JSESSIONID - Persistance Issue

Product Discussions ADC - Application Delivery
1

Hello, I have the following JSESSIONID aflex ready and applied to manage the JSESSIONID which is provided by the 2 servers. AFLEX SCRIPT:


when HTTP_REQUEST {
# Check if JSESSIONID exists
if { [HTTP::cookie exists "JSESSIONID"] } {

# JSESSIONID found in the request
# we capture the first 32 characters
set jsess_id [HTTP::cookie "JSESSIONID"] 
persist uie $jsess_id

# Check if JSESSIONID exists in the uie persist table
set p [persist lookup uie $jsess_id all]
if { $p ne "" } {

# JSESSIONID found in the persist table
log "JSESSIONID = \"$jsess_id\" found in persistency-table ([lindex $p 0] [lindex $p 1])"
} else {
# unknown JSESSIONID
# (could be a fake JSESSIONID inserted by a bad end-user
# or a user inactive for 30 minutes)
log "JSESSIONID = \"$jsess_id\" not found in persistency-table"
}

} else {
# JSESSIONID not found in the request
# (could be a new client)
log "No JSESSIONID cookie"
}
}

when HTTP_RESPONSE {
if { [HTTP::cookie exists "JSESSIONID"] } {
set jsess_cookie [HTTP::cookie "JSESSIONID"]
persist add uie $jsess_cookie 1800
log "Add persist entry for JSESSIONID \"$jsess_cookie\""
}
}

In the log entries I see that JSESSIONID is being written to the persistance table. However - during high load - the loadbalancer is redirecting the traffic to SERVER2 instead of using the JSESSIONID of SERVER1. The cookie of SERVER1 is: xBBsMkYgRV3atCoG9jYrTF6o but as it arrives to SERVER2 it gets a new one and connection is broken: BIaErJe6+f2wvNs8ii9X8nVp Here an example of arriving traffic on SERVER2 (INSTEAD OF SERVER1). 239.50.86.205 - - [30/Jul/2018:15:24:49 +0200] "POST /someurl/someaddress/webservice HTTP/1.1" 200 220 "-" "Apache-HttpClient/4.5.5 (Java/1.8.0_144)" "xBBsMkYgRV3atCoG9jYrTF6o" "JSESSIONID=BIaErJe6+f2wvNs8ii9X8nVp; Path=/someuri; HttpOnly" "someserveraddress" 0-1244 The config of the SLB is: HTTP 80 Use default server selection when preferred method fails Use received hop for response Aflex - JSESSIONDID (pasted above) Aflex2:


when HTTP_REQUEST {
	if {([HTTP::host] contains "someaddress1")} {
pool servergroup1
	} elseif {([HTTP::host] contains "someaddress2")} {
pool servergroup2
}
}

Cookie Persistence Template Cookie-Persistance-Temaplate: Expiration 1800s Cookie name: Cookie-Persistance-temaplte Domain: Path: / Match Type: Server - Scan All Memebers. Ah - servergroup1 - which is the one attacked by end users is having 2 server listening on port 80. When I disable each of the server and run only 1 leg - no issues at all. When both are enabled - issues are starting like described above. Do I miss something?