The session command is used to access a global table, and could be used instead of a stats profile to keep track of data. While there are currently some limitations to doing things that way, they should not affect this use of them over-much, and you could solve the problem that way.
As for your new requirement, it shouldn't be that hard to implement with either solution. If you go with the dummy pool member solution, you could check in LB_FAILED if the pool member that failed is a dummy member, and only redirect if it is (since only users without persistence cookies will get load-balanced to these pool members). If you go with the counter solution (either via the stats profile or via the session table), then you could only do the counting if the cookie doesn't already exist.