Forum Discussion

MDPF5_152674's avatar
Icon for Altostratus rankAltostratus
May 10, 2016

Select Node based on a previous LB selection

Hi DevCentral,


I would like to ask your opinion/suggestion regarding the following requirement regarding an LTM/APM based scenario:


Scenario: I have an AAA - HTTP Server(APM) configured that points to which is my Virtual server that load balances the HTTP Custom Post request to two different servers(poolX). If the user is successfully authenticated the backend respond with a JSESSIONID cookie that is sent back to the client. The pool where the HTTP Post is sent is the same pool configured on the VS with the Access policy associated. So the problem is the following: BIG-IP send the Custom HTTP Post to the AAA HTTP Server (VS with poolX associated) after that the client need to be balanced to the same server selected during the Custom HTTP Post generated by BIG-IP, otherwise the client could be balanced on the server that does not have the "authenticated session".


Thanks in advance,




2 Replies

  • Hi,

    In your VS and APM-protected VS, you must configure universal persistence with JSESSIONID. both VS may use the same pool.

    After authentication, extract JSESSIONID cookie from HTTP Auth response (VPE / Variable Assign):

    session.custom.jsessionid = 
    expr { [lindex [regexp -inline {JSESSIONID=([^;\\\r]*)} [mcget session.http.last.response_cookie]] 1] }

    Enable this irule on APM-protected VS to insert JSESSIONID in response after authentication:

       if { ([ACCESS::policy result] equals "allow")} {
          set jsessionid [ACCESS::session data get session.custom.jsessionid]
          ACCESS::session data set session.user.sessiontype "ltm_apm"
          ACCESS::respond 302 noserver Set-Cookie "JSESSIONID=$jsessionid;path=/;HttpOnly;secure" Location [ACCESS::session data get session.server.landinguri]