Cookies provide a way to make http requests stateful. When a HTTP request is made from a client to a server, each request is independant of the previous, that is the server does not keep track of what happened in the previous request. To make http requests stateful and relate them Cookies can be used. Cookies provide a means for the server to record which http requests belong to the same client.
On an F5 Big-IP LTM, there are options to apply Cookie persistence profile to a Virtual Server. The Cookie profile can be customised and hence there are a number of options which administrators can select to meet their requirements. Of these options the main one is the Mode. Cookies can applied in one of four Modes - Hash, Insert, Rewrite, and Passive.
* Hash mode: In Hash mode, the Original Web Server (OWS) generates the Cookie. You can specify in Hash mode the name of the Cookie Name, Offset (The number of bytes in the cookie to skip before calculating the hash value), and Length (This is the number of bytes to use when calculating the hash value). The Timeout option does not apply in Hash mode.
* Insert mode: In Insert mode, as the name implies the Big-IP with this Cookie mode inserts a cookie into the HTTP response from the server that contains information about the OWS. The expiration time of the cookie is determined by the timeout configured on the Big-IP. You can set the expiration to an explicit amount of time or with a value of "session". A session cookie is a cookie which is set without an expiration date. Session cookies are generally stored in volatile memory by clients and expire when the user session expires (i.e. when the browser is shut down
* Rewrite mode: If you specify Rewrite mode, the Big-IP Controller intercepts a cookie, named BIGipCookie (the server must name its cookie BIGipCookie), sent from the server to the client and rewrites the name of the cookie to BIGipServer. When the BIG/ip Controller rewrites the cookie, the server information and time-out value are reset.
Rewrite mode requires you to set up the cookie created by the server. In order for Rewrite mode to work, there needs to be a blank cookie coming from the web server for BIG/ip to rewrite. With Apache variants, the cookie can be added to every web page header by adding an entry in the httpd.conf file:
Header add Set-Cookie
BIGipCookie=0000000000000000000000000000000000
00000000...
(The cookie should contain a total of 75 zeros.)
* Passive mode: In Passive mode the Big-IP does not search or insert cookies into the HTTP header of responses from the server. The server is expected to create a cookie add the encoding representing the node and port information. A sample http with a cookie and encoding may look as follows:
Header add Set-Cookie:
BIGipServer=184658624.20480.000; expires=Sat,
19-Aug-2000 19:35:45 GMT; path=/
In this example, 184658624 is the encoded node address and 20480 is the encoded port.
The equation for an address (a.b.c.d) is:
d*256^3 + c*256^2 + b*256 +a.
The way to encode the port is to take the two bytes that store the port and reverse them. So, port 80 becomes 80 * 256 + 0 = 20480. Port 1433 (instead of 5 * 256 + 153) becomes 153 * 256 + 5 = 39173.
No comments:
Post a Comment