beautypg.com

Figure 16-5: ssl session id-based persistence 438 – Nortel Networks WEB OS 212777 User Manual

Page 438

background image

Web OS 10.0 Application Guide

438

n

Chapter 16: Persistence

212777-A, February 2002

Figure 16-5

illustrates persistence based on SSL session ID as follows:

1.

An SSL Hello handshake occurs between Client 1 and Server 1 via the Web switch.

2.

An SSL session ID is assigned to Client 1 by Server 1.

3.

The Web switch records the SSL session ID.

4.

The Web switch selects a real server based on the existing SLB settings.

As a result, subsequent connections from Client 1 with the same SSL session ID are directed to
Server 1.

Figure 16-5 SSL Session ID-Based Persistence

5.

Client 2 appears to the switch to have the same source IP address as Client 1 because they
share the same proxy firewall.

However, the Web switch does not automatically direct Client 2 traffic to Server 1 based on the
source IP address. Instead an SSL session ID for the new traffic is assigned. Based on SLB set-
tings, the connection from Client 2 is spliced to Server 3.

As a result, subsequent connections from Client 2 with the same SSL session ID are directed to
Server 3.

Internet

Web Server

Farm

Client 1

Client 2

Firewall