This article applies to:
Question:
- We are thinking of putting our R3000s behind a load-balancer. There are a couple of different ways to set up the load balancer in regard to how to choose which filter to send traffic to, based on several parameters. Two of the parameters I'm concerned about are Persistence and LeastConnections. Which is best?
Reply:
First, let's define the two options.
Persistence : Keeps each connection to the same R3000 throughout the entire conversation. For example, if you were to go to CNN.com, all of your requests and replies would go to the same R3000.
LeastConnections : Distributes the connections to the R3000 with the least amount of current connections throughout the conversation. For example, if you were to go to CNN.com, all of your requests and replies would be distributed to multiple R3000s.
Which works best with the Trustwave R3000?
You should consider using LeastConnections. LeastConnections will offer the best balance across all devices. Because the R3000 inspects traffic at the packet level, splitting a single conversation across multiple R3000's does not impact performance.
Persistence can offer one benefit of easier troubleshooting, if the entire conversation stays with a single R3000. However, most browsers these days will use several TCP sessions to load a single page, so you will not realistically gain much benefit from this, anyway.