Forum Discussion

mark_58061's avatar
mark_58061
Icon for Nimbostratus rankNimbostratus
Jun 09, 2010

Persistance for multiple users from same IP

Hi guys,

 

 

I'm trying to fix an issue to do with our SAP system that is sitting behind the LTM's. We currenlty have our SAP portal load balanced across 16 backend servers & everything works great for all the individual users who have been using it for the last 2 years. We have been using cookie insert method for persistance without any issues since the systme was deployed.

 

 

Then we threw a spanner in the works, and wanted to provide the SAP portal access to a huge number of users who are Citrix based - by Citrix, I mean they sit at their desks, inittiate a session from their heavily locked down pc to the Citrix server & run all their apps from the Citrix environment. To access SAP, they point their web browser to the url & away they go & hit the vip on the LTM.

 

 

Now comes the challenge - when the 1st person logs on, everything is fine however it's whent eh 2nd person logs on & tries to do anything, thats when we start encountering issues & errors being reported that the session either doesn't exist or has expierd. By the looks of it, only the 1st person has any persistance, with all other users are not getting sticky sessions to 1 of the 16 backend servers because the LTM has doen the cookie insert, but I think it's for the 1st user & none of the others get any. So my question is how do we ensure persistance to each of these individual users who are all coming from the same source ip address? and that is where the key is - all these users come from the same IP, I just don;t know how to differentiate the users all coming from a single machine & base persistance on this.

 

 

Source address is out because all 500+ users are coming from the same source IP

 

Cookie persistancedoesn't appear to work because (as far as I'm aware), the cookie gets passed to the machine & is not on a per user basis.

 

 

I've tried looking for all sorts of things on how we could do it, however I'm not sure if I'm just missing somehting really easy or if I'm not searching corretly, but I'm stumped.

 

 

Any thoughts?

 

config
design

3 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jun 09, 2010
    Do you have OneConnect enabled on the virtual server? If not, you could try creating a custom OneConnect profile with a 255.255.255.255 source mask and retest. See this wiki page for details:

     

     

    http://devcentral.f5.com/wiki/default.aspx/AdvDesignConfig/oneconnect.html

     

     

    Aaron
  • DeVon_Jarvis's avatar
    DeVon_Jarvis
    Icon for Nimbostratus rankNimbostratus
    Jun 09, 2010
    Interesting result. We do this all the time for a user community of ~5000 users without issue. The cookies from a citrix point of view will be different for each user session. Are you sure each user is not getting their own cookie? Maybe the browser on Citrix is not allowing cookies?

     

     

    Are you sure that all users are coming from the same IP? Not sure how many users you have, but we load 20-35 users per server, and have 150+ Citrix servers running. Even if you use source address persistence, this will mean all users on a particular Citrix server will be load balanced to the same back-end server, but in our case, with 150+ Citrix servers, this is not an issue.

     

     

    Talk to your Citrix admins and verify the config.

     

     

    DeVon

     

  • mark_58061's avatar
    mark_58061
    Icon for Nimbostratus rankNimbostratus
    Jun 10, 2010
    thanks guys,

     

     

    I'm going to be doing some testing this morning - 1stly using the oneconnect profile, and then goign through a number of different scenarios. If that doesn';t work, then it's back to the drawing board & checking with the Citrix admins on exaclty how things are setup.

     

     

    I'll let you know how I get on.