www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Net Balancer 'Sticky Sessions' problem

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
smto



Joined: 20 May 2014
Posts: 4

PostPosted: Wed Jul 29, 2015 12:06 pm    Post subject: Net Balancer 'Sticky Sessions' problem Reply with quote

We've been using Zeroshell version 3.0.0 with 3xWAN links balanced through the Net Balancer for over a year with excellent results.
In the past we had a problem with session stickiness which caused empty shopping carts, banks and anything else based on ip address for sessoins etc to not be work on for our users. The reason was that as far as those sites are concerned, the user changed its ip address with every page load causing it to "lose" the cart/session as a security measure.

This was solved by adding the rhash_entries=300000 parameter to the kernel which cached ip routes (source ip->wan interface->destination ip) and solved the stickiness problem.

Recently we upgraded to Zeroshell 3.3.2 and the latest 3.18 kernel. In this kernel version (anything>3.6) the rhash_entries parameter is no longer supported and sessions are not "sticky" any longer.

Is there an alternative solution?
Any suggestion will be highly appreciated.
Back to top
View user's profile Send private message
francozamp



Joined: 13 Jul 2016
Posts: 4

PostPosted: Wed Jul 13, 2016 4:12 pm    Post subject: Re: Net Balancer 'Sticky Sessions' problem Reply with quote

smto wrote:
Recently we upgraded to Zeroshell 3.3.2 and the latest 3.18 kernel. In this kernel version (anything>3.6) the rhash_entries parameter is no longer supported and sessions are not "sticky" any longer.

Is there an alternative solution?
Any suggestion will be highly appreciated.


Any updates wrt 3.6 release? It appears now clients are fully sticked with a route. E.g. LAN side Client1 will always go through WAN1, Client2 to WAN2, Client3 to WAN1 and so on, alternatively. Of course failover still works, but it is not possible now with this behaviour to achieve the aggregate WAN1+WAN2 (with multiple connections).

Before, to my understanding, on the same LAN Client1, odd TCP connections went through WAN1 and even TCP connections went to WAN2, so that 2 iperf could go to the maximum rate aggregate.

F.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group