visitor/session cookie without persistence

Hi Yonah,

 

 

The persistence cookie is an encoding of the selected pool member IP and port. So it wouldn't be unique to the user. It would be relatively simple to generate a unique session ID token that you insert in requests and/or responses when one isn't present already using an iRule. Is the performance monitoring appliance on the client or server side of LTM? ie, would you want to ensure the session ID is in requests sent to the pool or back to the client?

 

 

Also, which LTM version are you running?

 

 

Aaron

Hi,

 

 

I know we could do this with iRules but we have a large number of virtual services and I was hoping to find a way to configure this on a broader level :/

 

We are planning to use clone pools to traffic to the appliance- probably client side.

 

The session ID should show in the requests from the client to the virtual server so the appliance can group the requests of a single user.

 

We do not need any real session management- so if the user comes back in a day or two and the cookie is still there, it is fine and even preferable to us.

 

We are running 10.2

 

 

Thanks,

 

Yonah

 

The only option I can think of is to use an iRule to generate a session ID and insert that into requests sent to the pool and in a cookie sent back to the client. You could potentially use one iRule and apply it to all of the virtual servers.

 

 

Other than that, I can't think of another way to implement this on LTM.

 

 

Aaron

I'm with Aaron on an iRule being the only option I could come up with. Perhaps inserting a cookie/header with the value being some sort of combination of Client IP + Source Port + Time...that should be unique enough. The first part of the rule would check whether the cookie existed and if it did, would pass it through unadjusted. If it didn't exist, we'd insert it in the response.

Client IP:port and current time in seconds for a session cookie value should be lightweight and collision proof. Nice idea Chris.

 

 

Aaron

Maybe something like this?

when RULE_INIT {

   set static::session_cookie "my_session_cookie"
}
when HTTP_REQUEST {

    Check if cookie exists in request
   if {[HTTP::cookie $static::session_cookie] eq ""}{
      set insert_cookie 1
   } else {
      set insert_cookie 0
   }
}
when HTTP_RESPONSE {

    Insert a cookie in the response if one wasn't present in the request.
    Use the client IP:port plus unixtime.
    Could use something random instead like an 8 digit psuedo random number: [format "%08d" [expr { int(100000000 * rand()) }]]
   if {$insert_cookie}{
      HTTP::cookie insert name $static::session_cookie value "[IP::client_addr]_[TCP::client_port]_[clock seconds]"
   }
}

If you want to use this on multiple virtual servers and differentiate between them with the session ID, you could prepend the vs name using [virtual name].

Aaron

Hoolio,

 

 

Can this same iRule be setup to create a persistent cookie instead of a session cookie? If so, can you display this code as well?

 

 

Thanks!