Re: web replication



fusillo ha scritto:
ed ha scritto:

to enable the http session information i think about using a network
filesystem placed on backend and setting the mount point as a session
directory path (using the php session's configuration directive)
the cookies should not be a problem, should it?


Depends.

Session cookies relate to memory in the server, so if it's a session
cookie, then yes it's a problem if one cannot be certain of which box
the client is going to connect to in 5 mins time.




yes but it's this the reason to use a shared memory for the session
information. Get it by mounting the same nfs (placed phisically in the
backend) in the path used to save the session dictionary in every single
web server.


cookies resides in the client browser and forwarded to the server
based on domain name (the bilancer domain name).
to replicate the db i would use a simple master slave mysql
configuration.


This depends on your balancing device, some are full protocol proxies
which can do exactly as you ask. I think there's one called 'pound'
which is GNU that can do this for you.



i wouldn't play with layer 7, my idea is using a layer 4 load bilancing
, i'm actually studying the lvs documentation, ipvs via nat use nat to
traslate the virtual service ip(the ip of the web bilancer) to one real
server ip, choosing the server by means of a given scheduling algoritm.
if the cookie's domain matches the virtual service ip when a browser
send it in a http header it will be forwarded and bilanced to the real
server thanks a lvs nat rule, it shouldn't be important what server
because the session information is shared by the servers.
could it run?



i tested it playing with iptables using 2 host. nuvola is the web server
and nat for my pc desktop. yoda play as a fake balancer (in this example
it only redirects and forwawds to nuvola the http requests)

pc desktop (eth0 4.4.4.4) - (eth0 3.3.3.3) nuvola (eth1 2.2.2.2) -
internet - (eth0 1.1.1.1) yoda

nuvola> iptables -A FORWARD -i eth0 -o eth1 -s 4.4.4.4 -j ACCEPT
nuvola> iptables -t nat -A POSTROUTING -s 4.4.4.4 -j SNAT --to 2.2.2.2
#this rules nat pc desktop for Internet
nuvola> iptables -A INPUT -s 1.1.1.1 -p tcp --dport 80 -j ACCEPT
#this enables the web services for yoda
yoda> iptables -t nat -A PREROUTING -s 2.2.2.2 -d 1.1.1.1 -p tcp --dport
80 -j DNAT --to 2.2.2.2
yoda> iptables -A FORWARD -s 2.2.2.2 -d 2.2.2.2 -j ACCEPT
#this enables yoda to redirect the http request
yoda> iptables -t nat -A POSTROUTING -s 2.2.2.2 -d 2.2.2.2 -p tcp
--dport 80 -j SNAT --to 1.1.1.1
#this is becouse my desktop pc is natted by nuvola and i don't want
another pc for this game.

when the browser sends a request for url http://1.1.1.1/mysite, after
the packet's boomarang trip nuvola sends the session id in the http
header to the browser
(i've used the default value for the domain and path for the session's
cookie).
Checking the cookie values saved in pc desktop the domain is 1.1.1.1 and
path is /, this is funny becouse the Netscape's cookie reference states:
The default value of domain is the host name of the server which
generated the cookie response.

hower this enables the cookie in load balancing envirament based on nat
rules.





.



Relevant Pages

  • Chicken and egg issue with Cookie based login?
    ... I have few questions I hope someone can clear up for me with the cookie ... private web server. ... It also says this about the secret key: ... Second, would be an example of the "Session ID" or more general, what is an ...
    (comp.security.misc)
  • Re: web replication
    ... Session cookies relate to memory in the server, ... , i'm actually studying the lvs documentation, ipvs via nat use nat to ...
    (comp.os.linux.networking)
  • Re: tracking logins
    ... You might wonder how after the login is complete that the server can ... By TCP/IP session. ... The server sends a cookie at login time, ...
    (comp.lang.java.programmer)
  • Re: $_SESSION problem - page reload creates new Session ID
    ... > set on a page just viewed because there is a new session created ... As fas as the server is concerned all requests are independant. ... cookie back to the server. ...
    (comp.lang.php)
  • Re: ASP IIS Session Hell
    ... Sessions are maintained by cookies passed between the server and browser. ... If the server is not sending the session cookie, ... 3 sites off a common folder, ...
    (microsoft.public.inetserver.iis)