They would only get expired sessions if they don't reconnect to another server within a relatively short timeout (at least according to my original idea... I haven't looked at Camille's suggestion carefully enough to see if she meant that).
As I see it, the server that loses the client should propagate a close to the leader when the client disappears. The leader should note the time and prepare to expire that session. When the client reconnects somewhere, that connection should be propagated to the leader who should cancel the timeout and switch back to the long timeout accorded to heartbeats from the client. On Fri, Sep 10, 2010 at 1:01 PM, Benjamin Reed <br...@yahoo-inc.com> wrote: > the thing that worries me about this functionality in general is that > network anomalies can cause a whole raft of sessions to get expired in this > way. for example, you have 3 servers with load spread well; there is a > networking glitch that cause clients to abandon a server; suddenly 1/3 of > your clients will get expired sessions. > >
