ltm persistence cookie
ltm persistence cookie(1) BIG-IP TMSH Manual ltm persistence cookie(1)
NAME
cookie - Configures a cookie persistence profile.
MODULE
ltm persistence
SYNTAX
Configure the cookie component within the ltm persistence module using the syntax in the following sections.
MODIFY
create cookie [name]
modify cookie [name]
options:
all
always-send [enabled | disabled]
app-service [[string] | none]
cookie-name [ [name] | none]
cookie-encryption [required | preferred | disabled]
cookie-encryption-passphrase [string | none]
defaults-from [name]
description [string]
expiration [ [d:h:m:s] | [h:m:s] | [m:s] | [seconds]
| "session cookie"]
httponly [enabled | disabled]
secure [enabled | disabled]
hash-length [integer]
hash-offset [integer]
match-across-pools [enabled | disabled]
match-across-services [enabled | disabled]
match-across-virtuals [enabled | disabled]
method [hash | insert | passive | rewrite]
mirror [enabled | disabled]
override-connection-limit [enabled | disabled]
timeout [indefinite | [integer] ]
encrypt-cookie-poolname [enabled | disabled]
edit cookie [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
mv cookie [ [[source-name] [destination-name]] | [[name] to-folder [folder-name]] | [[name...name] to-folder [folder-name]] ]
options:
to-folder
DISPLAY
list cookie
list cookie [ [ [name] | [glob] | [regex] ] ... ]
show running-config cookie
show running-config cookie [ [ [name] | [glob] | [regex] ] ... ]
options:
all
all-properties
non-default-properties
one-line
partition
DELETE
delete cookie [name]
options:
all
DESCRIPTION
You can use the cookie component to configure cookie persistence for the BIG-IP(r) system. Cookie persistence
uses an HTTP cookie stored on a client's computer to allow the client to connect to the same server previously
visited at a web site.
A persistence profile is a profile that enables persistence when you assign the profile to a virtual server.
Using a persistence profile avoids having to write an iRule to implement a type of persistence. You can either
use the default profile, or create a custom profile based on the default.
EXAMPLES
list cookie
Displays all cookie persistence profiles.
create cookie cookie_persistence defaults-from cookie
Creates a custom cookie persistence profile named cookie_persistence that inherits its settings from the
default cookie persistence profile.
mv cookie /Common/my_cookie_profile to-folder /Common/my_folder
Moves a custom cookie persistence profile named my_cookie_profile to a folder named my_folder, where my_folder
has already been created and exists within /Common.
OPTIONS
always-send
Send the cookie persistence entry on every reply, even if the entry has previously been supplied to the
client. The default value is disabled.
app-service
Specifies the name of the application service to which the profile belongs. The default value is none.
Note: If the strict-updates option is enabled on the application service that owns the object, you cannot
modify or delete the profile. Only the application service can modify or delete the profile.
cookie-name
Specifies a unique name for the cookie. This option is required.
defaults-from
Specifies the existing profile from which the system imports settings for the new profile. The default
value is cookie, the system default cookie persistence profile.
description
User defined description.
cookie-encryption
Specifies the way in which cookie format will be used: disabled: generate old format,unencrypted,
preferred: generate encrypted cookie but accept both encrypted and old format, and required: cookie
format must be encrypted. Default is required.
cookie-encryption-passphrase
Specifies a passphrase to be used for cookie encryption.
expiration
Specifies the cookie expiration date in the format d:h:m:s, h:m:s, m:s or seconds. (hours 0-23, minutes
0-59, seconds 0-59). The time period must be less than 24856 days.
You can use "session-cookie" (0 seconds) to indicate that the cookie expires when the browser closes.
encrypt-cookie-poolname
Specifies whether the pool-name in the inserted BigIPServer default cookie should be encrypted. The
default value is disabled.
glob Displays the items that match the glob expression. See help glob for a description of glob expression
syntax.
httponly
Specifies whether the httponly attribute should be enabled or disabled for the inserted cookies. The
default value is enabled.
secure
Specifies whether the secure attribute should be enabled or disabled for the inserted cookies. The
default value is enabled.
hash-length
Specifies the cookie hash length. The length is the number of bytes to use when calculating the hash
value. The default value is 0 (zero) bytes.
hash-offset
Specifies the cookie hash offset. The offset is the number of bytes in the cookie to skip before
calculating the hash value. The default value is 0(zero) bytes.
match-across-pools
Specifies, when enabled, that the system can use any pool that contains this persistence record. The
default value is disabled.
match-across-services
Specifies, when enabled, that all persistent connections from a client IP address, which go to the same
virtual IP address, also go to the same node. The default value is disabled.
match-across-virtuals
Specifies, when enabled, that all persistent connections from the same client IP address go to the same
node. The default value is disabled.
method
Specifies the type of cookie processing that the system uses. The default value is insert.
mirror
Specifies whether the system mirrors persistence records to the high-availability peer. This option is
applicable only when the value of the method option is hash. The default value is disabled.
name Specifies a unique name for the component. This option is required for the commands create, delete, and
modify.
override-connection-limit
Specifies, when enabled, that the pool member connection limits are not enforced for persisted clients.
Per-virtual connection limits remain hard limits and are not disabled. The default value is disabled.
partition
Displays the administrative partition within which the component resides.
regex
Displays the items that match the regular expression. The regular expression must be preceded by an at
sign (@[regular expression]) to indicate that the identifier is a regular expression. See help regex for
a description of regular expression syntax.
timeout
Specifies the duration of the persistence entries. The default value is 180 seconds.
to-folder
cookie persistence profiles can be moved to any folder under /Common, but configuration dependencies may
restrict moving the profile out of /Common.
SEE ALSO
create, delete, edit, glob, list, ltm virtual, modify, mv, regex, show, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012-2013, 2015-2016. All rights reserved.
BIG-IP 2017-03-07 ltm persistence cookie(1)