Forum Discussion
Bjarne_10209
Nimbostratus
Nimbostratussource addr persistence and member selection across pools
Hi I am at a customer that have a problem with cookie persitence. I can solve this by using source address affinity persistence instead, but I have question if this can cause a problem in t...
nitass
Employee
EmployeeIf I only got two members, and one will fail in one pool, and the member fails in another pool. when saying failing, what does it really mean? is pool member marked down by heath monitor (pool member is down on one pool but up on another pool)? if yes, i understand traffic will still be directed to that pool member on another pool (which is up) because of match across pool setting.
Match Across Pools
The Match Across Pools option allows the BIG-IP to use any pool that contains a persistence record for that specific client. You must proceed cautiously when using this option, as it can direct a client's request to a pool that is not specified by the virtual server.
sol5837: Match Across options for session persistence
http://support.f5.com/kb/en-us/solutions/public/5000/800/sol5837.html
e.g.
[root@ve1023:Active] config b virtual bar list
virtual bar {
snat automap
destination 172.28.19.79:80
ip protocol 6
rules myrule
persist mypersist
profiles {
http {}
tcp {}
}
}
[root@ve1023:Active] config b profile mypersist list
profile persist mypersist {
defaults from source_addr
mode source addr
timeout indefinite
across pools enable
}
[root@ve1023:Active] config b rule myrule list
rule myrule {
when HTTP_REQUEST {
log local0. "client: [IP::remote_addr]:[TCP::remote_port]"
log local0. "host: [HTTP::host]"
log local0. "uri: [HTTP::uri]"
if {[HTTP::uri] equals "/test1"} {
pool foo1
} else {
pool foo2
}
}
when LB_SELECTED {
log local0. "pool: [LB::server pool]"
log local0. "member: [LB::server addr]"
}
when LB_FAILED {
log local0. "just in case"
}
when HTTP_RESPONSE {
log local0. "server: [IP::remote_addr]:[TCP::remote_port]"
}
}
[root@ve1023:Active] config b pool foo1 list
pool foo1 {
members {
200.200.200.101:80 {}
200.200.200.102:80 {}
}
}
[root@ve1023:Active] config b pool foo2 list
pool foo2 {
members {
200.200.200.101:80 {}
200.200.200.102:80 {}
}
}
[root@ve1023:Active] config curl -I http://172.28.19.79/test1
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2011 11:42:23 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: text/html; charset=iso-8859-1
[root@ve1023:Active] config
Dec 6 03:42:09 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: client: 172.28.19.80:34194
Dec 6 03:42:09 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: host: 172.28.19.79
Dec 6 03:42:09 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: uri: /test1
Dec 6 03:42:09 local/tmm info tmm[8145]: Rule myrule LB_SELECTED: pool: foo1
Dec 6 03:42:09 local/tmm info tmm[8145]: Rule myrule LB_SELECTED: member: 200.200.200.101
Dec 6 03:42:09 local/tmm info tmm[8145]: Rule myrule HTTP_RESPONSE: server: 200.200.200.101:80
[root@ve1023:Active] config b persist show all
PERSISTENT CONNECTIONS
| Mode source addr Value 172.28.19.80
| virtual 172.28.19.79:80 node 200.200.200.101:80 age 56sec
[root@ve1023:Active] config curl -I http://172.28.19.79/other
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2011 11:43:50 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: text/html; charset=iso-8859-1
[root@ve1023:Active] config
Dec 6 03:43:36 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: client: 172.28.19.80:60193
Dec 6 03:43:36 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: host: 172.28.19.79
Dec 6 03:43:36 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: uri: /other
Dec 6 03:43:36 local/tmm info tmm[8145]: Rule myrule LB_SELECTED: pool: foo1
Dec 6 03:43:36 local/tmm info tmm[8145]: Rule myrule LB_SELECTED: member: 200.200.200.101
Dec 6 03:43:36 local/tmm info tmm[8145]: Rule myrule HTTP_RESPONSE: server: 200.200.200.101:80
[root@ve1023:Active] config b persist show all
PERSISTENT CONNECTIONS
| Mode source addr Value 172.28.19.80
| virtual 172.28.19.79:80 node 200.200.200.101:80 age 19sec
[root@ve1023:Active] config [root@ve1023:Active] config b pool foo1 member 200.200.200.101:80 monitor fake
[root@ve1023:Active] config b pool foo1|grep -i pool\ member
+-> POOL MEMBER foo1/200.200.200.101:80 inactive,down
+-> POOL MEMBER foo1/200.200.200.102:80 active,unchecked
[root@ve1023:Active] config curl -I http://172.28.19.79/other
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2011 11:48:35 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: text/html; charset=iso-8859-1
[root@ve1023:Active] config
Dec 6 03:48:20 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: client: 172.28.19.80:47676
Dec 6 03:48:20 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: host: 172.28.19.79
Dec 6 03:48:20 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: uri: /other
Dec 6 03:48:20 local/tmm info tmm[8145]: Rule myrule LB_SELECTED: pool: foo2
Dec 6 03:48:20 local/tmm info tmm[8145]: Rule myrule LB_SELECTED: member: 200.200.200.101
Dec 6 03:48:21 local/tmm info tmm[8145]: Rule myrule HTTP_RESPONSE: server: 200.200.200.101:80
[root@ve1023:Active] config b persist show all
PERSISTENT CONNECTIONS
| Mode source addr Value 172.28.19.80
| virtual 172.28.19.79:80 node 200.200.200.101:80 age 18sec
[root@ve1023:Active] config curl -I http://172.28.19.79/test1
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2011 11:49:06 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: text/html; charset=iso-8859-1
[root@ve1023:Active] config
Dec 6 03:48:52 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: client: 172.28.19.80:47730
Dec 6 03:48:52 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: host: 172.28.19.79
Dec 6 03:48:52 local/tmm info tmm[8145]: Rule myrule HTTP_REQUEST: uri: /test1
Dec 6 03:48:52 local/tmm info tmm[8145]: Rule myrule LB_SELECTED: pool: foo2
Dec 6 03:48:52 local/tmm info tmm[8145]: Rule myrule LB_SELECTED: member: 200.200.200.101
Dec 6 03:48:52 local/tmm info tmm[8145]: Rule myrule HTTP_RESPONSE: server: 200.200.200.101:80
[root@ve1023:Active] config b persist show all
PERSISTENT CONNECTIONS
| Mode source addr Value 172.28.19.80
| virtual 172.28.19.79:80 node 200.200.200.101:80 age 17sec
