Alteon Application Switch Operating System Application Guide
Persistence
Document ID: RDWR-ALOS-V2900_AG1302 587
cookie is only valid for the current browser session. Similar to a SSL session-based ID, the
temporary cookie expires when you shut down the browser. Based on RFC 2109, any cookie without
an expiration date is a temporary cookie.
Cookie Formats
A cookie can be defined in the HTTP header (the recommended method) or placed in the URL for
hashing. The cookie is defined as a "Name=Value" pair and can appear along with other parameters
and cookies. For example, the cookie "
SessionID=1234" can be represented in one of the following
ways:
• In the HTTP Header:
Cookie: SesssionID=1234
Cookie: ASP_SESSIONID=POIUHKJHLKHD
Cookie: name=john_smith
The second cookie represents an Active Server Page (ASP) session ID. The third cookie
represents an application-specific cookie that records the name of the client.
• Within the URL
http://www.mysite.com/reservations/SessionID=1234
Cookie Properties
Cookies are configured by defining the following properties:
• Cookie names of up to 20 bytes.
• The offset of the cookie value within the cookie string.
For security, the real cookie value can be embedded somewhere within a longer string. The
offset directs Alteon to the starting point of the real cookie value within the longer cookie string.
• Length of the cookie value. This defines the number of bytes to extract for the cookie value
within a longer cookie string.
• Whether to find the cookie value in the HTTP header (the default) or the URL.
• Cookie values of up to 64 bytes for hashing. Hashing on cookie values is used only with the
passive cookie mode (Passive Cookie Mode, page 590
), using a temporary cookie. Alteon
mathematically calculates the cookie value using a hash algorithm to determine which real
server should receive the request.
• An asterisk (*) in cookie names for wildcards. For example:
Cookie name = ASPsession*
Client Browsers that Do Not Accept Cookies
Under normal conditions, most browsers are configured to accept cookies. However, if a client
browser is not configured to accept cookies, you must use hash or pbind clientip (for client IP
persistence) as the load-balancing metric to maintain session persistence.
With cookie-based persistence enabled, session persistence for browsers that do not accept cookies
is based on the source IP address. However, individual client requests coming from a proxy firewall
appear to be coming from the same source IP address. Therefore, the requests are directed to a
single server, resulting in traffic being concentrated on a single real server instead of load-balanced
across the available real servers.
To Next Page
Loading...
Need help?
General