Persistence using session cookies

Question

I've read through a few of the articles on setting persistence based on the contents of a session cookie, and come up with the following:when HTTP_REQUEST {
   if { [HTTP::cookie exists "SESSIONID"] } {
      if { persist lookup uie [HTTP::cookie "SESSIONID"] != "" } {
         persist uie [HTTP::cookie "SESSIONID"] 600
      }
   }
}
when HTTP_RESPONSE {
   if { [HTTP::cookie exists "SESSIONID"] } {
      if { persist lookup uie [HTTP::cookie "SESSIONID"] == "" } {
         persist add uie [HTTP::cookie "SESSIONID"] 600
      }
   }
}
The examples I've seen don't include tests for the prior existence of the persistence record as I have done above. Is it necessary to do so? i.e. if I attempt to add persistence that already exists, is it silently ignored, and if I attempt to use a persistence record that doesn't exist, is it silently ignored? If the "persist lookup" tests are not required, I expect it is more efficient to leave them out.
How do the timeouts work? I assume the "persist add" timeout starts a timer to clean up the persistence record. Does using the persistent record with "persist" extend the timer for the same period, and "persist" with a timeout extend the timer by the new amount?
What events can "persist add" be used in? It looks to me like it binds the persistence to the selected node, so can only be used once a server connection has been made, or maybe before in the LB_SELECTED event.

hooleylist · Answer

Hi Stephen,&nbsp;
&nbsp;You can confirm most of your assumptions by testing and checking the output from 'b persist all show all'.&nbsp;
&nbsp;Check Deb's responses in this post (Click here)some  for some detailed info on persisting off of app server cookie values.&nbsp;
&nbsp;The jsessionid example in the codeshare (Click here) should give you a good start.&nbsp;
&nbsp;Aaron

uni · Answer

Thanks hoolio. It's a bit difficult for me to test as I don't have access to test servers, but I hadn't used the "persist show all" command, so that may help once I can implement something.&nbsp;
&nbsp;I just discovered the "cookie hash" persistence, and am wondering why not use this instead of uie persistence? This seems to be designed to persist based on, say, JSSESSIONID.

leslie_south_55 · Answer

When using session cookies, does the 'b persist all show all' actually show the persistent connections?  When I issue this command, I get 'No persistent connections were found' and I am using cookie-insert as session cookies
&nbsp;-L

hooleylist · Answer

When using cookie insert persistence, no record is maintained on the BIG-IP, so 'b persist ...' will not show any records.&nbsp;
&nbsp;Aaron

Forum Discussion

Persistence using session cookies

4 Replies

Recent Discussions

preserve client IP on layer 4 VIP

Failed to convert character dclid=%EDclid!

ASM - Parent policy vs OWASPcompliance

Rewrite uri translation not working

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

Related Content

Decoding the IPv4 address from the persistence cookie

Sessions and Cookies and Persistence, oh my!

source address persistence maximum session timeout

Persistence Cookie Logging

Set the SameSite Attribute for LTM Persistence Cookies