I rules for persistency
HI Guys I have a client who want to do distribution of client session on /20 (4096 ip treated as one for server assignment) but he realized that in this way the persistency (set at 960 sec = 16 minutes) never expires. Since there is a limit of 35K sessions, the side effects is "session starvation". So he would like to have distribution on /20 BUT having more granular persistency based on client IP. /32 so one record for each ip. Now my concern is the amount of records in the persistency table. could this be a problem ? how many records can an F5 manage until have CPU/Line card issues ? I already verified alternative methods to do persistency like cookies, but this doesn't apply because the communication is encrypted from client device to server with a TLS tunnel so i can't inject anything. this is the script. could it work of could i have usage issues ? the model is BIG-IP 17.1.1.3 Build 0.0.5 Point Release 3 the script is the following: thank you for your help B.R Mario when CLIENT_ACCEPTED { # Persistence over IP persist uie [IP::client_addr] # Load balacing on subnet /20 set client_ip [IP::client_addr] set subnet_ip [IP::addr $client_ip mask 255.255.240.0] # Get active pool member list set active_members [active_members -list pool <pool_name>] # If there are active members, pick one based on the hash of the masked IP if {[llength $active_members] > 0} { set member [lindex $active_members [expr {[crc32 $subnet_ip] % [llength $active_members]}]] pool <pool_name> member $member } }
Understanding F5 persistency / cookies
Hi all, I am sorry if I sound stupid but I am completely new to this domain of persistency/session stickiness and cookie. I have read several f5 whitepaper on the above including the one below https://f5.com/resources/white-papers/cookies-sessions-and-persistence But i would like to just go a little bit deeper. Thus please kindly correct and forgive me if my understanding is wrong... Basic Setup [Client] <----> [F5] <----> [Webserver (1,2,3)] 1) My understanding is that during 1st request from a client, (assume the request is load balance to Webserver1), WS1 will generate a new application/session cookie and send it back. 2) When F5 receive this cookie from WS1, does it a) amends the cookie's content (e.g. maybe add-in information to route back to WS1 should it receive this cookie again) or b) it generates a completely new cookie and send it to the client ? -- if this is the case, what happen to the current cookie send by WS1 ? Can some guru point me in the direction whereby more of such details are documented ? Thank you!