Load balancing : Load balancing among local servers : Distributing new sessions among your servers : Sessions : Specifying server-side session persistence
Specifying server-side session persistence
Not all sessions are based upon the IP layer or SSL/TLS layer. Some application layer protocols such as e-commerce web applications in HTTP may have sessions that, once established, should persist by packets being consistently routed to the same back-end server until the client session ends. In these cases, distributing packets based upon each server’s IP layer sessions would break the application layer session.
After the first packet from a client has been forwarded through the FortiADC appliance to a back-end server, some protocols require that subsequent packets also be forwarded to the same back-end server — or subnet — until a period of time passes or the client indicates that it has finished transmission.
For example, once a call is established, a SIP client would expect its session to continue until the call is finished. Distributing subsequent packets in a round-robin manner would interrupt the call. Therefore all packets would be routed to the same server as the first packet for the duration of the session.
To configure the session persistence method and session timeout that will be used by the appliance’s server-side connections, go to Server Load Balance > Resources > Persistence. To configure session persistence for an entire IP segment with multiple clients rather than a single source IP, configure the bit mask.
To configure re-encryption of traffic between the FortiADC and back-end servers, see the SSL option in “Defining your pool of back-end servers”.