Hi, Le 04/01/2014 20:09, Lauri-Alo Adamson a écrit :
Are you tcpdumping the frontent traffic? If undestood correctly tcpdump displays encrypted traffic without necessary information about affinity
Yes it does. This will allow to check the SSL session id in each ClientHello/ServerHello message. From what I've read in the thread, I'm pretty sure your ID is changing all the time.
Oh btw, you didn't say which browser you were using (and the version).
< Are you sure your backend servers have an session cache enabled and working? Person who configred these apache server ensures that these things are working I will tried source ip based affinity/stickiness and all worked as expected (http://blog.exceliance.fr/2011/07/12/send-user-to-the-same-backend-for-both-http-and-https/)
Yes sticking on the source ip is a better idea (even if it is not perfect for all usages).
-- Cyril Bonté
