Sticky session for SSL termination

Unanswered Question
Aug 6th, 2010
User Badges:

We have a server farm with 2 servers.  The ACE is perfoming SSL termination to this farm, and talking tcp/80 on the back end.  How can I ensure these sessions are sent to the same servers?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
litrenta Sat, 08/07/2010 - 08:18
User Badges:
  • Cisco Employee,

since you are doing ssl termination you can do cookie sticky and have the ace either learn a cookie from the server or insert a cookie to provide sticky.

for instance to do cookie insert

sticky http-cookie COOKIE1 GROUP3
cookie insert browser-expire <-- this makes it a session based cookie. If you want the cookie to expire at a set time you can leave off browser-expire 
and then set a timeout . the timeout is not on ace rather we will send a utc expire time to the browser
serverfarm test

then call the sticky serverfarm in your load balance policy

policy-map type loadbalance first-match L7PLBSF_STICKY-COOKIE_POLICY
  class class-default


This Discussion