AW: Load Balancing and Session Timeouts
Connection Settings are only relevant for midtier -> ar-server connections. And indeed, there is no need to have any persistence on this type of connection. If this connection is also routed through a loadbalancer in front of your ar-servers, you can disable persistence there. But this will definitely not solve your problem. KR Conny Von: ARSList Im Auftrag von JD Hood Gesendet: Dienstag, 5. März 2019 17:19 An: ARSList Betreff: Re: Load Balancing and Session Timeouts If you are referencing the "Connection Settings" in the mid tier config, yes we have tried that (and it remains configured), but it did not help and the issue persists. The "Connection Lifespan" is set to 60 minutes and the "Connection Timeout" is 0 (which is infinite, correct?). Tomcat and Netscaler both are configured for 65 minute sessions. Question to all -- if the "Connection Settings" in the mid tier are configured, should we remove any session persistence settings form the Netscaler? Thanks, -JDHood On Tue, Mar 5, 2019 at 10:54 AM LJ LongWing mailto:lj.longw...@gmail.com>> wrote: JD, If you are on 9.x, you can configure Session Sharing (clustering) in your Mid-Tier containers, and then you wouldn't need sticky bits (persistence) On Tue, Mar 5, 2019 at 8:49 AM JD Hood mailto:hood...@gmail.com>> wrote: All, We have a simple load balancing arrangement between a Netscaler and two SSL Mid tiers (v18.08). End users are sporadically encountering session timeout errors when they would not be expected. Sometimes within a few minutes of connecting and in the midst of creating a new incident, they will get a session timeout error (arerr 9201) and they will have to refresh the page and re-authenticate. I've found the following BMC Support KB and shared it with the team: https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA21400d7ZtCAI Our netscaler resource advises that the cookie-based persistence option is not available when he is configuring load-balancing. I believe he is configuring persistence as IP based. Other than that, we can't identify any non-recommended configuration issues. I suspect that the cookie-based load balancer configuration is significant, but not being a LB expert, it's outside of my skillset and my most convincing argument at the moment is, "...because BMC Support recommends it..." Does anyone have any experience with a basic, simple Netscaler configuration to balance two SSL Mid tiers based on least number of connections (or any other strategy)? Or perhaps session timeouts are a known issue for other reasons that I have yet to stumble across? Thanks, -JDHood -- ARSList mailing list ARSList@arslist.org<mailto:ARSList@arslist.org> https://mailman.rrr.se/cgi/listinfo/arslist -- ARSList mailing list ARSList@arslist.org<mailto:ARSList@arslist.org> https://mailman.rrr.se/cgi/listinfo/arslist -- ARSList mailing list ARSList@arslist.org https://mailman.rrr.se/cgi/listinfo/arslist
Re: Load Balancing and Session Timeouts
If you are referencing the "Connection Settings" in the mid tier config, yes we have tried that (and it remains configured), but it did not help and the issue persists. The "Connection Lifespan" is set to 60 minutes and the "Connection Timeout" is 0 (which is infinite, correct?). Tomcat and Netscaler both are configured for 65 minute sessions. Question to all -- if the "Connection Settings" in the mid tier are configured, should we remove any session persistence settings form the Netscaler? Thanks, -JDHood On Tue, Mar 5, 2019 at 10:54 AM LJ LongWing wrote: > JD, > If you are on 9.x, you can configure Session Sharing (clustering) in your > Mid-Tier containers, and then you wouldn't need sticky bits (persistence) > > On Tue, Mar 5, 2019 at 8:49 AM JD Hood wrote: > >> All, >> >> We have a simple load balancing arrangement between a Netscaler and two >> SSL Mid tiers (v18.08). >> >> End users are sporadically encountering session timeout errors when they >> would not be expected. Sometimes within a few minutes of connecting and in >> the midst of creating a new incident, they will get a session timeout error >> (arerr 9201) and they will have to refresh the page and re-authenticate. >> >> I've found the following BMC Support KB and shared it with the team: >> >> https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA21400d7ZtCAI >> >> Our netscaler resource advises that the cookie-based persistence option >> is not available when he is configuring load-balancing. I believe he is >> configuring persistence as IP based. Other than that, we can't identify any >> non-recommended configuration issues. >> >> I suspect that the cookie-based load balancer configuration is >> significant, but not being a LB expert, it's outside of my skillset and my >> most convincing argument at the moment is, "...because BMC Support >> recommends it..." >> >> Does anyone have any experience with a basic, simple Netscaler >> configuration to balance two SSL Mid tiers based on least number of >> connections (or any other strategy)? >> >> Or perhaps session timeouts are a known issue for other reasons that I >> have yet to stumble across? >> >> Thanks, >> -JDHood >> >> >> -- >> ARSList mailing list >> ARSList@arslist.org >> https://mailman.rrr.se/cgi/listinfo/arslist >> > -- > ARSList mailing list > ARSList@arslist.org > https://mailman.rrr.se/cgi/listinfo/arslist > -- ARSList mailing list ARSList@arslist.org https://mailman.rrr.se/cgi/listinfo/arslist
AW: Load Balancing and Session Timeouts
