Web Pool needs cookieless persistence

Question

We have a Web Pool of 3 servers (IIS) that require a persistent SSL connection.  Additionally, we would like to employ the SSL Termination features of the BIG-IP System, which offloads the SSL encryption/decryption from the web servers.  
&nbsp;    
&nbsp;  As an additional requirement, we cannot use the Cookie persistence to identify the end user, as our web application does not require cookies.  
&nbsp;    
&nbsp;  Aside from the Source IP persistence, can anyone confirm (or deny) that it will be possible to load balance traffic intelligently, while maintaining persistence through a custom iRule?  
&nbsp;    
&nbsp;  Any examples of this would be much appreciated!  
&nbsp;    
&nbsp;  Thank you,  
&nbsp;    
&nbsp;  Travis

joe_pruitt · Answer

Moved to the iRules forum. 
&nbsp;  
&nbsp; -Joe

unruley_95363 · Answer

You don't actually even need an iRule...  You can use SSL session ID persistence which will (depending on the browser) persist all the same connections using the same SSL session to the same server.  This can be enabled with the persist ssl setting on the virtual.  You may also want to additionally use fallback persistence on the source IP to handle the transition some browsers go through while negotiating the SSL session.  This is configured with the fallback persist srcaddr setting on the virtual.

Forum Discussion

Web Pool needs cookieless persistence

Recent Discussions

How to Renew F5 Device Certificate

How to export a list of paired external service providers from APM?

BIG-IP Edge Endpoint Inspection Failure pre-VPN

BIG IP LTM - Multiple application on single VIP with multiple ports allowed.

Service discovery is not happening in AS3

Related Content

Setting up persistence in F5 XC

SOCKS5 SSL Persistence

Weblogic JSessionID Persistence

Decoding the IPv4 address from the persistence cookie

Persistent and Persistence, What's the Difference?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS