Users intermittently experience logout events while navigating through the application. They are unexpectedly redirected to the login page, indicating that persistence is not being honored by the load balancer.

• Virtual Service (VS) scaled out across multiple Service Engines (SEs). or Multiple VIPs associated with the same Virtual Service.

• HTTP cookie persistence is configured on pool

The HTTP persistence cookie generated by Avi contains an encoded pool_id, which must remain consistent across all SEs serving the same pool. Due to a defect in the pool_id generation logic, different SEs may assign different pool_id values for the same pool.

This inconsistency results in incorrect decoding of the persistence cookie when a request lands on a different SE than the one that originally issued the cookie.

Flow leading to user logout: 

1. SE1 generates a persistence cookie containing its version of the pool_id and sends it to the client.

2. The client sends a subsequent request—containing the same cookie—which lands on SE2.

3. SE2 attempts to decode the cookie but fails to recognize the pool_id because its pool_id differs from SE1’s value.

4. Due to the mismatch, SE2 does not honor persistence and instead load balances the request to another pool member.

5. The application session breaks, causing the user to be logged out and redirected to the login page.