[f-nsp] cookie based switching on serveriron

dalton daltons at panix.com
Fri Mar 9 15:12:28 EST 2007 

Hi Nils.

Thanks for the help.
What version of os are you using, i am using SW: Version 07.4.00T12
I dont see those csw commands available.

However, following the foundry docs for setting up cookie-switching
i have implemented the following.

server real cookie-test1 192.168.1.231
 port default disable
 port http
 port http url "HEAD /"
 port http server-id 1024
!
server real cookie-test2 192.168.1.232
 port default disable
 port http
 port http url "HEAD /"
 port http server-id 1025

on the vip:

server virtual cookie-vip 192.168.1.234
 port default disable
 port http
 port http dsr
 port http cookie-name "ServerID"
 bind http cookie-test1 http cookie-test2 http
 
I was thinking the same thing with regards to cookie-switching, but when I try to enable it on the vip I get the following:

SSH at si2-192(config-vs-cookie-vip)#port http cookie-switching
You have to disable dsr before enabling this feature

If I have cookie-switching enabled on the vip, and then try to enable dsr
it tells me

SSH at si2-128(config-vs-cookie-vip)#port http dsr
You have to disable proxy before enabling this feature


Perhaps in this version of the OS, "cookie-switching" is actually doing 
"cookie Hashing"? or maybe I missing something obvious here.

Thanks,
Dalton




I dont see those csw commands available on my serveriron running 7.4
On Fri, Mar 09, 2007 at 06:36:26PM +0100, Nils Domrose wrote:
> Hi Dalton,
> 
> 
> you need to turn DSR off in Cookie Hashing scenarios
> In DSR the Serveriron does not process the Answer, and therfore would  
> not "see" any Set-Cookie responses required to make Cookie Hashing work.
> 
> 
> If you use Cookie Switching you will parse the Request Cookie value  
> and look for a specific string - based on this value you will send  
> the request to a defined real server.
> 
> Since no part of the response is required for this to work, this  
> should work in DSR scenarios as well.
> 
> 
> something like:
> 
> csw-rule "test1-8080" header "Cookie" pattern ".pattern1"
> 
> csw-policy "virtual-test"
> match "test1-8080" forward 1025
> 
> 
> server real test1 x.x.x.x
>  port 8080 server-id 1025
> 
> server virtual virtual-test y.y.y.y
>   port http csw-policy "virtual-test"
>   port dsr
>   port http csw
> 
> 
> should work ....
> 
> unfortunenately i do not have a testbox at hand at the moment...
> 
> 
> Nils
> On Mar 9, 2007, at 5:47 PM, dalton wrote:
> 
> >
> >Hi,
> >
> >I am reading through the foundry documentation about cookie-based  
> >switching.
> >Another person here mentioned that she remembered that it required  
> >turning
> >off DSR, though I dont see anything in the docs to indicate that.
> >
> >Anyone ever play with this? Do I need to turn off DSR to make this  
> >work?
> >
> >Thanks.
> >
> >Dalton
> >_______________________________________________
> >foundry-nsp mailing list
> >foundry-nsp at puck.nether.net
> >http://puck.nether.net/mailman/listinfo/foundry-nsp
>

More information about the foundry-nsp mailing list