Forum Discussion
ArcotOps_5988
Nimbostratus
NimbostratusSSL session persistence problem with Safari
I have an issue where when a Safari - Mac user does a CTRL+F5 it creates a new TCP session and the SSL persistence changes. My application requires the session to be sticky to only one of the pool members. The current VS is set for SSL session persistence and also does the SSL to client and SSL to pool members. This is working for over 95% of the connections.
LTM version 9.3.1
I am looking for a way to have the Safari users get IP persistence and the other just use the VS settings. Here is what I have.
if { [HTTP::header User-Agent] == "Safari" } {
set persistence to IP for 7260 seconds
set pserver [persist lookup uie [IP::client_addr] 7260]
if { [LB::status pool http_pool member1 $pserver 443] eq "up" } {
pool http_pool member1 $pserver 443
} else {
pool http_pool member2 $pserver 443
}
}
Seeing that this is my first irule any input would be greatly appreciated.
Thanks
ArcotOps_5988updated rule .....
when HTTP_REQUEST {
if { [HTTP::header User-Agent] == "Safari" } {
set persistence timeout to 121min
set pserver [persist uie [IP::client_addr] 7260]
if { [LB::status pool preview_test_pool member x.x.x.1 $pserver] eq "up" } {
pool preview_test_pool member x.x.x.1 $pserver
} else {
pool preview_test_pool member x.x.x.2 $pserver
}
}
}