Applies To:

Show Versions Show Versions

Manual Chapter: Configuration Guide for the BIG-IP® Link Controller: Enabling Session Persistence
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>


18

Enabling Session Persistence


Introducing session persistence

Using the Link Controller, you can configure session persistence. When you configure session persistence, the Link Controller tracks and stores session data, such as the specific pool member that serviced a client request. The primary reason for tracking and storing session data is to ensure that client requests are directed to the same pool member throughout the life of a session or during subsequent sessions.

In addition, session persistence can track and store other types of information, such as user preferences or a user name and password.

The Link Controller offers several types of session persistence, each one designed to accommodate a specific type of storage requirement for session data. The type of persistence that you implement depends on where and how you want to store client-specific information, such as items in a shopping cart or airline ticket reservations.

For example, you might store airline ticket reservation information in a back-end database that all servers can access, or on the specific server to which the client originally connected, or in a cookie on the client's machine. When you enable persistence, returning clients can bypass load balancing and instead connect to the server to which they last connected in order to access their saved information.

The Link Controller keeps session data for a period of time that you specify.

The primary tool for configuring session persistence is to configure a persistence profile and assign it to a virtual server. If you want to enable persistence for specific types of traffic only, as opposed to all traffic passing through the virtual server, you can write an iRule.

Configuring a persistence profile

A persistence profile is a pre-configured object that automatically enables persistence when you assign the profile to a virtual server. By using a persistence profile, you avoid having to write a program to implement a type of persistence.

Each type of persistence that the Link Controller offers includes a corresponding default persistence profile. These persistence profiles each contain settings and setting values that define the behavior of the Link Controller for that type of persistence. You can either use the default profile or create a custom profile based on the default.

For more information, see the following parts of this guide:

Persistence types and their profiles

You can configure persistence profile settings to set up session persistence on your Link Controller. You can configure these settings when you create a profile or after profile creation by modifying the profile's settings. For specific procedures on configuring a profile, see Chapter 16, Understanding Profiles .

Types of persistence

The persistence types that you can enable using a persistence profile are:

  • Destination address affinity persistence
    Also known as sticky persistence, destination address affinity persistence supports TCP and UDP protocols, and directs session requests to the same server based solely on the destination IP address of a packet.
  • Source address affinity persistence
    Also known as simple persistence, source address affinity persistence supports TCP and UDP protocols, and directs session requests to the same server based solely on the source IP address of a packet.

Understanding criteria for session persistence

Regardless of the type of persistence you are implementing, you can specify the criteria that the Link Controller uses to send all requests from a given client to the same pool member. These criteria are based on the virtual server or servers that are hosting the client connection. To specify these criteria, you use the Match Across Services and Match Across Virtual Servers profile settings. Before configuring a persistence profile, it is helpful to understand these settings.

Specifying the Match Across Services setting

When you enable the Match Across Services profile setting, the Link Controller attempts to send all persistent connection requests received from the same client, within the persistence time limit, to the same pool member only when the virtual server hosting the connection has the same virtual address as the virtual server hosting the initial persistent connection. Connection requests from the client that go to other virtual servers with different virtual addresses, or those connection requests that do not use persistence, are load balanced according to the load balancing method defined for the pool.

For example, suppose you configure virtual server mappings where the virtual server v1:http has persistence enabled and references the http_pool (containing the nodes n1:http and n2:http) and the virtual server v1:ssl has persistence enabled and references the pool ssl_pool (containing the nodes n1:ssl and n2:ssl).

If the client subsequently connects to v1:ssl, the Link Controller uses the persistence session established with the first connection to determine the pool member that should receive the connection request, rather than the load balancing method. The Link Controller should send the third connection request to n1:ssl, which uses the same node as the n1:http node that currently hosts the client's first connection with which it shares a persistent session.

For example, a client makes an initial connection to v1:http and the load balancing mechanism assigned to the pool http_pool chooses n1:http as the node. If the same client then connects to v2:ssl, the Link Controller starts tracking a new persistence session, and it uses the load balancing method to determine which node should receive the connection request because the requested virtual server uses a different virtual address (v2) than the virtual server hosting the first persistent connection request (v1). In order for this setting to be effective, virtual servers that use the same virtual address, as well as those that use TCP or SSL persistence, should include the same node addresses in the virtual server mappings.

