HTTP Cookie Persistence
The HTTP cookie mode of persistence enables sticking a client to a server for the duration of their session. HTTP cookie persistence may be applied to any virtual service with an attached HTTP application profile. With this persistence method, Avi Vantage Service Engines (SEs) will insert an HTTP cookie into a server’s first response to a client.
To use HTTP cookie persistence, no configuration changes are required on the back-end servers. HTTP persistence cookies created by Avi Vantage have no impact on existing server cookies or behavior.
Note: Avi Vantage also has an “app cookie” persistence mode, which relies on cookies as well. The app cookie method performs persistence based on information in existing server cookies, rather than inserting a Vantage-created cookie.
To validate if HTTP cookie persistence is working, enable all headers for the virtual service analytics. Then view the logs to see the cookies sent by a client.
See Overview of Server Persistence for descriptions of other persistence methods and options.
The following is an example of an HTTP session-persistence cookie created by Avi Vantage.
Set-Cookie: AVI_COOKIE=026cc2fffb-b95b-41-dxgObfTEe_IrnYmysot-VOVY1_EEW55HqmENnvC; path=/
The cookie payload contains the back-end server IP address and port.
In versions 16.1 and prior, the cookie payload is obfuscated with a hash.
In 16.2 and later, the payload is encrypted with AES-256. When a client makes a subsequent HTTP request, they include the cookie, which the SE uses to ensure the client’s request is directed to the same server.
Cookie Persistence Timeout
Beginning in Avi Vantage 16.2, persistence profiles allow configuration of a persistence timeout. The persistence timeout sets the maximum amount of time a persistence cookie is valid.
The persistence timeout applies to persistence cookies that are created by Avi Vantage for individual client sessions with virtual services that use the persistence profile.
Generally, the client or browser has responsibility to clear a persistent session cookie after the session the cookie was for is terminated, or when the browser is closed. Setting a persistence timeout takes care of cases where the client or browser does not clear the session cookies.
The persistence timeout within a persistence profile can be set to 10-720 minutes. If the timeout is set, the maximum lifetime of any session cookie that is created based on the profile is set to the timeout. In this case, the cookie is valid for a maximum of the configured timeout, beginning when Avi Vantage creates the cookie.
For example, if the persistence timeout is set to 720 minutes, a cookie created based on the profile is valid for a maximum of 12 hours, beginning as soon as the cookie is created. After the persistence timeout expires, the cookie expires and is no longer valid.
By default there is no timeout and the cookie sent is a session cookie, which is cleared by the client after the session ends.
Since clients maintain the cookie and present it when visiting the site, Avi Vantage does not need to store the persistence information or mirror the persistence mappings to other SEs, allowing for greater scale with minimal effort.
HTTP cookie persistence leverages a session-based cookie, which is valid as long as the client maintains an HTTP session with Avi Vantage. If the client closes a browser, the cookie is deleted and the persistence is finished.
- Name: Unique name for the persistence profile.
- Description: Optional, custom description for the profile.
- Type: HTTP Cookie. Changing the type will change the profile to another persistence method.
- Select New Server When Persistent Server Down: If a server is marked down, such as by a health monitor or when it has reached a connection limit, should existing persisted users continue to be sent to the server, or load balanced to a new server?
- Immediate: Vantage will immediately select a new server to replace the one marked down and switch the persistence entry to the new server.
- Never: No replacement server will be selected. Persistent entries will be required to expire normally based upon the persistence type.
- HTTP Cookie Name: By default, the cookie is named AVI_COOKIE. By populating this optional field, the cookie will be inserted with the custom name.
Updated: 2017-11-20 22:00:07 +0000