Forum Discussion

Maverick09_1909's avatar
Maverick09_1909
Icon for Nimbostratus rankNimbostratus
Mar 09, 2015

Cookie Persistence in dual datacenter

Hi All, I am using F5 default cookie for persistence defined on virtual server which is the same name for both datacenter. I use irule to route the traffic to the original data center in case traffic goes to another data center. But it looks like the persistence cookie is getting reset when it goes to opposite data center since the persistence cookie identifying the server is invalid for this new data center. Now when traffic is routed back to original data center again the cookie is invalid, so the session goes to a different server. Now how can i stop the persistence cookie being reset when it goes to opposite data center and kick off routing to original data center before any cookie is reset?

 

1 Reply

  • A possible solution I have got to work is as follows and the server still sees the traffic as originating from the true source IP:

    1. Create your pools with priority activation.
    2. Add nodes from both data centers to your pool
    3. Set the servers in the local data center to priority 10
    4. Set the servers in the remote data center to priority 1
    5. Make sure your persistence cookie has the same name in both data centers and is only applied to your virtual server for the application
    6. Create a SNAT pool in both data centers
    7. Create a standard virtual server in each DC that has a source of your SNAT pool IPs and 0.0.0.0/0:80 as the destination
    8. Apply the first iRule to the virtual servers handling incoming traffic for you application and the second iRule to the virtual servers that are listening for traffic form your SNAT pool IPs.
    when HTTP_REQUEST {
        HTTP::header insert sIP [IP::client_addr]
    }
    when LB_SELECTED {
        if { [LB::server priority] == 1 } {
            snatpool interDC
            HTTP::header insert dIP [LB::server addr]
        } else {
            snat none
            return
        }
    }
    
    when HTTP_REQUEST {
        if { [HTTP::header exists "sIP"] && [HTTP::header exists "dIP"] } {
            persist none
            snat [HTTP::header values "sIP"]
            node [HTTP::header values "dIP"]
        } else {
            reject
        }
    }
    

    This can maintain persistence to the destination server even if a user hops over to your other data center.