Shridhar Bhat wrote:
>
> Hi,
>
> We are trying to deploy multiple SSL-based servers
> in a cluster. We want to share the session cache of each
> of these servers so that connections from same client
> (with session id reuse) can be handled by any server in
> the same cluster. The scheme is simple:
> Each server maintains its local cache and also replicates
> the session in a central server. Whenver a request for
> session-id reuse comes in and the server doesn't find the
> id in its local cache, it refers to the central server.
>
> Would this scheme work and be worth implementing? What
> could be the possible bottlenecks in it?
>
> The most attractive benefit I see is that any server
> could go down without forcing its clients to renegotiate
> the session. Also, the load balancer need not bother
> about the 'sticky connections'.
>
> I would greatly appreciate any suggestions/comments on this.
Comment: the central store is a single point of failure.
Suggestion: Splash! (and, if you are using Apache-SSL, splashcache) -
this is a distributed masterless database designed for precisely this
kind of thing, with no single points of failure.
http://anoncvs.aldigital.co.uk/splash/
BTW, Apache-SSL's gcache mechanism already implements what you are
describing.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
