Table of Contents
Advertisement
•
Session IDs are kept on Alteon until an idle time equal to the configured server timeout (a
default of 10 minutes) for the selected real server has expired.
Figure 96 - SSL Session ID-Based Persistence, page 597
session ID, as follows:
1. An SSL Hello handshake occurs between Client 1 and Server 1 via Alteon.
2. An SSL session ID is assigned to Client 1 by Server 1.
3. Alteon records the SSL session ID.
4. Alteon selects a real server based on the existing SLB settings. As a result, subsequent
connections from Client 1 with the same SSL session ID are directed to Server 1.
Figure 96: SSL Session ID-Based Persistence
5. Client 2 appears to have the same source IP address as Client 1 because they share the same
proxy firewall.
However, Alteon does not direct Client 2 traffic to Server 1 based on the source IP address.
Instead, an SSL session ID for the new traffic is assigned. Based on SLB settings, the connection
from Client 2 is spliced to Server 3. As a result, subsequent connections from Client 2 with the
same SSL session ID are directed to Server 3.
Configuring SSL Session ID-Based Persistence
The following is an example procedure for configuring SSL session ID-based persistence.
To configure session ID-based persistence for a real server
1. Configure real servers and services for basic SLB:
—
Define each real server and assign an IP address to each real server in the server pool.
—
Define a real server group and set up health checks for the group.
—
Define a virtual server on the virtual port for HTTPS (for example, port 443), and assign a
real server group to service it.
—
Enable SLB.
—
Enable client processing on the port connected to the client.
Document ID: RDWR-ALOS-V2900_AG1302
Alteon Application Switch Operating System Application Guide
illustrates persistence based on the SSL
Persistence
597
- Quick Links:
- Part 1-Basic Features
Hide quick links:
Advertisement
Table of Contents
