Source address Affinity

Question

Hey &nbsp;
I have a internal standard vip set up as gslb on gtm across dc A&amp; B. I set source address affinity to 8 hours on both dc ltm. Now I added one pool member to each dc ltm.&nbsp;
So if a new client makes a connection request, how does source persistence behave new &amp; existing conne tion requests ?&nbsp;

philip_jonsson · Answer

Hey Andy&nbsp;
Just so that I understand correctly, Source Address Persistence is configured on the LTM devices?&nbsp;
The persistence table timeout value works using "Idle" timeout. So even though you have a timeout of 8 hours, as long as the same client source IP hits the VS, the timeout value will be reset to 0. Therefore, for the existing connections, they will continue to remain on pool member 1 until they have been idle for 8 hours. &nbsp;
Once the persistence record has been deleted due to the timeout, when a new request hits the VS it will load-balance the traffic and choose either member 1 or member 2. In this case, traffic could end up at member 1 again. If you want to make sure that traffic ends up at member 2 you have to either Disable member 1 (active and persistent connections is still allowed) or set it to Forced Offline (only active connections is allowed).&nbsp;
The problem with Source Address persistence, if your clients originate from a NAT device, they will come from the same source IP address and the it will be tougher for the timeout to occur. &nbsp;
I hope this helps! :)&nbsp;

Forum Discussion

Source address Affinity

Recent Discussions

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

VLAN Failsafe Functionality

Related Content

The Power of Source Address

health monitor source IP address

source address persistence maximum session timeout

F5 Malicious Source IP Address Alert

How to ensure source address and source port are accepted and traversed properly via F5 SNAT automap

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS