Solved: Re: CSM and Cookie Stickiness

mark.hansel · ‎08-02-2005

I've set up a basic back end encryption configuration for a client using a pair of CSM and SSL Proxy modules. I've set session persistence using SSL Session ID and it's working properly; however I also need to set up persistence to the backe end server. I've been able to do this using source IP, but I don't think that will be a solution that would work in a production environment. The backend servers are WebLogic servers and they do set cookies, but the problem appears to be that each server creates a cookie based on it's host name. Is there some method that I could use to dynamically learn the name of the cookie and use the hostname portion of it for session persistence. The first part of the cookie name begins with the host name of the responding server, in this case "hostA".

I've attached a text file taken from a packet trace that shows the client and server communication.

Thanks in advance.

Gilles Dufour · ‎08-10-2005

Mark,

yes the cookie insert is the equivalent of arrowpoint-cookie.

Sorry for this.

G.

View solution in original post

pradeepde · ‎08-08-2005

from your query i understand that you are having trouble with the configuration of Sticky cookies. If the cookie generated by the server is static, you can configure the CSS to look for this cookie by configuring the content rule with the "advanced-balance cookies" parameter and configuring the services with "string " paramter.

For more information have a look at the following document.

tp://www.cisco.com/en/US/products/hw/contnetw/ps792/products_configuration_guide_chapter09186a0080409807.html

Hope this helps

Gilles Dufour · ‎08-09-2005

I would recommend to use the CSS arrowpoint cookie.

The CSS can generate its own cookie and insert it in the HTTP response.

Search our website for "css arrowpoint cookie" and you should get some config examples.

Regards,

Gilles.

mark.hansel · ‎08-10-2005

Gilles,

Thank you. BTW this is a CSM, so I'm assuming you're talking about the "insert cookie" option. I have a TAC case open and that's what was recommended.

Thank you,

Mark.

Gilles Dufour · ‎08-10-2005

Mark,

yes the cookie insert is the equivalent of arrowpoint-cookie.

Sorry for this.

G.

mark.hansel · ‎08-10-2005

Not a problem Gilles. You have been most helpful and this has helped solve my issue.

cweinhold · ‎08-16-2005

Not so fast.... While the CSS and CSM can both insert cookies, they differ considerably with how they behave with pre-existing cookies.

The CSS requires that the pre-existing cookie follow a specific format that includes a recognizable server name. In practice, this is troublesome to coordinate with the web app folks, and this feature is rarely used.

The CSM however, can use any pre-existing cookie, regardless of format (e.g., iPlanetDirectoryPro or JSessionID). The CSM stores a hash of the cookie's value in a sticky cookie table. The table has room for 256,000 entries, shared among all sticky groups (IPs, cookies, etc).

Gilles Dufour · ‎08-17-2005

even if you are correct, you are off topic.

We are discussing cookie INSERT.

That is , the loadbalancer create its own cookie and insert it in the response of the server.

When the client comes back with its next request, it also sends the CSM/CSS cookie and we can use it for stickyness.

This function works whatever the server cookie is.

That's the solution we have suggested and apparently it works.

Thanks for your post anyway.

Gilles.