In my AWS account I currently have a network load balancer (TCP) pointing to two Ec2 instances over 2 Availability zones (web servers) which each have a tomcat running , this is pointed to one Ec2 instance which is the application server/database.
On the NLB, Sticky Sessions are enabled and so when I access the webservers from Chrome on a single tab everything works fine and all of my user traffic is sent to the single web server. When I open a new tab it seems that a new session is started and my user traffic can be sent to either webserver 1 or webserver 2. If it is sent to another web server, I am asked to log in again. The goal is to have all traffic for the user routed through one webserver.
Does anyone know why sticky sessions on the AWS Network Load Balancer is not working as expected? Alternatively I have misunderstood it.
From How Elastic Load Balancing works:
With Network Load Balancers, the load balancer node that receives the connection uses the following process:
Selects a target from the target group for the default rule using a flow hash algorithm. It bases the algorithm on:
- The protocol
- The source IP address and source port
- The destination IP address and destination port
- The TCP sequence number
Routes each individual TCP connection to a single target for the life of the connection. The TCP connections from a client have different source ports and sequence numbers, and can be routed to different targets.
I suspect that, when you open another tab, it might be sending traffic from a different port, causing the stickiness to fail. Frankly, I'm not sure how stickiness would work in Layer 4, since it cannot use cookies to remember stickiness. It certainly does not have the concept of a "user" because Layer 4 cannot use cookies, so there's no way to recognize the user again.