tags:

views:

870

answers:

6

I have two IIS servers running using NLB. Unfortunatelly I cannot use shared session server, so every server is using its own session. How can I ensure, that all requests from the same user are forwarded to the same IIS server?

A: 

Why would you want to do this? If it's because of session state then you should have a database or out-of-process server set up in a common place and have all nodes reference that.

Lloyd
To have separate server, as I know, I need to mark objects, that are stored in session, as serializable. I cannot do this right now, because I'm moving legacy system to the NLB architecture.
Sergejus
A: 

I would consider a reverse proxy that sits in front of either server and remembers which external users are using which servers.

I know (from using it this way) Cherokee supports IPHash proxying but I'm sure there are lots more.

Oli
I'll add: this would replace your built-in load-balancing.
Oli
But does IIS has this functionality?
Sergejus
Perhaps... Read this: http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/77cb4318-75f8-4310-a05f-3605b5768007.mspx?mfr=true
Oli
A: 

Just to add to Lloyd's answer, you should avoid using session in a load balanced environment anyway. The whole purpose behind using session is to avoid database calls; if you end up storing the session data back into the database you usually gain nothing.

The reason being that 1. you now have to make 2 database calls for each page load (retrieve and store) and 2. that data now has to go through serialization / deserialization boundaries. Most of the time this ends up being a more expensive operation than just retrieving the data you wanted to begin with.

Now, to your actual question. You do have the option to store the session data in the view state. Optionally, you could forgo session and instead use cookies. If you go this route, be sure to encrypt them on the way out and decrypt when receiving them.

Chris Lively
I agree on the database issue, we infact use MemCached for storing `session` information because we wanted to remove the interaction with the database and MemCached is a lot faster at delivering information.
Lloyd
I see what you are saying, but in my case I have legacy system I cannot touch. So now I need to find out the most appropriate way to introduce NLB.
Sergejus
+1  A: 

I think what you're looking for is Sticky Sessions. Sticky sessions are implemented by your load balancer though. You probably need to setup an outside load balancer (BIG-IP, HAProxy, etc.) that can do sticky sessions.

Min
I think that it is possible without an external load balancer by simply reconfiguring the NLB cluster. It should even work for AOL-users with proxy (if those still exist ;-) )
Christian
I haven't gotten any AOL discs in the mail lately, have you?
Min
Given the other comments by Sergejus, I think this is about the only way to go.
Chris Lively
+1  A: 

You can do that easily as long as none of your customers use a distributed proxy system:

In the protieries of the NLB cluster, tab "port rules" you can choose the "filtering mode" and the affinity: You cannot choose "none" because you don't have central sessions. But "simple" would redirect every user to the same server as long as the ip stays the same. If you e.g. anticiapte AOL proxy servers then "class C" might be a secure choice (albeit maybe reducing the load balancing a little bit), because the same class C net goes to the same server.

I guess that is easily implemented by MS in a way that both hosts know which ip is even or odd or which triplet of the class C net is even or odd and distribute the load always in the same way depending on the IP-address

Christian
+1  A: 

Found this and decided to share with others:

Use the client affinity feature. When client affinity is enabled, Network Load Balancing directs all TCP connections to the same cluster host. This allows session state to be maintained in host memory. You can enable client affinity in the Add/Edit Port Rules dialog box in Network Load Balancing Manager. Choose either Single or Class C affinity to ensure that only one cluster host will handle all connections that are part of the same client session. This is important if the server application running on the cluster host maintains session state (such as server cookies) between connections. For more information about Network Load Balancing affinity, see Help in the Network Load Balancing snap-in.

Sergejus
Then please make this the accepted answer
Christian
I'll be able to do this only after 48 hours...
Sergejus
Incidentally, this is the same concept as sticky sessions.
Chris Lively
It is the same concept as sticky sessions. The importance of learning terms is very understated with the power of Google. It seriously pisses me off when vendors make up terms that no one else uses because it serves to hinder knowledge sharing.
Min
What are sticky sessions exactly? NLB and affinity does not require another layer of hardware in front (think of another SPoF), the cluster members can handle it themself.When I read your sticky session text I thought about some sophisticated proxy that woudl inject custom cookies and decide were to put the user. But I really don't know anything about these terms
Christian