ltm persistence cookie
ltm persistence cookie(1) BIG-IP TMSH Manual ltm persistence cookie(1)
NAME
cookie - Configures a cookie persistence profile.
MODULE
ltm persistence
SYNTAX
Configure the cookie component within the ltm persistence module using
the syntax in the following sections.
MODIFY
create cookie [name]
modify cookie [name]
options:
all
always-send [enabled | disabled]
app-service [[string] | none]
cookie-name [ [name] | none]
cookie-encryption [required | preferred | disabled]
cookie-encryption-passphrase [string | none]
defaults-from [name]
description [string]
expiration [ [d:h:m:s] | [h:m:s] | [m:s] | [seconds]
| "session cookie"]
httponly [enabled | disabled]
secure [enabled | disabled]
hash-length [integer]
hash-offset [integer]
match-across-pools [enabled | disabled]
match-across-services [enabled | disabled]
match-across-virtuals [enabled | disabled]
method [hash | insert | passive | rewrite]
mirror [enabled | disabled]
override-connection-limit [enabled | disabled]
timeout [indefinite | [integer] ]
encrypt-cookie-poolname [enabled | disabled]
edit cookie [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
mv cookie [ [[source-name] [destination-name]] | [[name] to-folder [folder-name]] | [[name...name] to-folder [folder-name]] ]
options:
to-folder
DISPLAY
list cookie
list cookie [ [ [name] | [glob] | [regex] ] ... ]
show running-config cookie
show running-config cookie [ [ [name] | [glob] | [regex] ] ... ]
options:
all
all-properties
non-default-properties
one-line
partition
DELETE
delete cookie [name]
options:
all
DESCRIPTION
You can use the cookie component to configure cookie persistence for
the BIG-IP(r) system. Cookie persistence uses an HTTP cookie stored on
a client's computer to allow the client to connect to the same server
previously visited at a web site.
A persistence profile is a profile that enables persistence when you
assign the profile to a virtual server. Using a persistence profile
avoids having to write an iRule to implement a type of persistence. You
can either use the default profile, or create a custom profile based on
the default.
EXAMPLES
list cookie
Displays all cookie persistence profiles.
create cookie cookie_persistence defaults-from cookie
Creates a custom cookie persistence profile named cookie_persistence
that inherits its settings from the default cookie persistence profile.
mv cookie /Common/my_cookie_profile to-folder /Common/my_folder
Moves a custom cookie persistence profile named my_cookie_profile to a
folder named my_folder, where my_folder has already been created and
exists within /Common.
OPTIONS
always-send
Send the cookie persistence entry on every reply, even if the
entry has previously been supplied to the client. The default
value is disabled.
app-service
Specifies the name of the application service to which the profile
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the profile. Only the application
service can modify or delete the profile.
cookie-name
Specifies a unique name for the cookie. This option is required.
defaults-from
Specifies the existing profile from which the system imports
settings for the new profile. The default value is cookie, the
system default cookie persistence profile.
description
User defined description.
cookie-encryption
Specifies the way in which cookie format will be used: disabled:
generate old format,unencrypted, preferred: generate encrypted
cookie but accept both encrypted and old format, and required:
cookie format must be encrypted. Default is required.
cookie-encryption-passphrase
Specifies a passphrase to be used for cookie encryption.
expiration
Specifies the cookie expiration date in the format d:h:m:s, h:m:s,
m:s or seconds. (hours 0-23, minutes 0-59, seconds 0-59). The time
period must be less than 24856 days.
You can use "session-cookie" (0 seconds) to indicate that the
cookie expires when the browser closes.
encrypt-cookie-poolname
Specifies whether the pool-name in the inserted BigIPServer
default cookie should be encrypted. The default value is disabled.
glob Displays the items that match the glob expression. See help glob
for a description of glob expression syntax.
httponly
Specifies whether the httponly attribute should be enabled or
disabled for the inserted cookies. The default value is enabled.
secure
Specifies whether the secure attribute should be enabled or
disabled for the inserted cookies. The default value is enabled.
hash-length
Specifies the cookie hash length. The length is the number of
bytes to use when calculating the hash value. The default value is
0 (zero) bytes.
hash-offset
Specifies the cookie hash offset. The offset is the number of
bytes in the cookie to skip before calculating the hash value. The
default value is 0(zero) bytes.
match-across-pools
Specifies, when enabled, that the system can use any pool that
contains this persistence record. The default value is disabled.
match-across-services
Specifies, when enabled, that all persistent connections from a
client IP address, which go to the same virtual IP address, also
go to the same node. The default value is disabled.
match-across-virtuals
Specifies, when enabled, that all persistent connections from the
same client IP address go to the same node. The default value is
disabled.
method
Specifies the type of cookie processing that the system uses. The
default value is insert.
mirror
Specifies whether the system mirrors persistence records to the
high-availability peer. This option is applicable only when the
value of the method option is hash. The default value is disabled.
name Specifies a unique name for the component. This option is required
for the commands create, delete, and modify.
override-connection-limit
Specifies, when enabled, that the pool member connection limits
are not enforced for persisted clients. Per-virtual connection
limits remain hard limits and are not disabled. The default value
is disabled.
partition
Displays the administrative partition within which the component
resides.
regex
Displays the items that match the regular expression. The regular
expression must be preceded by an at sign (@[regular expression])
to indicate that the identifier is a regular expression. See help
regex for a description of regular expression syntax.
timeout
Specifies the duration of the persistence entries. The default
value is 180 seconds.
to-folder
cookie persistence profiles can be moved to any folder under
/Common, but configuration dependencies may restrict moving the
profile out of /Common.
SEE ALSO
create, delete, edit, glob, list, ltm virtual, modify, mv, regex, show,
tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012-2013, 2015-2016.
All rights reserved.
BIG-IP 2017-03-07 ltm persistence cookie(1)