Persistence

Question

HTTPS requests coming from the Internet hit a VIP on Reverse proxy F5, then get forwarded to internal F5 LB VIP via HTTP. Then Internal F5 makes a load balancing decision and encrypts traffic and forwards to real server in pool. &nbsp;
Problem, RP snats request before sending request to Internal F5 VIP, so all requests will be coming from one IP. &nbsp;
What is the best method to always send a user to the same real server.&nbsp;

dylan_375544 · Answer

Well, on your RP, you could add the X-Forwarded-For header, and pull the original Client IP address from that.&nbsp;
HERE is some info on that.&nbsp;
Hope that helps! If it does please up-vote and select this answer, it'd be greatly appreciated!&nbsp;
-Dylan&nbsp;

jeff_wise · Answer

I see configuring X-Forwarded on the RP inserts the clients original IP address in header. Now how do you configure the LB on the inside F5 to look for that field in the header and apply some sort of stickiness before sending to real server in pool.

dylan_375544 · Answer

For that you could use Universal Persistence in an iRule.&nbsp;
HERE is some info on that! (:&nbsp;
Once again, hope that helps! If it does please up-vote and select this answer, it'd be greatly appreciated!&nbsp;
-Dylan&nbsp;

Forum Discussion

Persistence

3 Replies

Recent Discussions

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Decoding the IPv4 address from the persistence cookie

Setting up persistence in F5 XC

Source_Addr Persistence Problems

SOCKS5 SSL Persistence

Weblogic JSessionID Persistence