ltm persistence cookie
ltm persistence cookie(1) BIG-IP TMSH Manual ltm persistence cookie(1)
NAME
cookie - Configures a cookie persistence profile.
MODULE
ltm persistence
SYNTAX
Configure the cookie component within the ltm persistence module using the syntax in the following sections.
MODIFY
create cookie [name]
modify cookie [name]
options:
all
always-send [enabled | disabled]
app-service [[string] | none]
cookie-name [ [name] | none]
cookie-encryption [required | preferred | disabled]
cookie-encryption-passphrase [string | none]
defaults-from [name]
description [string]
expiration [ [d:h:m:s] | [h:m:s] | [m:s] | [seconds]
| "session cookie"]
httponly [enabled | disabled]
secure [enabled | disabled]
hash-length [integer]
hash-offset [integer]
match-across-pools [enabled | disabled]
match-across-services [enabled | disabled]
match-across-virtuals [enabled | disabled]
method [hash | insert | passive | rewrite]
mirror [enabled | disabled]
override-connection-limit [enabled | disabled]
timeout [indefinite | [integer] ]
encrypt-cookie-poolname [enabled | disabled]
edit cookie [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
mv cookie [ [[source-name] [destination-name]] | [[name] to-folder [folder-name]] | [[name...name] to-folder [folder-name]] ]
options:
to-folder
DISPLAY
list cookie
list cookie [ [ [name] | [glob] | [regex] ] ... ]
show running-config cookie
show running-config cookie [ [ [name] | [glob] | [regex] ] ... ]
options:
all
all-properties
non-default-properties
one-line
partition
DELETE
delete cookie [name]
options:
all
DESCRIPTION
You can use the cookie component to configure cookie persistence for the BIG-IP(r) system. Cookie persistence uses an HTTP
cookie stored on a client's computer to allow the client to connect to the same server previously visited at a web site.
A persistence profile is a profile that enables persistence when you assign the profile to a virtual server. Using a
persistence profile avoids having to write an iRule to implement a type of persistence. You can either use the default
profile, or create a custom profile based on the default.
EXAMPLES
list cookie
Displays all cookie persistence profiles.
create cookie cookie_persistence defaults-from cookie
Creates a custom cookie persistence profile named cookie_persistence that inherits its settings from the default cookie
persistence profile.
mv cookie /Common/my_cookie_profile to-folder /Common/my_folder
Moves a custom cookie persistence profile named my_cookie_profile to a folder named my_folder, where my_folder has already
been created and exists within /Common.
OPTIONS
always-send
Send the cookie persistence entry on every reply, even if the entry has previously been supplied to the client. The
default value is disabled.
app-service
Specifies the name of the application service to which the profile belongs. The default value is none. Note: If the
strict-updates option is enabled on the application service that owns the object, you cannot modify or delete the
profile. Only the application service can modify or delete the profile.
cookie-name
Specifies a unique name for the cookie. This option is required.
defaults-from
Specifies the existing profile from which the system imports settings for the new profile. The default value is
cookie, the system default cookie persistence profile.
description
User defined description.
cookie-encryption
Specifies the way in which cookie format will be used: disabled: generate old format,unencrypted, preferred: generate
encrypted cookie but accept both encrypted and old format, and required: cookie format must be encrypted. Default is
required.
cookie-encryption-passphrase
Specifies a passphrase to be used for cookie encryption.
expiration
Specifies the cookie expiration date in the format d:h:m:s, h:m:s, m:s or seconds. (hours 0-23, minutes 0-59, seconds
0-59). The time period must be less than 24856 days.
You can use "session-cookie" (0 seconds) to indicate that the cookie expires when the browser closes.
encrypt-cookie-poolname
Specifies whether the pool-name in the inserted BigIPServer default cookie should be encrypted. The default value is
disabled.
glob Displays the items that match the glob expression. See help glob for a description of glob expression syntax.
httponly
Specifies whether the httponly attribute should be enabled or disabled for the inserted cookies. The default value is
enabled.
secure
Specifies whether the secure attribute should be enabled or disabled for the inserted cookies. The default value is
enabled.
hash-length
Specifies the cookie hash length. The length is the number of bytes to use when calculating the hash value. The
default value is 0 (zero) bytes.
hash-offset
Specifies the cookie hash offset. The offset is the number of bytes in the cookie to skip before calculating the hash
value. The default value is 0(zero) bytes.
match-across-pools
Specifies, when enabled, that the system can use any pool that contains this persistence record. The default value is
disabled.
match-across-services
Specifies, when enabled, that all persistent connections from a client IP address, which go to the same virtual IP
address, also go to the same node. The default value is disabled.
match-across-virtuals
Specifies, when enabled, that all persistent connections from the same client IP address go to the same node. The
default value is disabled.
method
Specifies the type of cookie processing that the system uses. The default value is insert.
mirror
Specifies whether the system mirrors persistence records to the high-availability peer. This option is applicable only
when the value of the method option is hash. The default value is disabled.
name Specifies a unique name for the component. This option is required for the commands create, delete, and modify.
override-connection-limit
Specifies, when enabled, that the pool member connection limits are not enforced for persisted clients. Per-virtual
connection limits remain hard limits and are not disabled. The default value is disabled.
partition
Displays the administrative partition within which the component resides.
regex
Displays the items that match the regular expression. The regular expression must be preceded by an at sign (@[regular
expression]) to indicate that the identifier is a regular expression. See help regex for a description of regular
expression syntax.
timeout
Specifies the duration of the persistence entries. The default value is 180 seconds.
to-folder
cookie persistence profiles can be moved to any folder under /Common, but configuration dependencies may restrict
moving the profile out of /Common.
SEE ALSO
create, delete, edit, glob, list, ltm virtual, modify, mv, regex, show, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012-2013, 2015-2016. All rights reserved.
BIG-IP 2017-03-07 ltm persistence cookie(1)