Reply To: No ‘Sticky Sessions’ so shop carts, banking etc drop out

Home Page Forums Network Management ZeroShell No ‘Sticky Sessions’ so shop carts, banking etc drop out Reply To: No ‘Sticky Sessions’ so shop carts, banking etc drop out


DrmCa wrote:
After the NB patch was installed the issues started happening – specifically with one site using AJAX chat which must be validating the IP of the user logging in.
When round robin occurs, chat boots me out.

It has been a while since I went through all this. And Linux routing seems to have wheel within wheels within wheels so my recollection could be off.

That said, having connections “sticky” (subsequent TCP connections use the same gateway as previous ones with the same source and destination) is made possible because for new connections Linux looks in the routing cache before going through the IP rules which then specify a “routing policy database” which specifies the default route with a round robin setup in the case of multiple WAN interfaces. (For existing connections we have a bunch of logic in iptables to use tags to direct packets to the same interface the started on.)

So it sounds like your routing cache is being cleared. The way I checked this when creating/debugging the patch was to use the “ip route show cache” command at the bash prompt along with wc and/or grep to see when the cache was being cleared.

For example:

# ip route show cache | wc -l

When the number goes down, or if it stays very low, then something is reseting the cache. In the unmodified version of ZS and in early versions of my patch it was because a “ip rule set” operation was being performed to setup the routing for the pings that detect WAN link failures and that operation has the side effect of flushing the cache.

Anyway, log into the command line and use the above command to monitor the cache and see if it is being cleared and if the session issues you are experiencing are time wise correlated with when the cache is flushed. That will tell us if the problem is with the cache or elsewhere.