Persistent Connection Forwarded to Wrong Pool Member

For cookie persistence, there is no information stored on the F5 itself for the persistence (At least none that I've found, and F5 tell me this as well). The information for persistence is stored solely within the cookie. Because it's un-encrypted, you can decode the cookie and see what the value says.

 

If the poolmember listed in the cookie isn't valid (i.e. isn't a valid and up poolmember), then a new poolmember will be chosen from the list of available poolmembers.

 

 

How much traffic are we talking about here? If there too much to do a tcpdump out to a file (i.e.

 

 

tcpdump -i 0.0 -n -p -s 0 -w /var/tmp/somefile.dump host and host and port 80

 

 

)

 

 

to view the traffic both between the clients & VS and between the F5 and the poolmembers?

 

 

Then you can verify whether things are working as designed or not. (i.e. use wireshark or similar to look at the connections. Is the cookie being set by the F5 the same as the cookie being presented back to the F5 by the client? Is the proxy inserting an XForwarded-For header? Does that IP change in the header on the same connection?

 

 

H

 

H