ACE/Server redirects

Unanswered Question
Sep 7th, 2007

I'm looking for some guidance/thoughts on a problem I'm coming across. I have an SSL termination configuration as follows:

Client to VIP:80 does redirect to VIP:443

Client to VIP:8080 does redirect to VIP:8443

Client to VIP:443 load balances to Real:80

Client to VIP:8443 load balances to Real:8080

On the real server I'm running apache on 80 and tomcat on 8080.

Apache handles the main site while Tomcat handles java applets/authentication/etc.

The problem we're encountering is when apache needs to hand off to tomcat and the reverse. What's the best way to accomplish this while maintaining the connection to the same real server. What is happening is that the ACE is re-load balancing the request to a different real.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Gilles Dufour Mon, 09/10/2007 - 02:17

you could use static cookies [ cookie insert ].

Since you have 2 serverfarms, you'll get 2 different set of cookies.

So, for each sticky group, you need to learn the cookie value associated with each rserver.

Then for the other group, configure a static entry for each cookie value.

Do the same for each group.

Learning the cookie value requires the use of a sniffer. Sniff traffic going to the ACE slot. Open a connection to the vip and see which server is being used and what cookie value is returned. Delete the cookie and repeat until you get the cookie value for each server.

This is the only idea I have right now.



This Discussion