On Fri, Sep 18, 2009 at 7:24 PM, Nathan Eisenberg <[email protected]> wrote: > Knee deep in a deployment of a load balanced web application, I’ve run into > a bizarre requirement. > > > > I have a HA PFSense cluster with 5 SSL load balanced virtual hosts, > listening on IPs x.x.x.10-x.x.x.14. These map back to 3 backend web servers > serving xxx1.com-xxx5.com. I’ve used this design many times, and never had > a problem. > > > > However, this application has some crazy cookie stuff built in. Basically, > a client may connect to xxx1.com, log in, browse some content, and then > browse to xxx2.com. Since these are separate load balanced virtual servers, > the PF state tracking mechanism doesn’t force the client to go to the same > backend server, which means that the session information is inconsistent and > the application breaks. > > > > So, what I suppose I really need is a way of forcing the connection states > to be per-source IP, rather than per source/dest. Is this possible? If > not, other workaround suggestions would be lovely! > > > Activate sticky option on 1.2.3-RC* installations.
-- Ermal --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