Specifying the Match Across Virtual Servers setting

You can set the Link Controller to maintain persistence for all sessions requested by the same client, regardless of which virtual server hosts each individual connection initiated by the client. When you enable the Match Across Virtual Servers setting, the Link Controller attempts to send all persistent connection requests received from the same client, within the persistence time limit, to the same pool member. Connection requests from the client that do not use persistence are load balanced according to the currently selected load balancing method.

Warning

In order for this setting to be effective, virtual servers that use pools with TCP or SSL persistence should include the same member addresses in the virtual server mappings.

Destination address affinity persistence

You can optimize your server array with destination address affinity persistence. Destination address affinity persistence, also known as sticky persistence, directs requests for a certain destination IP address to the same server, regardless of which client made the request.

This type of persistence provides the most benefits when load balancing caching servers. A caching server intercepts web requests and returns a cached web page if it is available. In order to improve the efficiency of the cache on these servers, it is necessary to send similar requests to the same server repeatedly. You can use the destination address affinity persistence type to cache a given web page on one server instead of on every server in an array. This saves the other servers from having to duplicate the web page in their cache, wasting memory.

The destination address affinity profile

To implement destination address affinity persistence, you either use the default dest_addr profile or create a custom profile. Table 18.1 shows the settings and their values that make up the default dest_addr profile.

Table 18.1 Settings of a destination address affinity persistence profile
Setting
Description
Default Value
Name
Specifies a unique name for the profile. This setting is required.
No default value
Persistence Type
Specifies the type of persistence profile. This setting is required.
Destination Address Affinity
Match Across Services
Specifies that all persistent connections from a client IP address that go to the same virtual IP address also go to the same node.
Disabled
Match Across Virtual Servers
Specifies that all persistent connections from the same client IP address go to the same node.
Disabled
Match Across Pools
Specifies that the Link Controller can use any pool that contains this persistence entry.
Disabled
Mask
Specifies the mask that the Link Controller should use before matching with an existing persistence entry.
255.255.255.255

Source address affinity persistence

Source address affinity persistence, also known as simple persistence, tracks sessions based only on the source IP address. When a client requests a connection to a virtual server that supports source address affinity persistence, the Link Controller checks to see if that client previously connected, and if so, returns the client to the same pool member.

You might want to use source address affinity persistence and SSL persistence together. In situations where an SSL session ID times out, or where a returning client does not provide a session ID, you may want the Link Controller to direct the client to the original pool member based on the client's IP address. As long as the client's source address affinity persistence record has not timed out, the Link Controller can successfully return the client to the appropriate pool member.

Persistence settings apply to all protocols. When the persistence timer is set to a value greater than 0, persistence is on. When the persistence timer is set to 0, persistence is off.

The persistence mask feature works only for virtual servers that implement source address affinity persistence. By adding a persistence mask, you identify a range of source IP addresses to manage together as a single source address affinity persistent connection when connecting to the pool.

The source address affinity persistence profile

To implement source address affinity persistence, you can either use the default source_addr profile or create a custom profile. Table 18.2 shows the settings and values that make up the default source_addr profile.

Table 18.2 Settings of a source address affinity persistence profile
Setting
Description
Default Value
Name
Specifies a unique name for the profile. This setting is required.
No default value
Persistence Type
Specifies the type of persistence profile. This setting is required.
Source Address Affinity
Match Across Services
Specifies that all persistent connections from a client IP address that go to the same virtual IP address also go to the same node.
Disabled
Match Across Virtual Servers
Specifies that all persistent connections from the same client IP address go to the same node.
Disabled
Match Across Pools
Specifies that the Link Controller can use any pool that contains this persistence entry.
Disabled
Timeout
Specifies the number of seconds before a persistence entry times out.
180
Mask
Specifies the mask that the Link Controller should use before matching with an existing persistence entry.
0.0.0.0
Map Proxies
Enables or disables proxy mapping.
Enabled




Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)