Hi, don’t know if it’s a good idea to have a setup like this. From my point of view session sharing is used to provide some kind of high availability. We setup session sharing and had a config mistake regarding too short timeouts. This led to frequent session “hopping” between several midtier instances. This in turn corrupted the session information, because more than one midtier was updating the session data within a short timeframe, overwriting some critical things. I highly recommend to use Cookie based persistence. In our case we do not rely on loadbalancer features. We’re using apache httpd in reverse proxy configuration to accomplish this. The loadbalancer routes to at least two httpd instances. Httpd takes care of routing the request to the right midtier based on session cookie. KR Conny Von: ARSList Im Auftrag von LJ LongWing Gesendet: Dienstag, 5. März 2019 16:54 An: ARSList Betreff: Re: Load Balancing and Session Timeouts JD, If you are on 9.x, you can configure Session Sharing (clustering) in your Mid-Tier containers, and then you wouldn't need sticky bits (persistence) On Tue, Mar 5, 2019 at 8:49 AM JD Hood mailto:hood...@gmail.com>> wrote: All, We have a simple load balancing arrangement between a Netscaler and two SSL Mid tiers (v18.08). End users are sporadically encountering session timeout errors when they would not be expected. Sometimes within a few minutes of connecting and in the midst of creating a new incident, they will get a session timeout error (arerr 9201) and they will have to refresh the page and re-authenticate. I've found the following BMC Support KB and shared it with the team: https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA21400d7ZtCAI Our netscaler resource advises that the cookie-based persistence option is not available when he is configuring load-balancing. I believe he is configuring persistence as IP based. Other than that, we can't identify any non-recommended configuration issues. I suspect that the cookie-based load balancer configuration is significant, but not being a LB expert, it's outside of my skillset and my most convincing argument at the moment is, "...because BMC Support recommends it..." Does anyone have any experience with a basic, simple Netscaler configuration to balance two SSL Mid tiers based on least number of connections (or any other strategy)? Or perhaps session timeouts are a known issue for other reasons that I have yet to stumble across? Thanks, -JDHood -- ARSList mailing list ARSList@arslist.org<mailto:ARSList@arslist.org> https://mailman.rrr.se/cgi/listinfo/arslist -- ARSList mailing list ARSList@arslist.org https://mailman.rrr.se/cgi/listinfo/arslist
Re: Load Balancing and Session Timeouts
JD, If you are on 9.x, you can configure Session Sharing (clustering) in your Mid-Tier containers, and then you wouldn't need sticky bits (persistence) On Tue, Mar 5, 2019 at 8:49 AM JD Hood wrote: > All, > > We have a simple load balancing arrangement between a Netscaler and two > SSL Mid tiers (v18.08). > > End users are sporadically encountering session timeout errors when they > would not be expected. Sometimes within a few minutes of connecting and in > the midst of creating a new incident, they will get a session timeout error > (arerr 9201) and they will have to refresh the page and re-authenticate. > > I've found the following BMC Support KB and shared it with the team: > > https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA21400d7ZtCAI > > Our netscaler resource advises that the cookie-based persistence option is > not available when he is configuring load-balancing. I believe he is > configuring persistence as IP based. Other than that, we can't identify any > non-recommended configuration issues. > > I suspect that the cookie-based load balancer configuration is > significant, but not being a LB expert, it's outside of my skillset and my > most convincing argument at the moment is, "...because BMC Support > recommends it..." > > Does anyone have any experience with a basic, simple Netscaler > configuration to balance two SSL Mid tiers based on least number of > connections (or any other strategy)? > > Or perhaps session timeouts are a known issue for other reasons that I > have yet to stumble across? > > Thanks, > -JDHood > > > -- > ARSList mailing list > ARSList@arslist.org > https://mailman.rrr.se/cgi/listinfo/arslist > -- ARSList mailing list ARSList@arslist.org https://mailman.rrr.se/cgi/listinfo/arslist
Load Balancing and Session Timeouts
All, We have a simple load balancing arrangement between a Netscaler and two SSL Mid tiers (v18.08). End users are sporadically encountering session timeout errors when they would not be expected. Sometimes within a few minutes of connecting and in the midst of creating a new incident, they will get a session timeout error (arerr 9201) and they will have to refresh the page and re-authenticate. I've found the following BMC Support KB and shared it with the team: https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA21400d7ZtCAI Our netscaler resource advises that the cookie-based persistence option is not available when he is configuring load-balancing. I believe he is configuring persistence as IP based. Other than that, we can't identify any non-recommended configuration issues. I suspect that the cookie-based load balancer configuration is significant, but not being a LB expert, it's outside of my skillset and my most convincing argument at the moment is, "...because BMC Support recommends it..." Does anyone have any experience with a basic, simple Netscaler configuration to balance two SSL Mid tiers based on least number of connections (or any other strategy)? Or perhaps session timeouts are a known issue for other reasons that I have yet to stumble across? Thanks, -JDHood -- ARSList mailing list ARSList@arslist.org https://mailman.rrr.se/cgi/listinfo/arslist