F5 is a well-known Server Load balancer product. I believe many people will not know it. So how does it maintain sessions? Let's start with the definition of session persistence. As an image metaphor: Session persistence can be seen as a string of pearls, so we split each Pearl and put it in a different box for storage and then put it into a string, that is, the concept of allocation. So how do we describe it academically? Let's take a look at the following.
1. What is session persistence?
In most e-commerce application systems or online systems that require user identity authentication, A customer can complete a transaction or a request after several interactions with the server. As these interactions are closely related, when a server performs an interactive step of these interactions, it is often necessary to understand the processing results of the previous interaction process or the results of the previous interaction process, when the server performs the next operation, this requires that all the related interaction processes are completed by one server, rather than distributed to different servers by the Server Load balancer 。
This series of related interaction processes may be completed by a connection from the customer to the server multiple times, it may also be that multiple sessions are completed in multiple different connections between the customer and the server. The most typical example is HTTP-based access, A customer may need to click multiple times to complete a transaction, and a request generated by a new click may reuse the connection established by the previous click or a new connection 。
Session persistence refers to the Mechanism in the Server Load balancer to identify the connection between the customer and the server during the interaction process, it also ensures that a series of related access requests will be distributed to one server 。
2. What session persistence methods does F5 support?
F5 bigip supports multiple session persistence methods, including simple session persistence (Source Address Session persistence), HTTP header session persistence, and SSL session ID-based session persistence, i-rules session persistence, HTTP cookie-based session persistence, and session persistence based on the SIP ID and cache device. However, simple session persistence is commonly used, HTTP header session persistence, HTTP Cookie Session persistence, and I-rules-based session persistence 。
◆ Simple session persistence
Simple session persistence is also called source address-based session persistence, server Load balancer performs Load Balancing Based on the source address of the access request as the basis for determining the connected session. All access requests from the same IP address are maintained to one server. On bigip devices, you can identify "the same IP address" by network mask, for example, you can use the 255.255.255.0 network mask for the IP address 192.168.1.1. As long as the traffic from the IP address range 192.168.1.0/24 is bigip, in this way, the traffic sessions from the 192.168.1.0/24 network segment will be kept to a specific server 。
Another important parameter in simple session persistence is the connection timeout value. bigip sets a time value for each session for session persistence, if the interval between the previous session completion and the next session comes back is smaller than the timeout value, bigip will keep the new connection for session persistence, but if the interval is greater than the timeout value, bigip considers the new connection as a new session and balances the load 。
The original address-based session persistence is easy to implement. It can be implemented only based on three or four layers of data packets, efficiency is also relatively high. The problem is that when multiple customers access the server through proxy or address translation, they are allocated to the same server, this can cause serious load imbalance between servers. In other cases, the number of clients is small, but each client generates multiple concurrent accesses, for these requests, the Server Load balancer must be allocated to multiple servers. In this case, the session persistence Method Based on the client source address will also cause the server Load balancer to fail 。