Sunday, 4 August 2019

Persistence profiles

For example bignetwork wants to open http://192.168.1.100 or the ip of the virtual server.
Therefore the three way handshakes have been done, and f5 big ip has decided which server will get the request for example the red server.
What’s the benefit of doing persistence?
For example in ticketing application. Server1 is collecting information from Sammy network and server 1 is caching locally. If server 1 is still having information from server 1 and server2 it’s better to let server 1 able to handle the traffic until sammynetwork done doing ordering ticket.
By doing persistence we can let it happen.
We can refer to iapps and f5 documentations about how to set it up.
We can use profile which is a collection of settings then implement it to the virtual server.
What the category will we use? We can use persistence profiles.
Types of persistence profiles we can use is:
  1. Cookies
  2. IP Affinity
  3. Hash
  4. RDP
  5. SIP
  6. SSL
  7. Universal
Cookies.
A little piece information stored in the bignetwork’s browser. Enabling profile based on cookie, when bignetwork request to vs then f5 big ip throw the traffic to the red server. Then when backend server responses f5 big ip can insert the cookie that indicates the backend server is the red server.
When the cookie is stored in bignetwork’s computer as bignetwork makes request to the ip of virtual server and based on the cookie the request always goes to the same server.
Then the cookies are being given to the bignetwork browser:
Timeout. We can setting using timeout, for example we would like to the persistence profiles only happen for sometime only. For example 5 minutes timeout.
IP Affinity. Persistence profile which looks at source ip address or destination ip address to implement the persistence.  We can also use timeout, for example we make timeout 10 minutes when sammynetwork sends the request then the f5 big ip will see persistence tables if sammynetwork doesn’t have entry there, entry will be created which identifies what server sammynetwork is being forwarded to then idle timeout is coutiing down. If sammynetwork makes future request within ten minutes because it is in the persistence table, sammynetwork will be sent to the same server over over and over again, and that’s how persistence table implemented.

There are many other options such as: Hash, RDP, SIP, SSL, and universal. The option is very flexible and we can create rule based on that called irules.
So let’s just start:
  1. Creating profile specifically persistence profile
  2. Apply it into the virtual server

  • Let’s go to the virtual server we need to apply on. Let’s check whether there is persistence profile or not.
    • Local traffic> Virtual servers-> Virtual servers list
    • Click the virtual server
    • Resources-> Default persistence profile -> click the persistence profile we want to apply
    • Right now there is no persistence profile yet going to be applied
  • To create persistence profiles for cookies
    • Local traffic > profile > Go to tab persistence
    • There are so many default persistence profiles:
      • Cookie
      • Dest_addr
      • Hash
      • Msrdp
      • Sip_info
      • Source_addr
      • Ssl
      • Universal
    • Click create
    • Fill the name
    • Choose the persistence type
    • Choose cookie for persistence type
    • Choose parent profile : cookie

So by doing this we are going to inheret all the settings from that  default profile unless we check the boxes on the right just to specify some custom attributes.
By default
  • Cookie method is HTTP cookie insert
  • Expiration which says session cookie
Let’s check that box change the expiration.
minutes will be 10 minutes
  • To create persistence profiles for ip affinity(source address)
    • Create
    • Persistence type -> Source address affinity
    • Lets name it : Our_source
    • Parent profile-> Source_addr
    • Timeout-> 60 seconds
    • Finished
    • In this blog I have shown what the persistence profile is and how to use it.
      There we can see vs, pool, and pool member(are going to show the blue server)
      If we want to check the records we can go to : local traffic > nodes> statistics -> Persistence records in statistic type
      We should be able to see the persistence value, we can see the age( the time left for the persistence profile)
      Then while clicking 192.168.1.100 we click blue then always blue for the next 60 seconds.

      • Local traffic> Nodes> in node list click red> foce offline
      Let’s try to force offlline the red server to show what happen

      • Let’s attach the profile of persistence cookie we have just created to the virtual server
        • Local traffic> virtual server> virtual server list
        • Click the vs
        • Properties ->configuration -> http profile choose http
        • Update
        • Resources > Default persistence profile > Our-Source(persistence profile of ip affinity we created)
      • Let’ s go to 192.168.1.100 again click refresh
      • Then red red red,,, showing red all the time
      Bigipserver http_pool = (information about the server of the pool).
      Let’s go trying the source ip address…
      Payload cookie showing the same cookie above
      If we check the next http request:
      But let’s check the content length then set-cookie there will be showing : Bigipserver http_pool = (information about the server of the pool).
      In hypertext transport protocol there are so many details about the request
      Source address: 192.168.1.100 to destination: 192.168.1.101
      Let’s check it in our packet capture:
      It happens because cookies in the browser of sammynetwork is the information caching into red server.
      1. Open the browser: http://192.168.1.100
      2. The first connection is red, then after refresh
      3. .red..red(showing red all the time)
      Let’s test it.

      • Let’s attach the profile of persistence cookie we have just created to the virtual server
        • Local traffic> virtual server> virtual server list
        • Click the vs
        • Properties ->configuration -> http profile choose http
        • Update
        • Resources > Default persistence profile > Name of the cookies persistence profile




No comments:

Post a Comment

iRule

  iRule: -- o iRule is a powerful and flexible feature within the BIG-IP local traffic management (LTM). o IRule is a powerful & flexibl...