependent on persistence of client source IPs?
- If not, what's the best method to implement this?
Thanks!
Mucius.
Hi Mucius,
Cookie persist will do the trick. Do not encrypt the cookie, only give it a unique name. And that name must be the same on both BIG-IP's
Cheers,
Kees
Hi Mucius,
Cookie persist will do the trick. Do not encrypt the cookie, only give it a unique name. And that name must be the same on both BIG-IP's
Cheers,
Kees
- MuciusAltostratus
Thanks, Kees, it worked!
It even worked with encrypted cookies, as long as the encryption key is the same on both appliances.
Regards,
Mucius.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects