CSS - deciding on the type of Sticky & redundency to use ?

Unanswered Question
Feb 8th, 2007

Good Day,

I am a learner in content networking, & currently working on a Design/Implementation project involving CSS and more? request assistance from the experts.

My requirement is to have exchange users connect to the front end IIS server on port 443. I will be deploying CSS 11503 with redundancy and sticky.

the setup should look something like this.

User

|

CAT6K

CSS1 CSS2

L2Sw1------L2Sw2

Srv1 Srv2

Both the CSS connects to the CAT 6500, and servers connect to both L2 switches which further connect to the CSS.

My question is what type of stickiness is most suitable option for me and why?

Layer 3, 4, 5?

Which Redundancy methodology should I choose, I was planing to do VIP redundancy on the client side, where traffic is coming in and do interface redundancy on the server side, client and server VLAN will be different, and also use ASR if feasible.

Request recommendations on sticky and redundancy, to start ~

Thanks ,

Gagan

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Gilles Dufour Fri, 02/09/2007 - 00:06

do you terminate ssl on the CSS ?

If yes, I would use sticky based on cookies.

If not, you can use sticky ssl.

This is based on SSLID.

It may sometimes not work when the browser changes the SSLID rapidly.

So, finally, sticky srcip is still a good choice.

L4 stickyness is not interesting here since you know the destination will always be port 443.

Gilles.

andreas.larsen@... Fri, 02/09/2007 - 00:30

We are running a similar setup. I choose VIP redundancy togheter with interface redundancy. Just for the fact that I might want to "disturbute" the load of the VIPs in a future scenario. If you do box to box redundancy you don't have that ability. The setup will be a bit more complex but I think in the long run you will benefit from it. Also you can utilze the session redudancy feature. That way if a CSS goes down the failover will be less noticable.

Please rate if you find usefull.

gagansethi Sun, 02/11/2007 - 21:49

Hi Gilles,

thanks for the information~

No SSL termination on the CSS, it is port 80 traffic only. If i get you right, you recommend using Layer 3 sticky srcip, without including any L4 or L5 with it.

does it matter if the traffic is http, https or ssl; can i still go ahead with layer 3 sticky srcip?

Thanks,

gagan

Gilles Dufour Mon, 02/12/2007 - 00:32

Yes, sitcky src ip works with any type of traffic.

Does not matter if http or https.

However, if you want to do stickyness for HTTP, I would recommend 'advanced-balance arrowpoint-cookie' as the sticky method.

This sticky function only works with HTTP. It does not with SSL, HTTPS or any other protocols.

Gilles.

Actions

This Discussion