Sessions enable web servers to identify requests coming from an authenticated user via a unique ID number included in every request made to the server. Session persistence makes sure the same web server handles web requests from a particular client, whether a human or service, throughout the client's entire session.
Session persistence is essential for modern web apps to function. If an authenticated session passes data to a web server other than the last server the user connected to, the second server won't know what to do with that data because it wasn't involved in the user's previous transaction.
Without session persistence, in situations involving several servers, each web request might be serviced by a different server -- and every time the request ends up on another server, the handshake process starts over.
Setting up session persistence in Azure Load Balancer
Microsoft Azure offers several tools for load balancing, including Azure Load Balancer. Azure Load Balancer works at the transport layer of the Open Systems Interconnection model and sits above the TCP/IP stack.
Azure Load Balancer can distribute requests across web servers, but cannot handle encrypted HTTPS traffic. This limitation makes Azure Application Gateway a much better option for encrypted load balancing. But for internal applications that use multiple pools of load-balanced services, Azure Load Balancer is a good option.
Comparing Azure Load Balancer distribution modes
- Hash-based (five tuple). This is the default setting for Azure Load Balancer and requires the least overhead because it routes any request to a healthy back-end node. No session persistence occurs; each session is treated as new.
- Client IP (two tuple). This setup creates a rule that ensures the same back-end server handles all traffic from the source IP -- or the visitor -- for the duration of the visit.
- Client IP and protocol (three tuple). This setup is similar to the previous mode, except it includes the protocol in addition to the client IP.
Each distribution hash is best at handling certain configurations, but it's advisable to select the default.
How to change session persistence settings in Azure Load Balancer
To change your session persistence settings, navigate to the load balancer page in the Azure Portal and select Load balancing rules in the Settings menu, as seen in Figure 1.
To edit session persistence settings, open the rule you want to change, scroll down to the Session persistence section, as shown in Figure 2, and select your preferred algorithm.
Click the Save button to enact the change.
Other load-balancing methods in Azure
In addition to Azure Load Balancer, Azure offers several other ways to perform load balancing, including Azure Traffic Manager, Azure Application Gateway and Azure Front Door. All these tools have some type of load balancing at their core, and each has a different best-use scenario.
One major difference between Azure Load Balancer and the other options is that Azure Load Balancer is only available within the region in which it's set up, whereas the other tools are global. The Azure documentation provides an overview of the differences among the various load-balancing choices.
When it comes to load balancing for internal, non-HTTPS traffic that requires session persistence, turning on session persistence in Azure Load Balancer is straightforward. However, for tasks requiring HTTPS and global availability, Azure Load Balancer might not be the best bet.