Akamai True-Client-IP Header Persistence

Chris_Miller · ‎30-Jan-2015

Problem this snippet solves:

For customers leveraging Akamai, all traffic is routed through Akamai regional servers. This means using source address persistence will severely limit load distribution. While cookie persistence is an ideal option, persisting via Akamai's True-Client-IP header can be a good fallback. Akamai inserts this header in each request with a value of the original user's IP address.

How to use this snippet:

This rule only requires an LTM license and should run on v9-11. Make sure to use a OneConnect profile on the virtual server to ensure

Code :

when HTTP_REQUEST {
  set True_Client_IP [HTTP::header "True-Client-IP"]
  if { $True_Client_IP ne "" } {
    persist uie $True_Client_IP 
    log local0. "[IP::client_addr]:[TCP::client_port]: True-Client-IP: [HTTP::header value True-Client-IP], persist record: [persist lookup uie $True_Client_IP]"
}
}

Tested this on version:

9.0

JRahm · ‎30-Jan-2015

Contributed by Chris Miller

jaiAdityaSingla · ‎18-Apr-2016

if we enable X-forward-insert in the HTTP profile, would also do the same job instead of using the iRule here, Request Headers Received at the Server would have the actual client IP. Jason/Chris please correct me if I'm wrong?

Manjunath_Murug · ‎21-Apr-2016

Hi .. Nice code .. Can u share me some description about this ?? I am new to persist feature . If possible , please share some O/P examples

Matthew_Siers_1 · ‎14-Nov-2016

Cool thanks. This is good for Silverline gen knowledge since a few of our customers usually end up coming via ADN/CDN, etc.

Rory_Hewitt_F5_ · ‎29-Dec-2016

Note that whilst the default value of the 'True Client IP' passed through from Akamai is indeed True-Client-IP, your Akamai configuration may use a different value... Check in your Akamai config first.

DevCentral

Akamai True-Client-IP Header Persistence