Predefined | Description |
LB_PERSIS_SIP | Persistence based on IP address or subnet. The system selects the backend server for a client IP’s first request using the method specified in the virtual server configuration and then stores the relationship between client IP and server in a table. It uses the mapping in the table to forward subsequent requests from the same IP address or subnet to the same backend server. |
LB_PERSIS_CONSISTENT_SIP | Persistence based on a hash of source IP. The system uses an algorithm to calculate a hash value for the IP address of the client making an initial request. It then maps this value to the selected backend server and uses the mapping table to forward subsequent requests that generate the same hash value to the same backend server. |
LB_PERSIS_HASH_SRC_ADDR_PORT | Persistence based on a hash that includes source IP and port. The system uses an algorithm to calculate a hash value for the IP address and port of an initial client request. It then maps this value to the selected backend server and uses the mapping table to forward subsequent requests that generate the same hash value to the same backend server. |
LB_PERSIS_HASH_COOKIE | Persistence based on a cookie provided by the backend server. The system uses an algorithm to calculate a hash value for the cookie provided by the backend server. It then maps this value to the selected backend server and uses the mapping table to forward subsequent requests that generate the same hash value to the same backend server. |
LB_PERSIS_SSL_SESS_ID | Persistence based on the SSL session ID. If the initial client request has an SSL session ID, the system sends all subsequent sessions with the same SSL session ID to the same backend server. |
type | Specify the persistence type: • consistent-hash-ip: Persistence is based on a hash of the IP address of the client making an initial request. • embedded-cookie: Persistence is based on the cookie provided in the backend server response. • hash-cookie: Persistence is based on a hash of the cookie provided by the backend server. • hash-http-header: Persistence is based on a hash of the specified header value found in an initial client request. • hash-http-request: • hash-source-address-port: Persistence is based on a hash of the IP address and port of an initial client request. • insert-cookie: Persistence is based on a cookie inserted by the FortiADC system. • persistent-cookie: Persistence is based on the cookie provided in the backend server response. • radius-attribute: Persistence is based on a specified RADIUS attribute. • rewrite-cookie: Persistence is based on the cookie provided in the backend server response, but the system rewrites the cookie. • source-address: Persistence is based on source IP address. • ssl-session-id: Persistence is based on SSL session ID. After you have specified the type, the CLI commands are constrained to the ones that are applicable to the specified type, not all of the settings described in this table. |
timeout | Server-side session timeout. Specifies the maximum amount of time between requests. That is, when the time that has elapsed since the system last received a request from the client IP is greater than the timeout, the system does not use the mapping table to forward the request. Instead, it again selects the server using the method specified in the virtual server configuration. |
keyword | A value found in an HTTP header or RADIUS attribute. |
match-across-servers | An option if the persistence method is radius-attribute or source-address. Enable so clients continue to access the same backend server through different virtual servers for the duration of a session. |
ipv4-maskbits | Number of bits in a subnet mask to specify a network segment that should following the persistence rule. For example, if IPv4 maskbits is set to 24, and the backend server A responds to a client with the source IP 192.168.1.100, server A also responds to all clients from subnet 192.168.1.0/24. |
ipv6-maskbits | Number of bits in a subnet mask to specify a network segment that should following the persistence rule. |