AW: Load Balancing and Session Timeouts

2019-03-05 Thread Conny.Martin 
Connection Settings are only relevant for midtier -> ar-server connections. And 
indeed, there is no need to have any persistence on this type of connection. If 
this connection is also routed through a loadbalancer in front of your 
ar-servers, you can disable persistence there. But this will definitely not 
solve your problem.

KR Conny

Von: ARSList  Im Auftrag von JD Hood
Gesendet: Dienstag, 5. März 2019 17:19
An: ARSList 
Betreff: Re: Load Balancing and Session Timeouts

If you are referencing the "Connection Settings" in the mid tier config, yes we 
have tried that (and it remains configured), but it did not help and the issue 
persists.

The "Connection Lifespan" is set to 60 minutes and the "Connection Timeout" is 
0 (which is infinite, correct?). Tomcat and Netscaler both are configured for 
65 minute sessions.

Question to all -- if the "Connection Settings" in the mid tier are configured, 
should we remove any session persistence settings form the Netscaler?

Thanks,
-JDHood




On Tue, Mar 5, 2019 at 10:54 AM LJ LongWing 
mailto:lj.longw...@gmail.com>> wrote:
JD,
If you are on 9.x, you can configure Session Sharing (clustering) in your 
Mid-Tier containers, and then you wouldn't need sticky bits (persistence)

On Tue, Mar 5, 2019 at 8:49 AM JD Hood 
mailto:hood...@gmail.com>> wrote:
All,

We have a simple load balancing arrangement between a Netscaler and two SSL Mid 
tiers (v18.08).

End users are sporadically encountering session timeout errors when they would 
not be expected. Sometimes within a few minutes of connecting and in the midst 
of creating a new incident, they will get a session timeout error (arerr 9201) 
and they will have to refresh the page and re-authenticate.

I've found the following BMC Support KB and shared it with the team:
https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA21400d7ZtCAI

Our netscaler resource advises that the cookie-based persistence option is not 
available when he is configuring load-balancing. I believe he is configuring 
persistence as IP based. Other than that, we can't identify any non-recommended 
configuration issues.

I suspect that the cookie-based load balancer configuration is significant, but 
not being a LB expert, it's outside of my skillset and my most convincing 
argument at the moment is, "...because BMC Support recommends it..."

Does anyone have any experience with a basic, simple Netscaler configuration to 
balance two SSL Mid tiers based on least number of connections (or any other 
strategy)?

Or perhaps session timeouts are a known issue for other reasons that I have yet 
to stumble across?

Thanks,
-JDHood


--
ARSList mailing list
ARSList@arslist.org
https://mailman.rrr.se/cgi/listinfo/arslist
--
ARSList mailing list
ARSList@arslist.org
https://mailman.rrr.se/cgi/listinfo/arslist
-- 
ARSList mailing list
ARSList@arslist.org
https://mailman.rrr.se/cgi/listinfo/arslist

AW: Load Balancing and Session Timeouts

2019-03-05 Thread Conny.Martin 
Hi,

don’t know if it’s a good idea to have a setup like this. From my point of view 
session sharing is used to provide some kind of high availability.

We setup session sharing and had a config mistake regarding too short timeouts. 
This led to frequent session “hopping” between several midtier instances. This 
in turn corrupted the session information, because more than one midtier was 
updating the session data within a short timeframe, overwriting some critical 
things.

I highly recommend to use Cookie based persistence. In our case we do not rely 
on loadbalancer features. We’re using apache httpd in reverse proxy 
configuration to accomplish this. The loadbalancer routes to at least two httpd 
instances. Httpd takes care of routing the request to the right midtier based 
on session cookie.

KR Conny

Von: ARSList  Im Auftrag von LJ LongWing
Gesendet: Dienstag, 5. März 2019 16:54
An: ARSList 
Betreff: Re: Load Balancing and Session Timeouts

JD,
If you are on 9.x, you can configure Session Sharing (clustering) in your 
Mid-Tier containers, and then you wouldn't need sticky bits (persistence)

On Tue, Mar 5, 2019 at 8:49 AM JD Hood 
mailto:hood...@gmail.com>> wrote:
All,

We have a simple load balancing arrangement between a Netscaler and two SSL Mid 
tiers (v18.08).

End users are sporadically encountering session timeout errors when they would 
not be expected. Sometimes within a few minutes of connecting and in the midst 
of creating a new incident, they will get a session timeout error (arerr 9201) 
and they will have to refresh the page and re-authenticate.

I've found the following BMC Support KB and shared it with the team:
https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA21400d7ZtCAI

Our netscaler resource advises that the cookie-based persistence option is not 
available when he is configuring load-balancing. I believe he is configuring 
persistence as IP based. Other than that, we can't identify any non-recommended 
configuration issues.

I suspect that the cookie-based load balancer configuration is significant, but 
not being a LB expert, it's outside of my skillset and my most convincing 
argument at the moment is, "...because BMC Support recommends it..."

Does anyone have any experience with a basic, simple Netscaler configuration to 
balance two SSL Mid tiers based on least number of connections (or any other 
strategy)?

Or perhaps session timeouts are a known issue for other reasons that I have yet 
to stumble across?

Thanks,
-JDHood


--
ARSList mailing list
ARSList@arslist.org
https://mailman.rrr.se/cgi/listinfo/arslist
-- 
ARSList mailing list
ARSList@arslist.org
https://mailman.rrr.se/cgi/listinfo/arslist