Not all sessions are based upon the IP layer or SSL/TLS layer. Some application layer protocols such as e-commerce web applications in HTTP may have sessions that, once established, should persist by packets being consistently routed to the same back-end server until the client session ends. In these cases, distributing packets based upon each server’s IP layer sessions would break the application layer session.

After the first packet from a client has been forwarded through the FortiADC appliance to a back-end server, some protocols require that subsequent packets also be forwarded to the same back-end server — or subnet — until a period of time passes or the client indicates that it has finished transmission.

For example, once a call is established, a SIP client would expect its session to continue until the call is finished. Distributing subsequent packets in a round-robin manner would interrupt the call. Therefore all packets would be routed to the same server as the first packet for the duration of the session.