Cookie persistence enforces persistence using HTTP cookies. As with all persistence modes, HTTP cookies ensure that requests from the same client are directed to the same pool member after the BIG-IP system initially load-balances them. If the same pool member is not available, the system makes a new load balancing decision.Cookie 持久性使用 HTTP cookie 强制持久性。与所有持久性模式一样,HTTP cookie 确保在 BIG-IP 系统最初对它们进行负载平衡后,来自同一客户端的请求被定向到同一池成员。如果同一个池成员不可用,系统会做出新的负载平衡决策。
The cookie persistence profile has four cookie persistence methods. Each one is unique and, together, they provide you with an option that is best for your requirements.cookie 持久性配置文件有四种 cookie 持久性方法。每一个都是独一无二的,它们共同为您提供最适合您要求的选项。
Description描述
The cookie persistence profile contains the following four BIG-IP cookie persistence methods:cookie 持久化配置文件包含以下四种 BIG-IP cookie 持久化方法:
: F5 recommends that you use the HTTP Cookie Rewrite method instead of the HTTP Cookie Passive method when possible.重要提示:F5 建议您尽可能使用 HTTP Cookie Rewrite 方法而不是 HTTP Cookie Passive 方法。
For the HTTP Cookie Passive method to succeed, a cookie must come from the web server with the appropriate server information in the cookie. Using the BIG-IP Configuration utility, you generate a template for the cookie string with encoding automatically added, and then edit the template to create the actual cookie.要使 HTTP Cookie Passive 方法成功,cookie 必须来自 Web 服务器,并在 cookie 中包含相应的服务器信息。使用 BIG-IP 配置实用程序,您可以为自动添加编码的 cookie 字符串生成模板,然后编辑模板以创建实际的 cookie。
- Cookie Hash饼干哈希
The Cookie Hash method consistently maps a cookie value to a specific node. When the client returns to the site, the BIG-IP system uses the cookie information to return the client to a given node. With this method, the web server must generate the cookie; the BIG-IP system does not create the cookie automatically as it does when you use the HTTP Cookie Insert method.Cookie Hash 方法始终将 cookie 值映射到特定节点。当客户端返回站点时,BIG-IP 系统使用cookie 信息将客户端返回到给定节点。使用此方法,Web 服务器必须生成 cookie; BIG-IP 系统不会像使用 HTTP Cookie 插入方法时那样自动创建 cookie。
- HTTP Cookie InsertHTTP Cookie 插入
Using the HTTP Cookie Insert method, the information about the server to which the client connects is inserted in the HTTP header of the response from the server in the form of a cookie. By default, the cookie is named and includes the encoded address and port of the server handling the connection. The system sets the expiration date for the cookie based on the setting in the cookie persistence profile. HTTP Cookie Insert is the default value for the setting.使用 HTTP Cookie 插入方法,有关客户端连接的服务器的信息以 cookie 的形式插入到来自服务器的响应的 HTTP 标头中。默认情况下,cookie 被命名为 BIGipServer<pool_name> 并包含处理连接的服务器的编码地址和端口。系统根据 cookie 持久性配置文件中的到期设置设置 cookie 的到期日期。 HTTP Cookie 插入是 Cookie 方法设置的默认值。
- HTTP Cookie PassiveHTTP Cookie 被动
Using the HTTP Cookie Passive method is unlike the other cookie persistence methods. The BIG-IP system does not insert or search for blank headers in the response from the server. This method does not try to set up the cookie. With this method, the server provides the cookie, formatted with the correct server information and timeout.使用 HTTP Cookie Passive 方法与其他 cookie 持久性方法不同。 BIG-IP 系统不会在来自服务器的响应中插入或搜索空白的 Set-Cookie 标头。此方法不会尝试设置 cookie。使用此方法,服务器提供 cookie,使用正确的服务器信息和超时进行格式化。
- HTTP Cookie RewriteHTTP Cookie 重写
Using the HTTP Cookie Rewrite method, the BIG-IP system intercepts a header, named , sent from the server to the client, and overwrites the name and value of the cookie. The new cookie is named and it includes the address and port of the server handling the connection.BIG-IP 系统使用 HTTP Cookie Rewrite 方法拦截从服务器发送到客户端的名为 BIGipCookie 的 Set-Cookie 头,并覆盖 cookie 的名称和值。新 cookie 名为 BIGipServer<pool_name>,它包括处理连接的服务器的地址和端口。
: F5 recommends that you use this method instead of the HTTP Cookie Passive method when possible.重要提示:F5 建议您尽可能使用此方法而不是 HTTP Cookie Passive 方法。
The HTTP Cookie Rewrite method requires you to set up the cookie created by the server. For the HTTP Cookie Rewrite method to succeed, a blank cookie must come from the web server for the BIG-IP system to rewrite. With Apache variants, you can add the cookie to every web page header by adding the following entry to the file:HTTP Cookie Rewrite 方法要求您设置服务器创建的 cookie。为了使 HTTP Cookie Rewrite 方法成功,一个空白 cookie 必须来自 Web 服务器,以便 BIG-IP 系统进行重写。使用 Apache 变体,您可以通过将以下条目添加到 httpd.conf 文件来将 cookie 添加到每个网页标题:
Header add Set-Cookie BIGipCookie=0000000000000000000000000...标题添加 Set-Cookie BIGipCookie=0000000000000000000000000...
