Forum Discussion

Philip_King_719's avatar
Philip_King_719
Icon for Nimbostratus rankNimbostratus
Feb 26, 2014

Using irule to set persistence profile

We are running LTM v11.2.1 on 4200 devices.

 

I currently have a source address persistence profile set for all traffic going through one of my virtual servers. I have been asked to find a way to only set that persistence for traffic that is hitting a certain website on the backend servers.

 

Is there a way to use an irule to parse the URI and only set persistence (using my existing profile) when it finds a matching URI? The articles I've found so far are discussing using hash peristence within the irule.

 

application delivery
devops
iRules
LTM
microsoft

10 Replies

Sort By
  • Thomas_Gobet's avatar
    Thomas_Gobet
    Icon for Nimbostratus rankNimbostratus
    Feb 26, 2014

    Hi,

    Yes you can use iRules to set that kind of persistence.

    Here is the action to do : 

    persist source_addr mask timeout_in_seconds
  • mikeshimkus_111's avatar
    mikeshimkus_111
    Historic F5 Account
    Feb 26, 2014

    A complete iRule would look like:

    when HTTP_REQUEST {
    switch -glob [string tolower [HTTP::uri]] {
         /myuri { persist source_addr } 
        }   
}

    Or:

    when HTTP_REQUEST {
    if { [string tolower [HTTP::uri]] contains "myuri" }  {
            persist source_addr
       }
}
    • dradiant_306130's avatar
      dradiant_306130
      Icon for Nimbostratus rankNimbostratus
      Apr 27, 2017

      How long would the persist source_addr last? Is there a way to add a timeout value to the persistence?

       

  • Philip_King_719's avatar
    Philip_King_719
    Icon for Nimbostratus rankNimbostratus
    Feb 26, 2014

    Excellent. This is what I was looking for. Now just need to get the business folks lined up to test again....

     

    Thanks

     

  • Hadrien's avatar
    Hadrien
    Icon for Nimbostratus rankNimbostratus
    Oct 08, 2014

    I have a few irules invoked by different virtual servers. Sometimes the persistence will be set at vs level, and sometimes it will be set in the irule with the same non-standadrd settings. Unfortunately, there doesn't seem to be a way to call a persistence profile object from within an irule :-( If it was possible, I wouldn't have to edit the irules in case of a settings change...

     

    • mikeshimkus_111's avatar
      mikeshimkus_111
      Historic F5 Account
      Oct 08, 2014
      IIRC, if the persistence profile is assigned to the virtual server and you call that persistence method from an iRule, it should use the settings of the attached profile. You can attach multiple profiles (not fallback profiles) but you need to do it from the tmsh command line. Something like this: modify ltm virtual my_vip persist replace-all-with { cookie { default no } source_addr { default no } universal { default yes} }
    • Hadrien's avatar
      Hadrien
      Icon for Nimbostratus rankNimbostratus
      Oct 09, 2014
      I'm not sure if this exactly fits. I'll try exposing some samples to illustrate : ltm persistence source-addr toto { app-service none defaults-from source_addr timeout 900 } ltm virtual A { [...] persist { persist_PFCI_WHEAT_srcaddr { default yes } } pool toto [...] } ltm virtual B { [...] rules { toto } [...] } ltm rule toto { when CLIENT_ACCEPTED { if { blabla } { persist source_addr 255.255.255.255 900 pool toto } [...] } } The syntax for source address persitence in irule is : persist srcaddr [mask ] [] My wish here would be to write something like this in irule : persist toto
  • Hadrien_34878's avatar
    Hadrien_34878
    Icon for Nimbostratus rankNimbostratus
    Oct 08, 2014

    I have a few irules invoked by different virtual servers. Sometimes the persistence will be set at vs level, and sometimes it will be set in the irule with the same non-standadrd settings. Unfortunately, there doesn't seem to be a way to call a persistence profile object from within an irule :-( If it was possible, I wouldn't have to edit the irules in case of a settings change...

     

    • mikeshimkus_111's avatar
      mikeshimkus_111
      Historic F5 Account
      Oct 08, 2014
      IIRC, if the persistence profile is assigned to the virtual server and you call that persistence method from an iRule, it should use the settings of the attached profile. You can attach multiple profiles (not fallback profiles) but you need to do it from the tmsh command line. Something like this: modify ltm virtual my_vip persist replace-all-with { cookie { default no } source_addr { default no } universal { default yes} }
    • Hadrien_34878's avatar
      Hadrien_34878
      Icon for Nimbostratus rankNimbostratus
      Oct 09, 2014
      I'm not sure if this exactly fits. I'll try exposing some samples to illustrate : ltm persistence source-addr toto { app-service none defaults-from source_addr timeout 900 } ltm virtual A { [...] persist { persist_PFCI_WHEAT_srcaddr { default yes } } pool toto [...] } ltm virtual B { [...] rules { toto } [...] } ltm rule toto { when CLIENT_ACCEPTED { if { blabla } { persist source_addr 255.255.255.255 900 pool toto } [...] } } The syntax for source address persitence in irule is : persist srcaddr [mask ] [] My wish here would be to write something like this in irule : persist toto