We are load balancing from 2 SEG servers to a Virtual server and then have 6 mail gateways in the pool with cookie persistence set. 95% of the connections go to 1 member in the pool. When I look at the persistence records I see about 10 with source address affinity. What I don't understand is if the server has been passed a cookie why I'm seeing these persistence records. I would like understand this first before moving on to correcting the balancing issue.
First of you have to understand the difference between IP address persistence and Cookie persistence.
IP address persistence need a correspondence table (persistence records in F5), because no information is stored on the client side that allow F5 to LB you on the right backend. This kind of peristence has these limits because after a certain number of records you reach the maximum limit and you can have resets...
Cookie persistence means that all information regarding LB are stored in client side in a cookie. That's mean that F5 don't need to store this information in F5 (persistence records).
to conclude, source address persistence information are stored in F5 and persistence cookie information are store in the cookie that host in client browser (so not in F5) that's the reason why, you will not see this information in F5...
If you see Source address peristence records while you replaced it with cookie persistence. it may be because you set source address peristence as fallback persistence or that there are still active sessions that used this persistence...
Hope it help your.
source address persistence is set as fallback persistence so that would explain the persistence records
Ok, so your behaviour is normal.
Persistence records: is information stored by f5 regarding peristence.
In your case you set Default peristence to Cookie and fallback to source address. That's means that F5 anticipates any problem with Cookie persistence. If for an unknown reason au user don't provide his F5 cookie for LB, Source address persitance takes over.
So to anticipate any problem (with cookie persistence), F5 set a persistence table based on source IP address (depending the profil that you set) to takes over... That's the reason why you can see persistence records (but it is not used as long as the customer can provide his cookie to F5).
Let me now if you need additional information.
Don't forget to validate the response :-), thank you
Thanks Youssef. Would you know if the cookies sent back from the F5 would be held on the SEG (Airwatch) server or passed back to the handsets.
no, they are not preserved/held by the seg (neither used nor). it just transits through the seg to be provided to Back reverse proxy (F5) ...
take the example of an application that runs through f5. This application use cookie (for its session), this app cookies are using by application and provided by client to maintain his session, they cross F5 but are not preserved...
You have other points on this subject?