Arrowpoint Cookies, Reverse Proxy and Multiplexed Client Requests
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-05-2009 07:23 AM
Hi,
I have a reverse proxy which is performing SSL offload and making backend connections to two web servers. Between the reverse proxy and the two webservers, a CSS is in place to load balance between the web servers. There is a requirement for session stickiness on the web servers and since client IP details are lost through the reverse proxy I have used the arrowpoint-cookie method to load balance connections.
However, the reverse proxy seems to make only a handful of connections to the servers compared to the number incoming client connections and we have noticed that stickiness is broken. Now, I would assume this is correct if arrowpoint-cookie makes a load balancing based on the first HTTP get in a tcp stream and not on a per transaction basis AND our reverse proxy is multiplexing client requests. However, I can not convince myself of how the arrowpoint-cookie method actually works.
I wondered if anyone had any insight on this or had experienced similar issues with arrowpoint cookies?
- Labels:
-
Application Networking
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-08-2009 01:10 AM
We can loadbalance per request.
You need :
CSS11503(config)# persistence reset remap
CSS11503(config)# owner gdufour
CSS11503(config-owner[gdufour])# content WWW
CSS11503(config-owner-content[gdufour-WWW])# no persistent
This should work.
Also make sure you increase the idle timeout, with a flow-timeout-multiplier because we do not "remap" connection that are considered idle.
Gilles.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-08-2009 01:18 AM
Hi Giles,
Thanks very much for your response. I will look at the configuration and applying it, and will let you know how things go.
Just to confirm, using this configuration would inspect the arrowpoint cookie on each HTTP GET? Are you also aware if this will work with the POST method?
Thanks again,
David.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-08-2009 02:07 AM
Davi,
it will also work the POST method.
Gilles.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-08-2009 02:10 AM
Hi Gilles,
That's brilliant, I have just read up on it in the config guides and will look to implement ASAP.
Thanks again (and apologies for mispelling your name on the earlier post!).
All the best,
David.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-16-2009 04:44 AM
Hi Gilles,
I have implemented this today, and we are still seeing issues with requests hitting the wrong server.
A bit more info, the reverse proxy is an AXG Web Aopplication Firewall. I have been looking at this and am considering disabling connection re-use on here.
However I am also wondering if this might be to do with the flow timeout multiplier I am using which is 5 (80 seconds). Perhaps this is too low?
Thanks, David.