: 笔记:
- The cookie must contain a total of 120 zeroes ().cookie 必须包含总共 120 个零 (0)。
- For backward compatibility, the blank cookie can contain only 75 zeroes. However, cookies of this size do not allow you to use iRules and persistence together.为了向后兼容,空白 cookie 只能包含 75 个零。但是,这种大小的 cookie 不允许您同时使用 iRules 和持久性。
Cookie Hash optionsCookie 哈希选项
| Option Name选项名称 | Default Value默认值 | Description描述 |
| Cookie Method饼干方法 | Cookie Hash饼干哈希 | Specifies that the server provides the cookie, which the system then maps consistently to a specific node. This persistence type requires a value.指定服务器提供 cookie,然后系统将其一致地映射到特定节点。此持久性类型需要 Name 值。 |
| Cookie Name曲奇名称 | <Blank><空白> | Specifies the name of the cookie that the system looks for or inserts.指定系统查找或插入的 cookie 的名称。 |
| Always Send Cookie始终发送 Cookie | Unchecked未勾选 | Specifies that the BIG-IP system returns the persistence cookie with every response, instead of only the first response on a connection.指定 BIG-IP 系统在每个响应中返回持久性 cookie,而不是仅在连接上的第一个响应。 |
| Hash Offset哈希偏移 | 0 | Specifies the start offset within the packet from which the system begins the hash when performing hash persistence load balancing. The default value is (zero), which indicates no offset.指定在执行哈希持久性负载平衡时系统开始哈希的数据包内的起始偏移量。默认值为 0(零),表示没有偏移。 |
| Hash Length哈希长度 | 0 | Specifies the length of data within the packet, in bytes, that the system uses to calculate the hash value when performing hash persistence load balancing. The default value is (zero) bytes.指定数据包内数据的长度(以字节为单位),系统在执行哈希持久性负载均衡时使用该长度来计算哈希值。默认值为 0(零)字节。 |
| Timeout暂停 | 180 | Specifies the duration of the persistence entries. The default is 180 seconds.指定持久性条目的持续时间。默认值为 180 秒。
|
| Match Across Services跨服务匹配 | Unchecked未勾选 | Specifies, when checked (), that all persistent connections from a client IP address that go to the same virtual IP address also go to the same node. The default is disabled.指定检查(已启用)时,从转到相同虚拟IP地址的客户端IP地址的所有持久连接也转到同一节点。默认是禁用的。 |
| Match Across Virtual Servers跨虚拟服务器匹配 | Unchecked未勾选 | Specifies, when checked (), that all persistent connections from the same client IP address go to the same node. The default is disabled.指定在选中(启用)时,来自同一客户端 IP 地址的所有持久连接都转到同一节点。默认是禁用的。 |
| Match Across Pools跨池匹配 | Unchecked未勾选 | Specifies, when checked (), that the system can use any pool that contains this persistence record. The default is disabled.指定在检查(已启用)时,系统可以使用包含此持久性记录的任何池。默认是禁用的。 |
| Cookie Encryption Use PolicyCookie 加密使用政策 | Disabled残障人士 | Specifies the way you use cookie encryption format. The default is disabled残疾. (Introduced in BIG-IP 11.5.0)指定您使用 cookie 加密格式的方式。默认是禁用的。 (在 BIG-IP 11.5.0 中引入)
|
| Encryption Passphrase加密密码 | <Blank><空白> | Specifies a passphrase for cookie encryption.指定用于 cookie 加密的密码。 |
| Override Connection Limit覆盖连接限制 | Unchecked未勾选 | Specifies, when checked (), that you can override pool member connection limits for persisted clients. Per-virtual connection limits remain hard limits and you cannot override them. The default is .指定在选中(启用)时可以覆盖持久客户端的池成员连接限制。每个虚拟连接限制仍然是硬限制,您无法覆盖它们。默认是禁用的。 |
HTTP Cookie Insert optionsHTTP Cookie 插入选项
| Option Name选项名称 | Default Value默认值 | Description描述 |
| Cookie Method饼干方法 | HTTP Cookie InsertHTTP Cookie 插入 | Specifies that the system inserts server information, in the form of a cookie, into the header of the server response.指定系统以 cookie 的形式将服务器信息插入到服务器响应的标头中。 |
| Cookie Name曲奇名称 | <Blank><空白> | Specifies the name of the cookie that the system looks for or inserts.指定系统查找或插入的 cookie 的名称。 |
| HTTPOnly AttributeHTTPOnly 属性 | Enabled启用 | When enabled, adds an httponlyhttponlyattribute value to a cookie inserted into the response header. This setting applies to HTTP and Secure Sockets Layer (SSL) connections. The default is Enabled启用. (Introduced in BIG-IP version 12.0.0)启用后,将 httponly 属性值添加到插入到响应标头中的 cookie。此设置适用于 HTTP 和安全套接字层 (SSL) 连接。默认值为启用。 (在 BIG-IP 版本 12.0.0 中引入)
: This option is not accessible through non-HTTP APIs, such as JavaScript; cookie persistence may fail in this situation.注意:无法通过非 HTTP API(例如 JavaScript)访问此选项;在这种情况下,cookie 持久性可能会失败。 |
| Secure Attribute安全属性 | Enabled启用 | When enabled, adds a attribute value to a cookie inserted into the response header. This setting applies only to SSL connections. The default is . (Introduced in BIG-IP 12.0.0.)启用后,将安全属性值添加到插入到响应标头中的 cookie。此设置仅适用于 SSL 连接。默认值为启用。 (在 BIG-IP 12.0.0 中引入。) |
| Always Send Cookie始终发送 Cookie | Unchecked未勾选 | Specifies that the BIG-IP system returns the persistence cookie with every response, instead of only the first response on a connection.指定 BIG-IP 系统在每个响应中返回持久性 cookie,而不是仅在连接上的第一个响应。 |
| Expiration到期 | Checked已检查 | Specifies the expiration time of the cookie. When you check (the default value), the system generates a session cookie. This cookie expires when the user session expires (that is, when the browser is closed). When you don't check , you can specify the expiration interval in , , , and .指定 cookie 的过期时间。当您选中会话 Cookie(默认值)时,系统会生成会话 Cookie。当用户会话过期(即浏览器关闭时)时,此 cookie 将过期。当您不检查会话 Cookie 时,您可以以天、小时、分钟和秒为单位指定过期间隔。 |
| Cookie Encryption Use PolicyCookie 加密使用政策 | Disabled残障人士 | Specifies the way you use cookie encryption format. The default is disabled残疾. (Introduced in BIG-IP 11.5.0)指定您使用 cookie 加密格式的方式。默认是禁用的。 (在 BIG-IP 11.5.0 中引入)
|
| Encryption Passphrase加密密码 | <Blank><空白> | Specifies a passphrase for cookie encryption.指定用于 cookie 加密的密码。 |
| Override Connection Limit覆盖连接限制 | Unchecked未勾选 | Specifies, when checked (), that you can override pool member connection limits for persisted clients. Per-virtual connection limits remain hard limits and you cannot override them. The default is .指定在选中(启用)时可以覆盖持久客户端的池成员连接限制。每个虚拟连接限制仍然是硬限制,您无法覆盖它们。默认是禁用的。 |
HTTP Cookie Passive optionsHTTP Cookie 被动选项
| Option Name选项名称 | Default Value默认值 | Description描述 |
| Cookie Method饼干方法 | HTTP Cookie PassiveHTTP Cookie 被动 | Specifies that the server provides the cookie, formatted with the correct server information and timeout. This persistence type requires a Name姓名value.指定服务器提供 cookie,使用正确的服务器信息和超时进行格式化。此持久性类型需要 Name 值。 |
| Cookie Name曲奇名称 | <Blank><空白> | Specifies the name of the cookie that the system looks for or inserts.指定系统查找或插入的 cookie 的名称。 |
| Always Send Cookie始终发送 Cookie | Unchecked未勾选 | Specifies that the BIG-IP system returns the persistence cookie with every response, instead of only the first response on a connection.指定 BIG-IP 系统在每个响应中返回持久性 cookie,而不是仅在连接上的第一个响应。 |
| Cookie Encryption Use PolicyCookie 加密使用政策 | Disabled残障人士 | Specifies the way you use cookie encryption format. The default is 残疾. (Introduced in BIG-IP 11.5.0)指定您使用 cookie 加密格式的方式。默认是禁用的。 (在 BIG-IP 11.5.0 中引入)
|
| Encryption Passphrase加密密码 | <Blank><空白> | Specifies a passphrase for cookie encryption.指定用于 cookie 加密的密码。 |
| Override Connection Limit覆盖连接限制 | Unchecked未勾选 | Specifies, when checked (enabled), that you can override pool member connection limits for persisted clients. Per-virtual connection limits remain hard limits and you cannot override them. The default is disabled残疾.指定在选中(启用)时可以覆盖持久客户端的池成员连接限制。每个虚拟连接限制仍然是硬限制,您无法覆盖它们。默认是禁用的。 |
HTTP Cookie Rewrite optionsHTTP Cookie 重写选项
| Option Name选项名称 | Default Value默认值 | Description描述 |
| Cookie Method饼干方法 | HTTP Cookie RewriteHTTP Cookie 重写 | Specifies that the system intercepts the BIGipCookie大饼干header, sent from the server, and overwrites the name and value of that cookie.指定系统拦截从服务器发送的 BIGipCookie 标头,并覆盖该 cookie 的名称和值。 |
| Cookie Name曲奇名称 | <Blank><空白> | Specifies the name of the cookie that the system looks for or inserts.指定系统查找或插入的 cookie 的名称。 |
| Always Send Cookie始终发送 Cookie | Unchecked未勾选 | Specifies that the BIG-IP system returns the persistence cookie with every response, instead of only the first response on a connection.指定 BIG-IP 系统在每个响应中返回持久性 cookie,而不是仅在连接上的第一个响应。 |
| Expiration到期 | Checked已检查 | Specifies the expiration time of the cookie. When Session Cookie会话 Cookieis checked (the default value), the system generates a session cookie. This cookie expires when the user session expires (that is, when the browser is closed). When Session Cookie会话 Cookieis unchecked, you can specify the expiration interval in Days天, Hours小时, Minutes分钟, and Seconds秒.指定 cookie 的过期时间。检查会话cookie(默认值)时,系统生成会话cookie。当用户会话过期(即浏览器关闭时)时,此 cookie 将过期。取消选中会话 Cookie 时,您可以以天、小时、分钟和秒为单位指定过期间隔。 |
| Cookie Encryption Use PolicyCookie 加密使用政策 | Disabled残障人士 | Specifies the way you use cookie encryption format. The default is 残疾. (Introduced in BIG-IP 11.5.0.)指定您使用 cookie 加密格式的方式。默认是禁用的。 (在 BIG-IP 11.5.0 中引入。)
|
| Encrypted Passphrase加密密码 | <Blank><空白> | Specifies a passphrase for cookie encryption.指定用于 cookie 加密的密码。 |
| Override Connection Limit覆盖连接限制 | Unchecked未勾选 | Specifies, when checked (enabled启用), that you can override pool member connection limits for persisted clients. Per-virtual connection limits remain hard limits and you cannot override them. The default is disabled残疾.指定在选中(启用)时可以覆盖持久客户端的池成员连接限制。每个虚拟连接限制仍然是硬限制,您无法覆盖它们。默认是禁用的。 |
Recommendations建议
For information about configuring cookie persistence, refer to the Cookie persistenceCookie 持久化section in the Enabling Session Persistence启用会话持久性chapter of the Configuration Guide for BIG-IP Local Traffic ManagerBIG-IP本地流量管理器配置指南.有关配置 cookie 持久性的信息,请参阅 BIG-IP 本地流量管理器配置指南的启用会话持久性一章中的 Cookie 持久性部分。