Should we dump Local Director and upgrade to CSS?

bolshin · ‎09-27-2002

We have been getting conflicting information for resolving an ongoing problem with Local Director and SSL ID "sticky." We have been plagued by dropped sessions because of the SSL ID configuration problem. CISCO documentation for release notes 4.1.1 recommends HTTP Redirection, and another recommendation from this forum recommends 23-bit stickymask. However, our network support people have been told by CISCO that 23-bit stickymask doesn't work with Local Director, and apparently not that many support people are familiar enough with Local Director to resolve this ongoing problem. Given the fact that MS IE 5 and above holds the market share for browsers, and it is known that IE randomly changes the SSL key (sesison id), it would seem that configuring LD for sticky using SSL ID is a bad solution. Are there real differences between Local Director and CSS? Please help - this is quite annoying.

Thanks

beth-martin · ‎10-03-2002

Hi, I understand that all the issues that you have highlighted are now resolved in the latest versions of LD probably you should try 4.2.4. Also follow the HTTP Redirection method as documented.

bolshin · ‎10-07-2002

Reading through the release notes for 4.2.4, there seems to be a few open caveats with SSL sticky. One is that SSL sticky only works with IE 5.5. Another is that when each real server has the same IP address but different ports - LD will send SSL packets from originating client with same Session ID to a different real server.

In any event, it does seem that HTTP Redirect is the way to go to get around the problems with SSL sticky.