Applies To:Show Versions
BIG-IP Link Controller
SSL persistence is a type of persistence that tracks SSL sessions using the SSL session ID, and it is a property of each individual pool. Using SSL persistence can be particularly important if your clients typically have translated IP addresses or dynamic IP addresses, such as those that Internet service providers typically assign. Even when the client’s IP address changes, BIG-IP system® still recognizes the session as being persistent based on the session ID.
You might want to use SSL persistence and source address affinity persistence together. In situations where an SSL session ID times out, or where a returning client does not provide a session ID, you might want the BIG-IP system to direct the client to the original node based on the client’s IP address. As long as the client’s simple persistence record has not timed out, the BIG-IP system can successfully return the client to the appropriate node.
Criteria for session persistence
For most persistence types, you can specify the criteria that the BIG-IP® system uses to send all requests from a given client to the same pool member. These criteria are based on the virtual server or servers that are hosting the client connection. To specify these criteria, you configure the Match Across Services, Match Across Virtual Servers, and Match Across Poolssettings contained within persistence profiles. Before configuring a persistence profile, it is helpful to understand these settings.
Creating an SSL persistence profile
On the Main tab, click
. The Persistence profile list screen opens.
The New Persistence Profile screen opens.
- In the Name field, type a unique name for the profile.
- From the Persistence Type list, select SSL.
- For the Parent Profile setting, confirm that ssl appears.
- Select the Custom check box.
- Configure settings as needed.
- Click Finished.