06-01-2009 11:28 AM
Hello,
As far as I understand, the HTTP header cookie field, and the embedded cookie (in a URL) are case-sensitive. Is this correct?
The settings look like this:
content stickyCookie
advanced-balance cookieurl
string prefix "SESSION_ID="
On the HTTP header the cookie field looks like this:
Set Cookie: SESSION_ID=ABCDEF
But if instead of this, the request comes from a client with the cookie embedded in the url, it looks like this:
http://localhost/Info/index;session_id=ABCDEF?page=home.
Is this field case-sensitive for the CSS? I know it is for the ACE, as I have done this and there is the "cookie secondary" command where you can specify how the url-embedded cookie looks like.
So I am afraid there is no way of making this work on a CSS?
Any help will be much appreciated!
Solved! Go to Solution.
06-02-2009 12:45 AM
Your config with SESSIOM_ID sent by the client gives the following debug :
JUN 2 01:33:31 3/1 49 WCC-7: CsdStickinessCheck: stickytype=3
JUN 2 01:33:31 3/1 50 WCC-7: CheckL5: cookie failback to URL, stickytype=3, pURL=8ee0e8f8
JUN 2 01:33:31 3/1 51 WCC-7: cookieStr="SESSION_ID=1234 HTTP/1.1"
JUN 2 01:33:31 3/1 52 WCC-7: strLen=24, rangeLen=24, conv=1
JUN 2 01:33:31 3/1 53 WCC-7: Prefix found: prefix="SESSION_ID="
The same config, but now the client sends session_id gives the following debug :
JUN 2 01:35:24 3/1 63 WCC-7: CheckL5: cookie failback to URL, stickytype=3, pURL=8ee058f8
JUN 2 01:35:24 3/1 64 WCC-7: cookieStr="session_id=1234 HTTP/1.1"
JUN 2 01:35:24 3/1 65 WCC-7: strLen=24, rangeLen=24, conv=1
JUN 2 01:35:24 3/1 66 WCC-7: server cookie not found. strAction=4
So, it confirms that the CSS is case sensitive.
Gilles.
06-01-2009 12:34 PM
Hi Javier,
The Cisco CSS is case-sensitive when searching for this string.
When configuring the CSS 11000 and 11500, determine first if you need a server cookie string. If the string operation under the content rule is match-service-cookie, which is the default setting, this parameter must be configured. In this case the service cookie string is matched against the cookie contained in the HTTP header for load balancing decision.
If the string operation under the content rule is set to the hash method, this parameter is not needed. In order to select one of the available servers, the cookie contained in the HTTP header is mathematically processed using a hashing algorithm. If available, the hash algorithm assigna the connection carrying a certain cookie to the same server. This example focuses on the match-service-cookie case.
Note: Cookies are case sensitive.
Configuring the Service
training4(config># service server_g
training4(config-service[server_g])# string LV2KJK (the server cookie text)
training4(config># service server_h
training4(config-service[server_h])# string AARIKA
Configuring the Content Rule
Note: Cookies require a Layer 5 rule.
You can create a Layer 5 rule by adding a URL.
For example,
A Layer 4 rule can be promoted to a Layer 5 rule by issuing the advanced-balance cookies command.
Choose the advanced-balance method.
training4(config-owner-content[cookie-layer5])# advanced-balance cookies
Configure the string operation.
training4(config-owner-content[cookie-layer5])# string operation ?
match-service-cookie (DEFAULT)
hash-crc32
hash-xor
hash-a
Define the starting/ending bytes.
training4(config-owner-content[cookie-layer5])# string range 1 to 200
Start byte position of cookie/url after header (Range:1-600)
Specify the prefix located in the string range.
training4(config-owner-content[cookie-layer5])# string prefix "ASPSESSION"
Indicate how many bytes to skip after the starting prefix.
training4(config-owner-content[cookie-layer5])# string skip-length 9
Indicate how many bytes after the prefix/skip-length make-up the string.
training4(config-owner-content[cookie-layer5])# string process-length 6
If no string process length is configured, search after end of string character.
training4(config-owner-content[cookie-layer5])# string eos-char "&"
Specify the failover in the event that a server goes down or is suspended.
training4(config-owner-content[cookie-layer5])# sticky-serverdown-failoversticky-srcip
sticky-srcip-dstport
sticky-srcip
balance (Default)
redirect
reject
Below is an example of a cookie string, and how some of the parameters work.
ASPSESSIONJJKKJJKK=LV2KJK44444444
!--- The string prefix = ASPSESSION.
!--- The string skip-length = 9. Skip
!--- nine characters after the prefix.
!--- The string process-length = 6, which would make
!--- the string LV2KJK matching service server_g.
ASPSESSIONSQPMMJHK=AARIKAMDESLD
!--- Matches service server_h.
Below is a sample configuration for the cookie strings.
!************************** SERVICE **************************
service server_g
ip address 172.17.63.240
string LV2KJK
active
service server_h
ip address 172.17.63.241
string AARIKA
active
!*************************** OWNER ***************************
owner braden
content server-cookie
protocol tcp
vip address 172.17.63.199
port 80
advanced-balance cookies
string range 1 to 200
string prefix "ASPSESSION"
string skip-length 9
string process-length 6
add service server_g
add service server_h
active
Kindly tell if this information is of any use to you.
Sachin garg
06-01-2009 01:53 PM
Your "Note: Cookies are case sensitive." is probably the answer.
The rest is what I already saw in the CSS documentation.
Please note that this environment is already configured with dynamic cookies (valid for individual sessions only), as this is what the requirements are.
From the ACE module:
"Depending on client and server behavior and the sequence of frames, the same cookie value may appear in the standard HTTP cookie that is present in the HTTP header, Set-Cookie message, or cookie embedded in a URL. The actual name of the cookie may differ depending on whether the cookie is embedded in a URL or appears in an HTTP header. The use of a different name for the cookie and the URL occurs because these two parameters are configurable on the server and are often set differently. For example, the Set-Cookie name may be as follows:
Set-Cookie: session_cookie = 123
The URL may be as follows:
http://www.example.com/?session-id=123"
In my case, I am using a CSS and it appears that this option of configuring the "secondary cookie" does not exist. And since the cookie is also case-sensitive, the CSS will not recognize the url-embedded cookie as the same one. THIS is what I am trying to confirm.
Thanks!
06-02-2009 12:45 AM
Your config with SESSIOM_ID sent by the client gives the following debug :
JUN 2 01:33:31 3/1 49 WCC-7: CsdStickinessCheck: stickytype=3
JUN 2 01:33:31 3/1 50 WCC-7: CheckL5: cookie failback to URL, stickytype=3, pURL=8ee0e8f8
JUN 2 01:33:31 3/1 51 WCC-7: cookieStr="SESSION_ID=1234 HTTP/1.1"
JUN 2 01:33:31 3/1 52 WCC-7: strLen=24, rangeLen=24, conv=1
JUN 2 01:33:31 3/1 53 WCC-7: Prefix found: prefix="SESSION_ID="
The same config, but now the client sends session_id gives the following debug :
JUN 2 01:35:24 3/1 63 WCC-7: CheckL5: cookie failback to URL, stickytype=3, pURL=8ee058f8
JUN 2 01:35:24 3/1 64 WCC-7: cookieStr="session_id=1234 HTTP/1.1"
JUN 2 01:35:24 3/1 65 WCC-7: strLen=24, rangeLen=24, conv=1
JUN 2 01:35:24 3/1 66 WCC-7: server cookie not found. strAction=4
So, it confirms that the CSS is case sensitive.
Gilles.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: