Forum Discussion
Verifying Cookie Persistence
That makes sense, thanks for the responses.
One thing I noticed was that the IIS iApp uses Cookie persistence with a fallback of Source persistence. When I make a connection through the BIG-IP to the web servers I see the Source persistence records in the persistence table even though I'm (presumably) using Cookie persistence. When I ran some tests I noticed that
- Client connects to the big-ip
- The BIG-IP makes a load balancing decision and then creates a persistence record based on the source IP address (after it applies the mask)
- The BIG-IP make the HTTP request to the server and the server sends back the HTTP response
- The BIG-IP inserts the persistence cookie into the server response and then sends it to the client
-
The client makes a subsequent request to the BIG-IP.
5a. If the client request contains the persistence cookie, the BIG-IP decodes it and then sends the request to the correct webserver.
5b. If the client request does not contain a persistence cookie, the BIG-IP looks for a matching entry in the persistence table. If there is a matching entry the BIG-IP sends the request to correct webserver.
5c. If the client request does not contain a persistence cookie and there is no matching entry in the persistence table, the BIG-IP makes a load-balancing decision.
How do you know for sure that the BIG-IP is using Cookie persistence and not Source persistence? Is there something in the persistence table you can look for that shows "active" connections. If I run the 'show ltm persistence persist-records all-properties' command from TMSH I don't see what I'm looking for but maybe I'm missing something.
I have verified that even after the Source persistence record times out, my session still persists to the same webserver. Is this is the best way to verify cookie persistence?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com