server-policy persistence-policy
Use this command to configure a persistence method and timeout that you can apply to server pools. The persistence policy applies to all members of the server pool.
After FortiWeb has forwarded the first packet from a client to a pool member, some protocols require that subsequent packets also be forwarded to the same back-end server until a period of time passes or the client indicates that it has finished transmission.
To apply a persistence policy, select it when you configure a server pool. For details, see server-policy server-pool.
To use this command, your administrator account’s access control profile must have either w
or rw
permission to the traroutegrp
area. For details, see Permissions.
Syntax
config server-policy persistence-policy
edit "<persistence-policy_name>"
set cookie-name "<cookie-name_str>"
set ipv6-mask-length "<v6mask>"
set HTTP-header "<HTTP-header_str>"
set url-parameter "<url-parameter_str>"
set cookie-path "<cookie-path_str>"
set cookie-domain "<cookie-domain_str>"
set secure-cookie {enable | disable}
next
end
Variable | Description | Default |
Enter the name of the persistence policy. The maximum length is 63 characters. To display the list of existing persistence policies, enter:
|
No default. | |
type { source-ip | persistent-cookie | asp-sessionid | php-sessionid | jsp-sessionid | insert-cookie | HTTP-header | url-parameter | rewrite-cookie | embedded-cookie | ssl-session-id } |
|
source-ip
|
For persistence types that use cookies, you can use the |
||
Enter a value to match or the name of the cookie that FortiWeb inserts. Available only when the persistence type uses a cookie. |
No default. | |
Enter the maximum amount of time between requests that FortiWeb maintains persistence, in seconds. FortiWeb stops forwarding requests according to the established persistence after this amount of time has elapsed since it last received a request from the client with the associated property (for example, an IP address or cookie). Instead, it again selects a pool member using the load balancing method specified in the server pool configuration. |
300
|
|
Enter the IPv4 subnet used for session persistence. For example, if IPv4 Netmask is 256.256.256.256, FortiWeb can forward requests from IP addresses 192.0.2.1 and 192.0.2.2 to different server pool members. If IPv4 Netmask is 256.256.256.0, FortiWeb forwards requests from IP addresses 192.0.2.1 and 192.0.2.2 to the same pool member. |
256.256.256.256
|
|
Enter the IPv6 network prefix used for session persistence. | 128
|
|
Enter the name of the HTTP header that the persistence feature uses to route requests. | No default. | |
Enter the name of the URL parameter that the persistence feature uses to route requests. | No default. | |
Enter a path attribute for the cookie that FortiWeb inserts, if type { source-ip | persistent-cookie | asp-sessionid | php-sessionid | jsp-sessionid | insert-cookie | HTTP-header | url-parameter | rewrite-cookie | embedded-cookie | ssl-session-id } is insert-cookie . |
No default. | |
Enter a domain attribute for the cookie that FortiWeb inserts, if type { source-ip | persistent-cookie | asp-sessionid | php-sessionid | jsp-sessionid | insert-cookie | HTTP-header | url-parameter | rewrite-cookie | embedded-cookie | ssl-session-id } is insert-cookie . |
No default. | |
Configure the secure cookie to force browsers to return the cookie only for HTTPS traffic. |
|
Example
This example creates the persistence policy ip-persistence
. When this policy is applied to a server pool, FortiWeb forwards initial requests from an IP address using the load-balancing algorithm configured for the pool. It forwards any subsequent requests with the same client IP address as the initial request to the same pool member. After FortiWeb has not received a request from the IP address for 400 seconds, it forwards any subsequent initial requests from the IP address using the load-balancing algorithm.
config server-policy persistence-policy
edit "ip-persistence"
set type source-ip
set timeout 400
next
end