Previous Topic: Increase the Number of Sockets per Port

Next Topic: Increase the Request Timeout

Configure Dynamic Load Balancing or Failover

If the Web Agent works with multiple Policy Servers, configure dynamic load balancing to let the Web Agent distribute requests across all of the Policy Servers. Dynamic load balancing provides faster access to Policy Servers and therefore, more efficient user authentication and authorization.

Failover and load balancing considerations differ based on the type of Web server on which you install your Web Agents.

Failover/LoadBalancing for IIS or Sun Java Systems Web Agents

If you configure your environment for failover or load-balancing between Policy Servers, then the Web Agent opens the minimum number of sockets to each Policy Server at startup. Connections to a load-balanced Policy Server occur in the same way as connections to a single Policy Server, although fewer sockets may be opened to each Policy Server, since each is getting half of the total requests.

If configured for failover, and an error occurs between the Web Agent and the primary Policy Server, then connections to the failover Policy Server will be used. Failover occurs per service, so there may be active connections to both the primary and the failover Policy Servers at once. Once the primary Policy Server comes back up, the sockets opened to the failover server remain. All new sockets will be opened to the primary Policy Server. Failover is inherently part of load balancing; if one of the load balancing Policy Servers becomes unavailable, normal failover takes place.

Failover/LoadBalancing for Apache Web Agents

The Apache agent opens the same number of connections to all configured Policy Servers, whether or not failover has occurred. Since each child process has its own connection(s) to the Policy Server, failover occurs independently for each child. This can result in a 500 error for each socket as failover takes place. Once the primary Policy Server comes back up, the sockets opened to the failover server remain. All new sockets will be opened to the primary Policy Server. Failover is inherently part of load balancing; if one of the load balancing Policy Servers becomes unavailable, normal failover takes place.


Copyright © 2010 CA. All rights reserved. Email CA about this topic