For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

KDS2014's avatar
KDS2014
Icon for Nimbostratus rankNimbostratus
Oct 30, 2015

source address affinity persistence and SSL persistence together

Hello I’m working on setting up persistence on my LTM virtual server, I would like to do source address affinity persistence and SSL persistence together. But all I see is having a “Default Persistence Profile” and a “Fallback Persistence Profile”

 

Default Persistence Profile = Specifies the persistence profile you want the system to use as the default for this virtual server ! Fallback Persistence Profile = Specifies the persistence profile you want the system to use if it cannot use the specified default persistence profile. ! Therefore my question is how I setup “source address affinity persistence and SSL persistence together”.

 

Thanks

 

application delivery
deployment
LTM

2 Replies

  • Brad_Parker's avatar
    Brad_Parker
    Icon for Cirrus rankCirrus
    Oct 30, 2015

    You can't really set them up together as one uses the persistence table on the BigIP(source affinity) and one doesn't as the persistence is maintained by the client(cookie). What you can do though is to do a universal persistence and set your persistence based on a combination of the source address and a cookie value.

    https://support.f5.com/kb/en-us/solutions/public/7000/300/sol7392.html

    A possible iRule for your uie could look like this:

    when HTTP_RESPONSE {
  if { [HTTP::cookie exists somecookie] } {
    persist add uie "[IP::client_addr]_[HTTP::cookie somecookie]"
  }
}
when HTTP_REQUEST {
  if { [HTTP::cookie exists somecookie] } {
    persist uie "[IP::client_addr]_[HTTP::cookie somecookie]"
  }
}
  • KDS2014's avatar
    KDS2014
    Icon for Nimbostratus rankNimbostratus
    Oct 30, 2015

    Interesting, thanks for that information I will look into.