D-Link NetDefendOS User Manual page 810

coming from the same client. If this is the case then stickiness is required.
• IP Address Stickiness
In this mode, a series of connections from a specific client will be handled by the same server.
This is particularly important for TLS or SSL based services such as HTTPS, which require a
repeated connection to the same host.
• Network Stickiness
This mode is similar to IP stickiness except that the stickiness can be associated with a
network instead of a single IP address. The network is specified by stating its size as a
parameter.
For example, if the network size is specified as 24 (the default) then an IP address 10.01.01.02
will be assumed to belong to the network 10.01.01.00/24 and this will be the network for
which stickiness is applied.
Stickiness Parameters
If either IP stickiness or network stickiness is enabled then the following stickiness parameters
can be adjusted:
• Idle Timeout
When a connection is made, the source IP address for the connection is remembered in a
table. Each table entry is referred to as a slot. After it is create, the entry is only considered
valid for the number of seconds specified by the Idle Timeout. When new connection is made,
the table is searched for the same source IP, providing that the table entry has not exceeded
its timeout. When a match is found, then stickiness ensures that the new connection goes to
the same server as previous connections from the same source IP.
The default value for this setting is 10 seconds.
• Max Slots
This parameter specifies how many slots exist in the stickiness table. When the table fills up
then the oldest entry is discarded to make way for a new entry even though it may be still
valid (the Idle Timeout has not been exceeded).
The consequence of a full table can be that stickiness will be lost for any discarded source IP
addresses. The administrator should therefore try to ensure that the Max Slots parameter is
set to a value that can accommodate the expected number of connections that require
stickiness.
The default value for this setting is 2048 slots in the table.
• Net Size
The processing and memory resources required to match individual IP addresses when
implementing stickiness can be significant. By selecting the Network Stickiness option these
resource demands can be reduced.
When the Network Stickiness option is selected, the Net Size parameter specifies the size of the
network which should be associated with the source IP of new connections. A stickiness table
lookup does not then compare individual IP addresses but instead compares if the source IP
address belongs to the same network as a previous connection already in the table. If they
belong to the same network then stickiness to the same server will result.
810
Chapter 10: Traffic Management