Re: web replication

ed ha scritto:
to enable the http session information i think about using a network
filesystem placed on backend and setting the mount point as a session
directory path (using the php session's configuration directive)
the cookies should not be a problem, should it?


Depends.

Session cookies relate to memory in the server, so if it's a session
cookie, then yes it's a problem if one cannot be certain of which box
the client is going to connect to in 5 mins time.



yes but it's this the reason to use a shared memory for the session
information. Get it by mounting the same nfs (placed phisically in the
backend) in the path used to save the session dictionary in every single
web server.

cookies resides in the client browser and forwarded to the server
based on domain name (the bilancer domain name).
to replicate the db i would use a simple master slave mysql
configuration.


This depends on your balancing device, some are full protocol proxies
which can do exactly as you ask. I think there's one called 'pound'
which is GNU that can do this for you.


i wouldn't play with layer 7, my idea is using a layer 4 load bilancing
, i'm actually studying the lvs documentation, ipvs via nat use nat to
traslate the virtual service ip(the ip of the web bilancer) to one real
server ip, choosing the server by means of a given scheduling algoritm.
if the cookie's domain matches the virtual service ip when a browser
send it in a http header it will be forwarded and bilanced to the real
server thanks a lvs nat rule, it shouldn't be important what server
because the session information is shared by the servers.
could it run?


the unsolved problem is bilanced the https session, a session must use
the same server because there's an handshake for the simmetric key
exchange..


Pound does this I think, also look into source/dest hashing on the NAT
level.


thanks i will read about it.

how do you recognize a single https session from another https
session? the actual idea is not shape this traffic and dedicate one
server for the ssl traffic using port for the nat prerouting rule.


It's the NAT host that solves this through the socket (sourceip,destip,
sourceport,dstport) that makes what we know as a socket. The socket is
matched against the NAT table.


maybe using a right sized hash table i can force it passing to the same
real server but it depends about traffic volume.


regards

fusillo
.

Relevant Pages

  • Re: Attempt to de-mystify AJAX
    ... >>maintaining a session via URL is not a problem. ... >> around cookies and JS, but it seems to be tough. ... >> as needed back to the server. ... but as I mentioned before - a non-dynamic request by the browser can ...
    (comp.databases.pick)
  • Re: Client-Side Session Data
    ... token on the client, but does it keep the session *data* on the ... How Not To Use Cookies ... Userdata belongs on the server, ... Session time out and cookies, ...
    (comp.lang.php)
  • Re: Question about firesheep
    ... sends to the server or the data sent from the server to the browser? ... as the WISP server will be radiating these cookies ... "Session sidejacking, where the attacker uses packet sniffing ... This allows attackers that can ...
    (alt.computer.security)
  • progmatic Form post (HttpWebRequest / Response) sessions
    ... The big if for me is maintaining the session thoughout all this so the ... If the server maintains the sessionsI am uneasily predicting ... that session state will remain fine. ... If cookies are used I am a little sceptical on how to maintain state. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: web replication
    ... Session cookies relate to memory in the server, ... cookie, then yes it's a problem if one cannot be certain of which box ... , i'm actually studying the lvs documentation, ipvs via nat use nat to ...
    (comp.os.linux.networking)