cancel
Showing results for 
Search instead for 
Did you mean: 

Persistence with a Virtual Server that is being used as a Pool Member

RiadSanchz
Altostratus
Altostratus

Hello F5'ers -

 

I have an external (public facing) VS which has one single pool member which is actually the internal VS.

  1. client --> external VS time.domain.com ---> Pool Member (internal VS time.domain.com). SSL pass-through with no persistence (no persistence set up on the Pool Member aka internal VS).
  2. internal VS time.domain.com ----> Pool - time.domain.com_pool (5 node cluster of time servers) - SSL bridging with cookie persistence.

 

Question: Is it required to enable persistence on the external VS pool member being that its actually another VIP?

 

I would think so, because the ssl and tcp handshakes occur between the client and server (external VS is ssl passthrough no L7 inspection), then another session is established between the external VS and the internal VS. Hope this makes some sense to everyone. Clients have been experiencing disconnects last few days and nothing has changed.

 

1 REPLY 1

SanjayP
MVP
MVP

To my knowledge, internal VS would need oneconnect profile with cookie persistence. External VS won't need persistence/oneconnect as it would have only 1 pool member (i.e. internal VS)

 

If session persistence is not working, clients would receive some other error but not the reset/disconnect. So please investigate the reason for the disconnect it could be something on the network, or pool members having issue.