Say web server A server clock is set to PST, web server B server clock is set to EST, and the state server clock is set to PST. Does this matter? I know it's critical for AppFabric cluster servers to have clock alignment, but what about client web servers to the ASP.NET State Server?
Reviewing the documentation out there I'm not finding anything that confirms or denies this in the Microsoft recommended configuration. This would be something you could test quite easily with your configuration, but more than likely, the time on the state server is the one that will be used.
Related
There is an intranet based ASP.NET application that is deployed to a server (IIS) and a group of clients (about ten). The end user can then decide to either connect to the local application (deployed to their local machine) or the server version. I do not understand the reasoning for doing this. My question is: is this common practice?
yes, it is a common practice to verify the performance of the application. Each client will have their own settings and as per process, application should not break in any kind of environment. it is always beneficial to put a server version and a local version.
If the clients are laptops, and the application supports disconnected data sets and synchronization, it would make sense. Typically you'd see something like this when the client machines are taken off-network to be used at a remote work site.
I have 2 load balanced web servers. My application is using the SQL Server Session State database on SQL Server 2008.
The 2 web servers are identical in terms of IIS configuration, and if I understand correctly, the two web apps on the two servers will be mapped to the same app id in the ASPStateTempApplications table since they have the same IIS configuration. So, counting the number of sessions associated with this app Id (from the ASPStateTempSessions tabel) will result in the total count of sessions on the two web servers together.
My questions is:
Is there a way to know how many sessions are active on each server individually?
I have the problem that when I take one server out of the load balance, I want to know if there are still any active sessions on the server or not before recycling it.
Another scenario, if I have to recycle the IIS on one of the servers because another web app on the same server is crashing, I would like to know how many sessions will be affected when I do so.
Thanks.
Basically, they all may and actually SHOULD be active on both ) Because in this mode sessions are not bound to the web-servers at all.
You can stick each user to a single server with load-balancing techniques on your gateway and if so - better to use InProc mode with all its benefits )
Since the session data is stored in SQL Server, you shouldn't have to worry about how many sessions are active. Once the server is shutdown (or IIS is recycled, depending on the configuration), the load balancer will automatically send any new requests to the active IIS server. With the session data stored in SQL, the active server can retrieve the session data and the user will be unaware that any server switching has occured.
Ideally, you should test this procedure periodically to make sure everything is configured correctly. Also, you should follow this procedure when installing patches to the servers.
Am i correct that when using State Server traffic between my web site and the state server isn't encrypted? If it isn't, how can i secure it (SSL)?
The ASP.NET Session State server uses clear-text http-requests in a rest-like manner for communication. The actual protocol specification is publicly available at [MS-ASP]: ASP.NET State Server Protocol Specification.
I've never heard of anyone encrypting the state traffic, cant find any references for it, and nothing that states that it's even possible.
It's impossible for any of us to say whether the traffic between your web site and state server is encrypted or not.
At a high level, state server uses clear text for transferring the data. But this doesn't necessarily mean it's not encrypted.
However, depending on how your network is setup it might be encrypted at a lower layer by the operating system. Namely, if the machines are part of a domain the network administrator might have turned on the proper settings to force kerberos encryption between the machines.
Further, if you encrypt the data prior to putting it in "session" then it would obviously be encrypted.
If you are worried about internal threats then your network should be configured to encrypt all traffic between machines. (if you want to know how, go to serverfault.com).
The state server should be behind the firewall and not public, there should be no reason to encrypt the traffic. You would only want to make sure that the traffic is only able to go to and from the web tier to the state server via network layering.
Can a State server in ASP.Net be made fault tolerant? By that I mean is when one state server goes down, ASP.Net applications can switch to another state server.
I do not want to go to a Database based state management as that seems considerably slower than the State Server.
You need to configure two different servers in fail over cluster i.e. if one server goes down due to some issue, other server will get up. For details see:-
http://technet.microsoft.com/en-us/library/cc731844%28WS.10%29.aspx
When you configure your servers in fail over mode then a virtual IP is given to you which you will use as your state server's IP.
Also have a look at peer to peer state server as well:-
http://www.codeproject.com/KB/aspnet/p2pstateserver.aspx
This is a fairly basic question about state server but assume there are 2 servers behind a load balancer. How do I configure the session state server?
So, I have machine1 and machine2. I would assume that I would need to install the state server on 1 machine only and then use the internal IP to refer to that machine. Is this correct? As oppose too, I would not install state server on both machines.
In your scenario (and most webfarm scenarios), a single state server is right.
You could refer to it by the internal IP or setup a DNS entry for the IP on the internal network and refer to it using that.
Single state server is mad as you have no fault tolerance, if it does down its game over. You need a distibuted state server stored on both servers.