cancel
Showing results for 
Search instead for 
Did you mean: 

irule cookie insert

dathomas111_201
Altocumulus
Altocumulus

Hi,

 

I'm reaching out to the community in hope of getting irule assistance. I need to be able to create an irule that meets the following crtieria. As a plus it would be great to reference a string data group but I haven't been able to make that work. The VS is using a cookie type persistance profile.

 

The irule must...

 

1. Set a cookie value based on server IP (not server set cookie nor Bigip cookie)

 

2. Persist off of that cookie value

 

Here is what I have so far...

 

when HTTP_RESPONSE {

 

Insert cookie that matches the Web server IPs

 

 

if {[IP::server_addr] equals "10.0.0.1"} then {

 

HTTP::cookie insert name "webserver" value "wsA"

 

}

 

if {[IP::server_addr] equals "10.0.0.2"} then {

 

HTTP::cookie insert name "webserver" value "wsB"

 

}

 

if {[IP::server_addr] equals "10.0.0.3"} then {

 

HTTP::cookie insert name "webserver" value "wsC"

 

}

 

if {[IP::server_addr] equals "10.0.0.4"} then {

 

HTTP::cookie insert name "webserver" value "wsD"

 

}

 

if {[IP::server_addr] equals "10.0.0.5"} then {

 

HTTP::cookie insert name "webserver" value "wsE"

 

}

 

Persist off of that cookie value

 

 

if {{HTTP::cookie} equals "webserver"} then {

 

persist cookie

 

}

 

}

 

This seems to work but may be persisting off of the default cookie insert established in the "cookie" profile. (This was mandatory in order to use the "persist cookie" statement). Any and all help would be appreciated. Thanks.

 

 

4 REPLIES 4

LTM is making a load balancing decision and persisting from the default cookie in your code. I suspect you are trying to avoid the default cookie that is used that can be decoded to a server IP, in which case you should just encrypt the cookie that LTM sets. http://support.f5.com/kb/en-us/solutions/public/6000/900/sol6917.htmlencrypt

 

 

Also your code is ideal for use of the switch statement rather than multiple if statements https://devcentral.f5.com/tech-tips/articles/irules-101-04-switch.UZ0sn5XpbZE

nitass
F5 Employee
F5 Employee
is it something like this?

 

 

[root@ve10:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.252:80 ip protocol 6 rules myrule profiles { http {} tcp {} } } [root@ve10:Active] config b pool foo list pool foo { members { 200.200.200.101:80 {} 200.200.200.111:80 {} } } [root@ve10:Active] config b rule myrule list rule myrule { when HTTP_REQUEST { if { [HTTP::cookie exists webserver] } { persist uie [HTTP::cookie value webserver] } } when HTTP_RESPONSE { switch [IP::server_addr] { 200.200.200.101 { set cookie_value "wsA" } 200.200.200.111 { set cookie_value "wsB" } } HTTP::cookie insert name webserver value $cookie_value persist add uie $cookie_value } } client [root@centos17 ~] curl -I http://172.28.19.252 -H "Cookie: webserver=wsA" HTTP/1.1 200 OK Date: Thu, 23 May 2013 00:34:49 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Thu, 23 May 2013 00:28:46 GMT ETag: "4185a8-59-c3efab80" Accept-Ranges: bytes Content-Length: 89 Content-Type: text/html; charset=UTF-8 Set-Cookie: webserver=wsA; persistence record [root@ve10:Active] config b persist show all PERSISTENT CONNECTIONS | Mode universal Value wsA | virtual 172.28.19.252:80 node 200.200.200.101:80 age 3sec

dathomas111_201
Altocumulus
Altocumulus
Thanks Chris, That what I thought.I . But I'm not trying to mask the cookie so much as trying to set a new one and maintain persistence by it. I modified the persist statement to match what Nitass had implied and it seems to be working now. Last item is how to reference a data group to extract the server IPs and assign the cookie value.

Lianjx_204891
Nimbostratus
Nimbostratus

I had modify the iRules and the persistence works for a single user. However, when I do a load test with 10 users, I am hit by tcl error on iRules stating the following:

 

- can't read "cookie_value": no such variable while executing " HTTP::cookie insert name webserver value $cookie_value"

 

Modify irules as the following:

 

when HTTP_REQUEST { pool web_pool if { [HTTP::cookie exists webserver] } { persist uie [HTTP::cookie value webserver] } } when HTTP_RESPONSE { switch [IP::server_addr] { 172.10.20.1 { set cookie_value "webA" } 172.10.20.2 { set cookie_value "webB" } } HTTP::cookie insert name webserver value $cookie_value persist add uie $cookie_value }

The load test result was terrible with 50% errors flag out.